We (my student and I) just updated our Nubuilder Forte to latest version on SourceForge (March) and there seems to be a security-issue.
We have a form with image-upload, but since latest update a user without permission to the uploadprocedure can upload a image.
Is this the intention?
Thank you in advance for your response
Welcome to the nuBuilder Forums!
Join our community by registering and logging in.
As a member, you'll get access to exclusive forums, resources, and content available only to registered users.
Join our community by registering and logging in.
As a member, you'll get access to exclusive forums, resources, and content available only to registered users.
Upload without permission
-
kev1n
- nuBuilder Team
- Posts: 4565
- Joined: Sun Oct 14, 2018 6:43 pm
- Has thanked: 76 times
- Been thanked: 529 times
- Contact:
Re: Upload without permission
Thank you for pointing this out. The access management needs to be revised. At the moment, however, you can add a simple check in the UPLOAD function to see if the corresponding user has the permission.
-
Jannie
- Posts: 35
- Joined: Sat Jun 09, 2018 4:36 pm
- Location: Netherlands
- Has thanked: 6 times
- Been thanked: 1 time
- Contact:
Re: Upload without permission
Thank you for reply! We'll add a check or hide the uploadfield for our users
-
kev1n
- nuBuilder Team
- Posts: 4565
- Joined: Sun Oct 14, 2018 6:43 pm
- Has thanked: 76 times
- Been thanked: 529 times
- Contact: