| Previous topic :: Next topic |
| Author |
Message |
thecloud75
Joined: 24 Feb 2007
Posts: 10
|
| Posted: Sat Feb 24, 2007 1:58 pm Post subject: Another little security issue |
|
|
If you disable a user (that is, you don't delete him but just set it inactive), it can still work with the thuderbird plugin - that is - working with the SOAP webservice to access/modify data.
Just modify the create_session with:
Code: if($objuser->is_authenticated()) {
$return_access = 'success';
$log->debug("Logged in sucessfully");
} else {
$return_access = 'failure';
$log->debug("Logged in failure");
} |
|
| Back to top |
|
Balduin
Joined: 18 May 2005
Posts: 1733
Location: Berlin
|
| Posted: Sat Feb 24, 2007 2:05 pm Post subject: Another little security issue |
|
|
| moved to the bugtracker, see http://vtiger.fosslabs.com/cgi-bin/trac.cgi/ticket/3084 |
|
| Back to top |
|
rola
Joined: 07 Jan 2008
Posts: 3
|
| Posted: Tue Jan 08, 2008 7:09 am Post subject: Re: Another little security issue |
|
|
| thecloud75,Thanks your code so much. |
|
| Back to top |
|
| |
