Permalink
Browse files

Fixed logical bug for checking permissions

  • Loading branch information...
thorsten committed Mar 18, 2014
1 parent 2c6b011 commit 249d465b3c0a22b5445623c37e7eb7dd8d0f4fcb
Showing with 1 addition and 1 deletion.
  1. +1 −1 phpmyfaq/inc/PMF/Faq.php
View
@@ -3071,7 +3071,7 @@ protected function queryPermission($hasGroupSupport = false)
} else {
if (-1 !== $this->user) {
return sprintf(
"AND fdu.user_id = %d",
"AND ( fdu.user_id = %d OR fdu.user_id = -1 )",
$this->user
);
} else {

22 comments on commit 249d465

@JohnGiddi

This comment has been minimized.

Show comment
Hide comment
@JohnGiddi

JohnGiddi Mar 24, 2014

Hi Thorsten,
yes it helped.
Thank you!
BTW a nice and handy Application.
Recently I thought that without logging in users cant see any FAQ. But now I recognized that without logging in anonymus user can see the FAQs.
Ist this the standard concept or I am doing sth wrong?

Edit: after had logged off I have still access to the FAQs.

Thank You

Greetings
Andrew
(JohnGiddi)

JohnGiddi replied Mar 24, 2014

Hi Thorsten,
yes it helped.
Thank you!
BTW a nice and handy Application.
Recently I thought that without logging in users cant see any FAQ. But now I recognized that without logging in anonymus user can see the FAQs.
Ist this the standard concept or I am doing sth wrong?

Edit: after had logged off I have still access to the FAQs.

Thank You

Greetings
Andrew
(JohnGiddi)

@thorsten

This comment has been minimized.

Show comment
Hide comment
@thorsten

thorsten Mar 24, 2014

Owner

Yes, this is our way to do it. ;)

Owner

thorsten replied Mar 24, 2014

Yes, this is our way to do it. ;)

@JohnGiddi

This comment has been minimized.

Show comment
Hide comment
@JohnGiddi

JohnGiddi Mar 24, 2014

OK and THX

JohnGiddi replied Mar 24, 2014

OK and THX

@JohnGiddi

This comment has been minimized.

Show comment
Hide comment
@JohnGiddi

JohnGiddi Mar 24, 2014

Sorry Disturbing again.
I played a little around with logging in and access with no logging in. I am little puzzled. In some cases I get the login page and no further access as login page. In other cases I get through to Startig page and had all access to parse in Categories and FAQs.
What is the policy behind? Are sessions beeing stored for IPs after I once logged in?
What is the behaveour when I never logged in before?
Thank you for give attention to me.

Greetings

JohnGiddi

JohnGiddi replied Mar 24, 2014

Sorry Disturbing again.
I played a little around with logging in and access with no logging in. I am little puzzled. In some cases I get the login page and no further access as login page. In other cases I get through to Startig page and had all access to parse in Categories and FAQs.
What is the policy behind? Are sessions beeing stored for IPs after I once logged in?
What is the behaveour when I never logged in before?
Thank you for give attention to me.

Greetings

JohnGiddi

@thorsten

This comment has been minimized.

Show comment
Hide comment
@thorsten

thorsten Mar 25, 2014

Owner

It's using a session cookie to identify the user. If you login with the same credentials with a different browser, your first login will be invalid and you get logged out.

Owner

thorsten replied Mar 25, 2014

It's using a session cookie to identify the user. If you login with the same credentials with a different browser, your first login will be invalid and you get logged out.

@thorsten

This comment has been minimized.

Show comment
Hide comment
@thorsten

thorsten Mar 25, 2014

Owner

If you never got logged in, you're treated as user anonymous.

Owner

thorsten replied Mar 25, 2014

If you never got logged in, you're treated as user anonymous.

@JohnGiddi

This comment has been minimized.

Show comment
Hide comment
@JohnGiddi

JohnGiddi Mar 25, 2014

And last question: anonymous == nothing else then the login - screen?

JohnGiddi replied Mar 25, 2014

And last question: anonymous == nothing else then the login - screen?

@thorsten

This comment has been minimized.

Show comment
Hide comment
@thorsten

thorsten Mar 25, 2014

Owner

No, depends on how you configure your installation. It's just a fallback user in our system, you don't even see the user in the admin user management UI

Owner

thorsten replied Mar 25, 2014

No, depends on how you configure your installation. It's just a fallback user in our system, you don't even see the user in the admin user management UI

@JohnGiddi

This comment has been minimized.

Show comment
Hide comment
@JohnGiddi

JohnGiddi Mar 25, 2014

Let's try otherway arraound:

My target is, to let in only registrated users. Even reading present FAQ should not permitted when not registrated.
is there a way to keep out users who are not registrated ?
And howto do this?

JohnGiddi replied Mar 25, 2014

Let's try otherway arraound:

My target is, to let in only registrated users. Even reading present FAQ should not permitted when not registrated.
is there a way to keep out users who are not registrated ?
And howto do this?

@thorsten

This comment has been minimized.

Show comment
Hide comment
@thorsten

thorsten Mar 25, 2014

Owner

Use the option "Complete secured FAQ" under Security configuration in admin.

Owner

thorsten replied Mar 25, 2014

Use the option "Complete secured FAQ" under Security configuration in admin.

@JohnGiddi

This comment has been minimized.

Show comment
Hide comment
@JohnGiddi

JohnGiddi Mar 25, 2014

OK Thank you very much. I think that is it.
Again thank you for this great application!

JohnGiddi replied Mar 25, 2014

OK Thank you very much. I think that is it.
Again thank you for this great application!

@wremacle

This comment has been minimized.

Show comment
Hide comment
@wremacle

wremacle Mar 31, 2014

Got the same issue. This fixed the bug also on my side. Thanks!

wremacle replied Mar 31, 2014

Got the same issue. This fixed the bug also on my side. Thanks!

@Emma-li

This comment has been minimized.

Show comment
Hide comment
@Emma-li

Emma-li Apr 29, 2014

As an administrator,Why I don't have permission to the answer?

Emma-li replied Apr 29, 2014

As an administrator,Why I don't have permission to the answer?

@thorsten

This comment has been minimized.

Show comment
Hide comment
@thorsten

thorsten Apr 29, 2014

Owner

Please upgrade to 2.8.9

Owner

thorsten replied Apr 29, 2014

Please upgrade to 2.8.9

@Emma-li

This comment has been minimized.

Show comment
Hide comment
@Emma-li

Emma-li May 4, 2014

#1062 - Duplicate entry '-1' for key 'PRIMARY'

Emma-li replied May 4, 2014

#1062 - Duplicate entry '-1' for key 'PRIMARY'

@Emma-li

This comment has been minimized.

Show comment
Hide comment
@Emma-li

Emma-li May 4, 2014

#1062 - Duplicate entry '-1' for key 'PRIMARY' how to solve it?

Emma-li replied May 4, 2014

#1062 - Duplicate entry '-1' for key 'PRIMARY' how to solve it?

@thorsten

This comment has been minimized.

Show comment
Hide comment
@thorsten

thorsten May 4, 2014

Owner

What are you doing? If you upgrade from 2.8.8 to 2.8.9 you don't have to export and import the database, just run the update script. Please read our documentation: http://www.phpmyfaq.de/documentation.2.8.en.php#3.4

Owner

thorsten replied May 4, 2014

What are you doing? If you upgrade from 2.8.8 to 2.8.9 you don't have to export and import the database, just run the update script. Please read our documentation: http://www.phpmyfaq.de/documentation.2.8.en.php#3.4

@Emma-li

This comment has been minimized.

Show comment
Hide comment
@Emma-li

Emma-li May 6, 2014

I really don't know what the problem with the backup, can you help me?

Emma-li replied May 6, 2014

I really don't know what the problem with the backup, can you help me?

@Emma-li

This comment has been minimized.

Show comment
Hide comment
@Emma-li

Emma-li May 6, 2014

Backup/restore does not work.This means that we are unable to use PHPMYFAQ. But it is a very good faq system, we need it.

Emma-li replied May 6, 2014

Backup/restore does not work.This means that we are unable to use PHPMYFAQ. But it is a very good faq system, we need it.

@thorsten

This comment has been minimized.

Show comment
Hide comment
@thorsten

thorsten May 6, 2014

Owner

Well, if you would use our support forum instead of Twitter or Github it would easier to help you. You can e-mail me at thorsten AT phpmyfaq DOT de

Owner

thorsten replied May 6, 2014

Well, if you would use our support forum instead of Twitter or Github it would easier to help you. You can e-mail me at thorsten AT phpmyfaq DOT de

@Emma-li

This comment has been minimized.

Show comment
Hide comment
@Emma-li

Emma-li May 6, 2014

Emma-li replied May 6, 2014

@Emma-li

This comment has been minimized.

Show comment
Hide comment
@Emma-li

Emma-li May 6, 2014

I installed Wamp environment directly, and then copy PHPMYFAQ files to the directory C: / Wamp/WWW /, then in the browser enter http://localhost/phpmyfaq/index.php. Set up, you can run the foreground and background, whether this is the reason why I cannot use restore to upload data?

Emma-li replied May 6, 2014

I installed Wamp environment directly, and then copy PHPMYFAQ files to the directory C: / Wamp/WWW /, then in the browser enter http://localhost/phpmyfaq/index.php. Set up, you can run the foreground and background, whether this is the reason why I cannot use restore to upload data?

Please sign in to comment.