[Fixed] quick edit when not logged in

paulwratt

eoCMS Developer

Offline

Posts: 909

quick edit when not logged in
Posted on: 21st February, 2009, 06:30:13 AM

I am currently logged in on FF

I check posts on another browser (should not matter which one)
I am guest (cos I not log in on that one yet) but I can see "modify post, and can click it too, it works, but I will not post it, except this once Smile

(see layout issues)

note: quick edit not "fixed" for gecko engine (khtml) (the & problem)

edit: I will also test this from another machine I have on the network here (in case you are storing my router IP)

eoCMS Dev Blog

confuser eoCMS Developer Offline Posts: 1528	Re: new bug Posted on: 21st February, 2009, 07:57:28 AM Yes i think its because the IP Address stored by the post is the same as yours and because you are a guest you can still edit it, im going to see if i can stop it doing that for posts created by non-guests Please do not PM me requesting support or anything, use the forums, thats what they are here for

paulwratt eoCMS Developer Offline Posts: 909	Re: new bug Posted on: 21st February, 2009, 12:49:51 PM the other way is to set a cookie, if no cookie, no logged on, no problem eoCMS Dev Blog

paulwratt eoCMS Developer Offline Posts: 909	Re: new bug Posted on: 21st February, 2009, 12:53:57 PM as far as IP goes, any of these other network machines will actually supply a slightly different address, but only in X-FORWARD-FOR (you will need to check headers to see exactly which ones are set - I have an output page if you need one, checks three variable arrays) eoCMS Dev Blog

confuser

eoCMS Developer

Offline

Posts: 1528

Re: new bug
Posted on: 21st February, 2009, 01:13:17 PM

Well this is what i use for the IP Address

Code:

function visitor_ip() {
$ip=$_SERVER['REMOTE_ADDR']==$_SERVER['SERVER_ADDR'] && isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
return $ip;
}

Please do not PM me requesting support or anything, use the forums, thats what they are here for

paulwratt eoCMS Developer Offline Posts: 909	Re: new bug Posted on: 21st February, 2009, 02:03:01 PM do you have a db viewer, my X-FORWARD-FOR is 220.244.144.143 eoCMS Dev Blog

confuser eoCMS Developer Offline Posts: 1528	Re: new bug Posted on: 21st February, 2009, 02:04:43 PM what do you mean db viewer? Edit: Hope you dont mind, i changed the topic title to describe what the actual bug is Please do not PM me requesting support or anything, use the forums, thats what they are here for

paulwratt eoCMS Developer Offline Posts: 909	Re: quick edit when not logged in Posted on: 21st February, 2009, 03:07:53 PM can you view raw/actual db entries BTW, I logged out of FF, the started KHTML, guess what I could see on my posts (before I logged in) edit: yeah it works the other way too. do you clear the cookie when user logs out eoCMS Dev Blog

confuser eoCMS Developer Offline Posts: 1528	Re: quick edit when not logged in Posted on: 21st February, 2009, 03:08:46 PM The quick edit icon? Looking into that now Please do not PM me requesting support or anything, use the forums, thats what they are here for

paulwratt

eoCMS Developer

Offline

Posts: 909

Re: quick edit when not logged in
Posted on: 21st February, 2009, 05:41:42 PM

maybe (if not just by clearing it) need to rethink "we know your on key", maybe hash/md5 with logon time.

as long as there is not a check for the IP after logoff and cookie cleared, should be no problermo..

BTW this time when I logged off in FF, I did not get kicked in KHTML (were I'm still logged on) this is good, it should be per browser

eoCMS Dev Blog

confuser eoCMS Developer Offline Posts: 1528	Re: quick edit when not logged in Posted on: 21st February, 2009, 05:46:13 PM I think it would be more secure to MD5 the session_id stored in the Cookie but a PHPSESSID cookie gets created anyway which would kind of defy the purpose Please do not PM me requesting support or anything, use the forums, thats what they are here for

confuser eoCMS Developer Offline Posts: 1528	Re: quick edit when not logged in Posted on: 21st February, 2009, 05:50:59 PM Ok does it still do this now? Please do not PM me requesting support or anything, use the forums, thats what they are here for

paulwratt eoCMS Developer Offline Posts: 909	Re: quick edit when not logged in Posted on: 21st February, 2009, 10:06:48 PM nope sorry, still does it, and I shut the windows too, maybe I will try closing browser too (soon, not right now) eoCMS Dev Blog

confuser eoCMS Developer Offline Posts: 1528	Re: quick edit when not logged in Posted on: 22nd February, 2009, 04:48:21 AM How about now? I just tested it and i cant see either the quick edit nor the edit link when not logged in now Please do not PM me requesting support or anything, use the forums, thats what they are here for

TGPEG eoCMS Designer Offline Posts: 1290	Re: quick edit when not logged in Posted on: 22nd February, 2009, 05:27:28 AM I get the same thing as confuser Seen a bug? Report it!

paulwratt eoCMS Developer Offline Posts: 909	Re: quick edit when not logged in Posted on: 23rd February, 2009, 07:22:31 AM yep, I think this might be fixed now... eoCMS Dev Blog

TGPEG eoCMS Designer Offline Posts: 1290	Re: quick edit when not logged in Posted on: 23rd February, 2009, 07:23:55 AM OK I'll call it fixed and we can unlock it if necessary. Seen a bug? Report it!

Jump to:

Page 1 Of 1

Username:
Password:
Remember me??

[ Register ][ Forgot Password? ]