Security Patch
Submitted by Alex. on Wed, 06/18/2008 - 15:17.
| Project: | ProjectPier |
| Version: | 0.8.0.2 |
| Component: | Code |
| Category: | bug report |
| Priority: | critical |
| Assigned: | Unassigned |
| Status: | patch - code needs review |
Description
Hey,
I understand the reasoning behind the extra 'feature', but unless people know about it and fully understand the implications, then I'm classing this as a critical bug report :P .
This patch adds a few lines to
prepare_company_website_controller()Which checks if there is an active project, and if the user is able to view the project.
Once / if we get Mike's idea implemented we can change this, but for the mean time this is the best fix imo.
Alex
| Attachment | Size |
|---|---|
| security_20080618_r161.patch | 765 bytes |