Hi there,

One of our users has complained of lots of error messages when uploading avatars. Upon investigation I have found that if a user uploads an image which exceeds the size limits and then clicks back to the avatar upload form then they will always get a "Sorry, you don't have the right to edit this user's info." error when they try to upload again.

Now, I have resolved this by changing the if statement in the edituser.php "avatarupload" section to call the XoopsSecurity.check function with false rather than the default true parameter, thus:

if (!$GLOBALS['xoopsSecurity']->check(false)) {

...

}

and it now works fine. I just wanted to check that this isn't going to leave a gaping hole. Anyone's thoughts would be very much appreciated.

Cheers,
Si