[416] - search gedcoms req login on multi-gedcom site
Brought to you by:
canajun2eh,
yalnifj
Menu
▾
▴
#2426 [416] - search gedcoms req login on multi-gedcom site
If you have a multi-gedcom site, with some gedcoms open to the public (ie normal) and some that you've set to "Require visitor authentication" believing that "Enabling this option will force all visitors to login before they can view any data on the site" as it says in the help text ...
then if you bring up the general search page from one of the "open" gedcoms, you can enter search terms, select the gedcom that otherwise requires authentication, and bring up lots of data from that gedcom. eg search for "sex" brings up all the INDIs, search for "marr" brings up all the families. As you now can see all the I and F numbers you can now search for things like "FAMC @FAM99" and see which INDIs belong to which family.
The biggest danger is that you might have set up this "requires visitor authentication" gedcom believing that it requires a login before showing any data ... and then not set up any privacy, eg show living names.
The workaround is to go the Privacy setup for that gedcom and make everything at least the "show only to authenticated users" level. eg show living names, show dead people, show sources.
Mark
Probably a good fix would be to force privacy on all facts if the gedcom is set to registered only. It >should< be obvious that you should set privacy to match the registered setting, but I can see why someone would think it was unnecessary.
Hello ALL -
Adding to this request because I am experiencing a similar problem - with a twist. I have two GEDs on my site that I wish to use as described above. I am using the US Presidents GED (from the developer's wiki) as a "Public" one and it is set as the Default in the site Config. However, when an un-authenticated user gets to the site and searches for an odd name like Roland (there is an entry in the PresGED) they can also see myself and 2 other members (along with family relationships) in my "Private" FamilyGED. While the "living persons" records are marked as Private when clicked on and no further access is allowed without a new Search, too much info I would consider Private has already been shown. (ps. A similar sequence of events would happen if you switch from the Public to the Family GED on the Welcome page before logging in and then choosing a Common Surname listed before the Search).
The only way I have found to prevent this is to turn off GED Switching, but then my Users would have to pass the FamilyGED in the URL to login. I do not remeber this being the case with v 4.0.2 where I also had 2 Geds - one Public (open) and one Private (Users only). I do remember having to test settings in Config many times to get it to work like we desire here. Unfortunately, this current install is on a brand new host and this was not an upgraded install. All prior settings were left on the old server. (I did FTP the files down to my local machine though if you could direct me where to look if it helps in solving this problem.)
It has been a while since this was first addressed. What is the status of a fix for this issue?
Hello again-
Replying back with additional details on this issue. After turning Switch GEDcoms back on, it appears that this situation still occurs only if the PublicGED has Require Visitor Login = NO. When set to YES, only the "blank" LOGIN page is presented for either GED and no searching of any kind is allowed. No private data is shown at any time.
Again, for clarity - I would wish to use the Public GED for display purposes on the default URL, with the ability to search this GED ( ONLY )! Of course, access to data in the PrivateGED would require login.
Considering PGV prides itself on confidentiality of user data, I look forward to a review of the code which allows this (slight) security breach when these GED configuration settings vary.