View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0007196||mantisbt||security||public||2006-06-14 08:40||2006-06-14 09:02|
|Summary||0007196: access_denied() function should indicate the reason why access was denied|
access_denied() should take a parameter to a language token that indicates the reason why access was denied. This will assist in finding bugs or misconfigurations in access control.
In our installation a user has developer access to the site, but in a specific project they have administrative access, and when cling on the manage link, they get taken to an access denighed.
I can't tell if this is a misconfiguration or if it is a real issue.
exampe of a call:
currently in file_download.php
could be changed to
|Tags||No tags attached.|