29 Nov 13:02
admin can delete other admins lists patch
adrian15 <adrian15sgd <at> gmail.com>
2009-11-29 12:02:32 GMT
2009-11-29 12:02:32 GMT
If one admin have access to list page he can write an url like this: http://domain.com/lists/admin/?page=list&delete=4 Even if list with id=4 is not a property of the admin it gets deleted! Attached you will find a patch to solve this issue. As always whenever I have time I will open a mantis issue for this problem. adrian15 -- Support free software. Donate to Super Grub Disk. Apoya el software libre. Dona a Super Grub Disk. http://www.supergrubdisk.org/index.php?pid=10
diff -urN
svn_r1703_sin_punto_svn_improved_01_editlist_acceslist/phplist/public_html/lists/admin/list.php svn_r1703_sin_punto_svn_improved_02_list_delete_any_list/phplist/public_html/lists/admin/list.php
---
svn_r1703_sin_punto_svn_improved_01_editlist_acceslist/phplist/public_html/lists/admin/list.php 2009-11-29
11:27:41.000000000 +0100
+++
svn_r1703_sin_punto_svn_improved_02_list_delete_any_list/phplist/public_html/lists/admin/list.php 2009-11-29
13:01:51.000000000 +0100
@@ -11,12 +11,18 @@
if (isset($_GET['delete'])) {
$delete = sprintf('%d',$_GET['delete']);
+ print $GLOBALS['I18N']->get('Checking')." $delete ...\n";
+ $req = Sql_Query(sprintf("select * from %s where ((owner = %d) and (id =
%d))",$tables["list"],$_SESSION["logindetails"]["id"],$delete));
+ if (!Sql_Affected_Rows()) {
+ print '<p class="error">'.$GLOBALS['I18N']->get("You do not have enough permissions to delete this list.").'</p>';
+ } else {
# delete the index in delete
print $GLOBALS['I18N']->get('Deleting') . " $delete ..\n";
$result = Sql_Query_Params("delete from $tables[list] where id = ?", array($delete));
$result = Sql_Query_Params("delete from $tables[listuser] where listid = ?", array($delete));
$result = Sql_Query_Params("delete from $tables[listmessage] where listid = ?", array($delete));
print '..' . $GLOBALS['I18N']->get('Done') . "<br /><hr /><br />\n";
+ }
}
## quick DB fix
_______________________________________________ Phplist-developers mailing list Phplist-developers <at> tincan.co.uk http://mail.tincan.co.uk/mailman/listinfo/phplist-developers
RSS Feed