Re: [SM-PLUGINS] Administration Plugin Not Working

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

On Dec 6, 2007 5:27 AM, Dan Mahoney, System Admin <da...@pr...> wrote:
> On Thu, 6 Dec 2007, Alan in Toronto wrote:
>
> > On Wed, December 5, 2007 7:30 pm, Dan Mahoney, System Admin wrote:
> >> Hey all,
> >>
> >> I am doing the administration plugin under 1.4.12 with the "admins" file.
> >>
> >> I log in with the user (testcase) and I see the Administration option in
> >> the options screen, but when I click it, I am returned to the options
> >> screen.
> >>
> >> Anyonw have any idea what could cause this?
> >
> > Have you used this plugin with previous versions of SM?
>
> Not as such, but a long time ago, before it was part of the SM-core
> plugins list.
>
> > Did you set appropriate
> > ownership and permissions on the admins?
>
> The file is readable by the webserver, if that's what you mean.
>
> prime# ls -al|grep admins
> -rw-r--r--   1 webmail  webmail     15 Dec  6 08:25 admins

As long as "webmail" is not the user that your web server runs as -
the web server should never have *write* permissions.

> > Did you ensure that there's a carriage
> > return (hit "Enter") after each address including the last one?
>
> Yes (I edited it with nano which would put one there anyway).  Also, I
> just added a second user to be sure.  Still same thing.
>
> Additionally, if I understand the code I've read (and I'm not sure I do),
> I shouldn't even see the link in my options if I'm not recognized as an
> admin.
>
> If anyone wants access to try this (shell/web) let me know.  I'm more than
> happy to help quash bugs.

I see the bug.  Here is the patch.  It has not been tested thoroughly,
so please let us know if it has any more problems.  Thanks for the
help.

svn diff auth.php
Index: auth.php
===================================================================

--- auth.php    (revision 12767)
+++ auth.php    (working copy)
@@ -31,7 +31,9 @@
     }

     /* This needs to be first, for all non_options pages */
-    if (defined('PAGE_NAME') && PAGE_NAME=='administrator_options') {
+    //if (!defined('PAGE_NAME') || strpos(PAGE_NAME, 'options') === FALSE) {
+    if (!defined('PAGE_NAME')
+     || (PAGE_NAME != 'administrator_options' && PAGE_NAME != 'options')) {
         $auth = FALSE;
     } else if (file_exists(SM_PATH . 'plugins/administrator/admins')) {
         $auths = file(SM_PATH . 'plugins/administrator/admins');


