Forums / Setup & design / Anonymous User can edit all comments

Anonymous User can edit all comments

Author Message

Ekkehard Dörre

Friday 25 June 2004 5:15:01 am

Hi,
I use article comments with anonymous user can post and content approval by admin.
Problem: In role they need content create and edit.
So any anonymous visitor can edit all done comments from other visitors.
Any ideas, workaround?

Thanks, ekke

http://www.coolscreen.de - Over 40 years of certified eZ Publish know-how: http://www.cjw-network.com
CJW Newsletter: http://projects.ez.no/cjw_newsletter - http://cjw-network.com/en/ez-publ...w-newsletter-multi-channel-marketing

Ekkehard Dörre

Sunday 27 June 2004 3:12:04 am

I found this bug notice by Volker Lenz

http://ez.no/community/bug_reports/how_to_allow_simple_posting_for_anonymous_users_no_login_requirements

Is this hack the only workaround?

Greetings ekke

http://www.coolscreen.de - Over 40 years of certified eZ Publish know-how: http://www.cjw-network.com
CJW Newsletter: http://projects.ez.no/cjw_newsletter - http://cjw-network.com/en/ez-publ...w-newsletter-multi-channel-marketing

Ekkehard Dörre

Tuesday 29 June 2004 5:46:06 am

This hack works for 3.3.5 too,

Thanks to Volker, before it was a big security hole.

Greetings, ekke

http://www.coolscreen.de - Over 40 years of certified eZ Publish know-how: http://www.cjw-network.com
CJW Newsletter: http://projects.ez.no/cjw_newsletter - http://cjw-network.com/en/ez-publ...w-newsletter-multi-channel-marketing

Volker Lenz

Thursday 09 September 2004 8:03:46 am

BTW my hack works with ezp 3.4.x, too.
And I hope that this hack will soon become a part of the ez standard, because I really dislike copying-pasting my codepieces in frequently changing versions of ezcontentobject.php :-(