I'm currently having a major problem after upgrading to 1.9.5 from 1.8. Apparently, now all users can post to all the blogs, whether they are marked public or not. I ran the various database upgrade scripts, but it doesn't seem to have an effect. Users can post to whatever blogs they want by using the blog pull-down menu in the blog posting/editing screen.
If the user clicks "list blogs," there are no options shown to post to the unauthorized blogs. This seems to be a problem with the "blog" dropdown bar in tiki-blog_post.php. Somehow it's bypassing the check and letting users post in whatever blogs they want...
This bug was fixed by sylvieg with commit 13736 (2008-07-18 21:56:10) in trunk branch which will be the future 3.0 release of Tikiwiki.
I did a backport of the fix to 2.0 branch. If you have this problem you can:
To help developers solve the bug, we kindly request that you demonstrate your bug on a show2.tiki.org instance. To start, simply select a version and click on "Create show2.tiki.org instance". Once the instance is ready (in a minute or two), as indicated in the status window below, you can then access that instance, login (the initial admin username/password is "admin") and configure the Tiki to demonstrate your bug. Priority will be given to bugs that have been demonstrated on show2.tiki.org.
To help developers solve the bug, we kindly request that you demonstrate your bug on a show.tikiwiki.org instance. To start, simply select a version and click on "Create show.tikiwiki.org instance". Once the instance is ready (in a minute or two), as indicated in the status window below, you can then access that instance, login (the initial admin username/password is "admin") and configure the Tiki to demonstrate your bug. Priority will be given to bugs that have been demonstrated on show.tikiwiki.org.
filename | created | hits | comment | version | filetype | ||
---|---|---|---|---|---|---|---|
No attachments for this item |