admin page open public while editing

Found a bug? Tell us!!
Post Reply
patriciasterling
Posts: 1
Joined: Fri Sep 05, 2008 10:08 pm

admin page open public while editing

Post by patriciasterling »

This is a new VERY DANGEROUS bug. Once the serendipity admin panel is opened, it places and "edit" hot link somewhere on the website or blog. In the case of the blog I'm using it's on the right nav where the plug-ins appear. This "edit" link is hot and live to all viewers of the site. If they click the link they have immediate access to the currently open admin panel. The have all admin rights!!!! Please fix this asap as I cannot add to or modify my blog until this is fixed. email me if you want a demo.
Mangek
Regular
Posts: 85
Joined: Tue Jun 24, 2008 1:08 am
Location: Sweden
Contact:

Post by Mangek »

I believe that's because you're 'logged in' (so that you don't have to log in every time you wanna change or add something), and a cookie or session (or both) is the reason.

If you view your site in another browser, or if you can view with tabs, open your site but don't put the www. in front if you had it on the first, or put www. in front, if you didn't on the first (this will load a different set of your page, different cookies and such forth) and you will see that the link is only visible where you are logged in.

No need to worry. :)
Don Chambers
Regular
Posts: 3652
Joined: Mon Feb 13, 2006 2:40 am
Location: Chicago, IL, USA
Contact:

Post by Don Chambers »

In 1.4 beta, a new option has been added to all sidebar items allowing configuration for each plugin/sidebar item. Only logged in users with sufficient rights see those links - regular visitors to your site do not.
=Don=
Post Reply