WebsiteBaker Community Forum

General Community => Global WebsiteBaker 2.8.x discussion => Topic started by: pcwacht on August 29, 2011, 09:25:12 PM

Title: WB282 Bug?
Post by: pcwacht on August 29, 2011, 09:25:12 PM

using wb282 inluding fixes, using wb_theme in backend.

to recreate:
1 - create usergroup
2 - save
3 - modify usergroup
4 - click advanced options - error will show:

Quote

Notice: Undefined variable: admin in E:\xampp-nw\htdocs\wb282fixed\admin\groups\groups.php on line 190

Error doesn't show when clicking advanced options during creation, only during modifying existing group.

Logical error, the variable $action is NOT set in theme/groups_form.htt

The test: /admin/groups/groups.php -> line 25
// Set parameter 'action' as alternative to javascript mechanism

Code: [Select]

$action = (isset($_POST['modify']) ? 'modify' : $action );
$action = (isset($_POST['delete']) ? 'delete' : $action );

The form: /templates/wb_theme/templates/groups_form.htt -> line 283

Code: [Select]

<form name="advanced" action="{ADVANCED_ACTION}" method="post">
        <input type="hidden" name="group_id" value="{GROUP_ID}" />
        <input type="hidden" name="action" value="modify" />
{FTAN}
        <input type="submit" name="advanced" onclick="window.location = '{ADVANCED_LINK}';" value="{ADVANCED_BUTTON}" />
    </form>

Solution:
1 - add line to groups.php,
$action = (isset($_POST['action']) ? 'modify' : $action );

2 - change the backend templates (all of them!) templates/groups_form.htt
from: <input type="hidden" name="action" value="modify" />
to: <input type="hidden" name="modify" value="modify" />

But solutions didn't work, they'll end up in Security Offense Access Denied messages.

There is another error,

Code: [Select]

$template->set_var( array(
'ACTION_URL' => ADMIN_URL.'/groups/save.php',
'SUBMIT_TITLE' => $TEXT['SAVE'],
'GROUP_ID' => $group['group_id'],
'GROUP_NAME' => $group['name'],
'ADVANCED_ACTION' => 'groups.php',
'FTAN' => $admin->getFTAN()
));
should be:

Code: [Select]

$template->set_var( array(
'ACTION_URL' => ADMIN_URL.'/groups/save.php',
'SUBMIT_TITLE' => $TEXT['SAVE'],
'GROUP_ID' => $admin->getIDKEY($group['group_id']),
'GROUP_NAME' => $group['name'],
'ADVANCED_ACTION' => 'groups.php',
'FTAN' => $admin->getFTAN()
));
Notice the missing GetIDKEY on the groups_id.


Now it works.

John

Title: Re: WB282 Bug?
Post by: ruebenwurzel on August 29, 2011, 09:47:11 PM

Hello John,

did you try the actually SVN 1506. This should already be fixed in this version and also a nice feature with deleting users is included.

Matthias

Title: Re: WB282 Bug?
Post by: pcwacht on August 30, 2011, 12:30:22 PM

Didn't try the SVN, and indeed I totally forgot to have a look there.

If it is known, no probs.

John

Title: Re: WB282 Bug?
Post by: Argos on September 01, 2011, 12:10:55 PM

This should be fixed in the official downloads as well. I installed fresh one yesterday and it has this bug. Luckily I found this thread and a fix looks to be available. So let's try that. But this is a major bug and you can't expect regular users to use SVN versions.

Title: Re: WB282 Bug?
Post by: Argos on September 01, 2011, 12:38:05 PM

Actually, I don't understand this SVN thing myself. How can I download the changed files from rev 1480 until now?

Title: Re: WB282 Bug?
Post by: DarkViper on September 01, 2011, 01:25:49 PM

we're working on to publish the next fix-packet.
be patient for some hours please.

Title: Re: WB282 Bug?
Post by: Argos on September 01, 2011, 01:40:18 PM

Great, thanks!

Title: Re: WB282 Bug?
Post by: Vincent on September 01, 2011, 07:38:51 PM

Looks like the fix-packet didn't solve this problem.... :|