MAJOR SECURITY ISSUE!!!

This must be on my end

I tried changing the permissions from the Control panel for registered users and get the following message:

Fatal error: Call to unsupported or undefined function adslashes() in /usr/home/a0004317/html/coexboard/admin/usergroup.php on line 84

Then I tried changing any permission and cannot change any of them. Help

here's line 84 i think


echo doformfooter();

change 'adslashes()' to 'addslashes()'

Okay I did a search in usergroups.php and found adslashes instead of addslashes - I corrected it and no loger get the Fatal Error.

[b]HOWEVER[/b] - I still have the same problem of the permissions not being recognized. The ones in question are for Usergroup id#2 - Registered users.

The funny thing is all the other permissions work - except for the registered group - I didn't delete the original record in the database either.

Here's the config I would like to have:


Can View Board Yes
Can Search Yes
Can Use 'email to friend' feature Yes
Can Post New Threads Yes
Can Reply Yes
Can Do Admin Edits
(this includes editing any post, editing thread title and notes, opening and closing any thread) No
Can Can Edit Own Posts Yes
Can Delete Own Posts and Threads Yes
Can Open / Close own threads Yes
Can Move threads to other forums No
Can Access Control Panel No


Unfortunately - these 2 options:

[b]Can Delete Own Posts and Threads Yes
Can Open / Close own threads Yes[/b]

don't seem to be recognized even when I input the changes correctly and the control panel now accepts them.

Selecting Open/Close or Delete from the admin showthreds.php menu simply asks for a user id and password and lets anyone in.

They work when I change the options to NO but not YES. The funny thing is - every other permission in the menu works BUT those 2. Help Please.

[Edited by rjav8r on 05-27-2000 at 10:39 PM]

Just thought I'd mention also - I can do the same thing on the admin demo on this site as a regular user.

A temp fix for this is to turn of the ability to allow users to edit messages.

-Brian