1
Hi there,
One of our users has complained of lots of error messages when uploading avatars. Upon investigation I have found that if a user uploads an image which exceeds the size limits and then clicks back to the avatar upload form then they will always get a "Sorry, you don't have the right to edit this user's info." error when they try to upload again.
Now, I have resolved this by changing the if statement in the edituser.php "avatarupload" section to call the XoopsSecurity.check function with false rather than the default true parameter, thus:
if (!$GLOBALS['xoopsSecurity']->check(false)) {
...
}
and it now works fine. I just wanted to check that this isn't going to leave a gaping hole. Anyone's thoughts would be very much appreciated.
Cheers,
Si