Dec 04, 2008, 12:41 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
Search via SMF or Google: modx forums all of modxcms.com web
  MODxCMS.com   Forums   Help Login Register  
News:Read what MODx Developers say: MODx Dev. Blogs
MODx Community Forums » Add-ons, Extensions & Elements » Creating & Repurposing Content » Ditto (Moderators: Mark, PaulGregory» [Fixed] Ditto RSS and Web Groups
Pages: [1]   Go Down
« Previous topic Next topic »
  Print  
Author Topic: [Fixed] Ditto RSS and Web Groups  (Read 3379 times)
0 Members and 1 Guest are viewing this topic.
jlivingston
Full Member
***
Posts: 117



WWW
« on: Jul 04, 2006, 04:57 PM »
Does Ditto rss not respect web groups?  I created a page that was for my eyes only, and did several verifications to make sure it wasn't showing up for the public.  It wasn't showing up in any web pages or menus unless you were logged in with the proper credentials.  Later, however, I discovered that it was showing up in my rss feed.  Is this a bug, or am I missing something?

Thanks.
« Last Edit: Jul 04, 2006, 05:04 PM by jlivingston » Logged
Tilted Symmetry
jlivingston
Full Member
***
Posts: 117



WWW
« Reply #1 on: Jul 04, 2006, 09:15 PM »
I've located at least one place in the ditto class that allows secured documents to get through to public results.  It's in the GetAllSubDocs method.  This is one of two ways that the ditto class obtains documents.  The other way is secure because it uses methods from modx's DocumentParser class, which are already set up to check permissions on documents.

I'm attaching a proposed revised version of the ditto class.  The only thing that I changed was the db query in the GetAllSubDocs method.  Look it over and let me know what you think.  This should solve the problem.

I'll post this to the bug tracker as well.
* ditto.class.inc.txt (26.24 KB - downloaded 297 times.)
« Last Edit: Jul 04, 2006, 09:56 PM by jlivingston » Logged
Tilted Symmetry
rthrash
Foundation
*
Posts: 9,575



WWW
« Reply #2 on: Jul 05, 2006, 08:49 AM »
Thanks... and great find.
Logged
MODx is a framework that allows web professionals to turn over sites to end-users for daily maintenance without worrying. Community participation and questions are encouraged, especially when you help us help you, read the wiki, and review snippet parameters – even if you have to look at the source. Searching the forums helps, too.
Ryan Thrash
MODx Co-Founder
Principal @ Collabpad
work productively.
work intelligently.
work together.
Mark
Moderator
*
Posts: 3,247


Ditto Developer


WWW
« Reply #3 on: Jul 05, 2006, 12:22 PM »
Thank you for uncovering this issue. I will make sure this gets repaired in the next release.
Logged
jlivingston
Full Member
***
Posts: 117



WWW
« Reply #4 on: Jul 06, 2006, 10:41 AM »
No problem.  Thanks for being so receptive.  Smiley
Logged
Tilted Symmetry
Mark
Moderator
*
Posts: 3,247


Ditto Developer


WWW
« Reply #5 on: Jul 23, 2006, 08:16 PM »
Fixed in 1.0.2
Logged
Pages: [1]   Go Up
  Print  
« Previous topic Next topic »
 
Jump to:  

Powered by MySQL Powered by PHP

Copyright © 2005-2008 MODxCMS, All rights reserved. Contact Us
Styles by ziworks.com

Powered by SMF 1.1.4 | SMF © 2005, Simple Machines LLC

Valid XHTML 1.0! Valid CSS!