|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
 Posted - 22 March 2003 : 07:48:19
|
In relation to this topic I've checked these two functions and found that the combination between chkForumAccess/isAllowedMember function doesn't work as it should and that results in the situation described by the user.
chkForumAccess and isAllowedMember both consider two different situations: access verification of the current logged in member and access verification for a member different from the one who is logged in.
As far as I could see, verification for the current logged in member works as it should, which means it that chkForumAccess uses the mlev value to determine if the user being checked is an admin and if he is, he obviously has access to the forum and returns true (though isAllowedMember, working per se, wouldn't return a proper value for an admin, which means it can only be used with chkForumAccess).
Now if the user being verified is not the logged in user (as it happens when verifying subscriptions), chForumAccess delegates the task of forum access determination to isAllowedMember which, in turn, uses OldisAllowedMember to do the verification of a non logged in member. OldisAllowedMember, however, does not check the member's mlev before deciding wether it should return a value indicating the user has access or not. This means that if the user is an admin, the function still returns a value indicating that it has no access to the forum, causing the situation described in the user's post above.
Shouldn't this be corrected? |
Snitz 3.4 Readme | Like the support? Support Snitz too |
Edited by - ruirib on 22 March 2003 07:52:41 |
|
Topic Locked
