We (my student and I) just updated our Nubuilder Forte to latest version on SourceForge (March) and there seems to be a security-issue.
We have a form with image-upload, but since latest update a user without permission to the uploadprocedure can upload a image.
Is this the intention?
Thank you in advance for your response
Welcome to the nuBuilder Forums!
Register and log in to access exclusive forums and content available only to registered users.
Register and log in to access exclusive forums and content available only to registered users.
Upload without permission
-
kev1n
- nuBuilder Team
- Posts: 4292
- Joined: Sun Oct 14, 2018 6:43 pm
- Has thanked: 71 times
- Been thanked: 444 times
- Contact:
Re: Upload without permission
Thank you for pointing this out. The access management needs to be revised. At the moment, however, you can add a simple check in the UPLOAD function to see if the corresponding user has the permission.
-
Jannie
- Posts: 33
- Joined: Sat Jun 09, 2018 4:36 pm
- Location: Netherlands
- Has thanked: 4 times
- Been thanked: 1 time
- Contact:
Re: Upload without permission
Thank you for reply! We'll add a check or hide the uploadfield for our users
-
kev1n
- nuBuilder Team
- Posts: 4292
- Joined: Sun Oct 14, 2018 6:43 pm
- Has thanked: 71 times
- Been thanked: 444 times
- Contact: