MantisBT: master-1.2.x f0049266

Diff Back to Repository
Author Committer Branch Timestamp Parent
dhx master-1.2.x 2009-06-25 14:19 master-1.2.x f198b1ce
Affected Issues  0010264: Can't successfully add and log on new accounts
 0010265: Bug view advanced page spacing bug when no versions defined for project
 0010626: Improve documentation relating to anonymous user accounts
Changeset

Anonymous accounts: fixes and doc updates

Updated documentation of configuration options relating to anonymous
access to Mantis. Fixes 0010626.

Added new user_is_anonymous function to the user API. The purpose of
this function is to check if the current user is the anonymous user
account.

Changes user_is_protected function in the user API to always return true
when the user is the anonymous user account. The anonymous user should
never be allowed to update the preferences and settings on the anonymous
account! Fixes 0010265.

Fixed a major security bug in account_prefs_reset.php that allowed
anyone to reset the account preferences of another person. Fixes 0010264.
mod - core/user_api.php Diff File
mod - core/authentication_api.php Diff File
mod - account_manage_columns_page.php Diff File
mod - core/access_api.php Diff File
mod - docbook/adminguide/en/configuration.sgml Diff File
mod - docbook/adminguide/en/user_management.sgml Diff File
mod - account_prefs_reset.php Diff File
mod - config_defaults_inc.php Diff File
mod - core/current_user_api.php Diff File
mod - account_prefs_update.php Diff File
mod - core/rss_api.php Diff File