Text only | Text with Images

ElkArte Community

Elk Development => Bug Reports => Topic started by: Flavio93Zena on July 03, 2015, 01:00:11 pm

Title: Admin security check even if not admin
Post by: Flavio93Zena on July 03, 2015, 01:00:11 pm
I am trying to find everything I can both to make you mad and to help you, sorry if you see any errors caused by me in the logs.

Besides, when trying to access action=admin it asks me for the password twice, which is of course the double check when trying to access the admin section. It shouldn't be asking it in the first place as I'm not admin.
Title: Re: 2 issues with admin area
Post by: Burke Knight on July 03, 2015, 01:02:10 pm
The back button, you say, does not take you back...
Well, how about telling us, where it does take you?
Title: Re: Admin security check even if not admin
Post by: Flavio93Zena on July 03, 2015, 01:03:13 pm
Quote from: Burke Knight – The back button, you say, does not take you back...
Well, how about telling us, where it does take you?
Nowhere. It refreshes the page. I am opening another topic because it happens not only with the action=admin but also action=moderate and I have the feeling it happens all over the place.
Title: Re: Admin security check even if not admin
Post by: emanuele on July 03, 2015, 02:25:30 pm
To be considered.
I think there are no security implications in exchanging the checks, but better have a second look.
Title: Re: Admin security check even if not admin
Post by: Flavio93Zena on July 03, 2015, 02:43:29 pm
Yeah I think that if you just switch the order it's going to be fine :)
Title: Re: Admin security check even if not admin
Post by: Flavio93Zena on July 22, 2015, 12:33:05 pm
@emanuele bump ;)
Text only | Text with Images