Any player can do anything with the alliance forum

[velhbxtyrj]

I have a forum, I posted a link to the public part of the forum. Anyone who comes by this link can both edit the subject of the message, and has full access to what would be secure to unfasten, delete. In short total chaos :)

[RevertIT]

Jesus christ. Just tested thisnout hopefuly no one knows about this on my server

[martinambrus]

Once again, I'm not sure how to replicate this. I guess it'll be better with pictures this time around, if you can please. I tried to create public forum, opened it with another account from different alliance, then another one of the same alliance, no edit/delete... buttons present there.

[velhbxtyrj]

How much I correctly understood as it occurs. That if you turn on the form of editing forums, it becomes available to everyone on the server.

These images are made by a player who does not have an alliance at all.

I understand that the form of editing must be made visible to those who have such access rights.

[martinambrus]

Ah, that suck balls :-D Maybe the programmer who created this was smoking weed or something at that time... anyways, I'm on fixing this now :-P

[velhbxtyrj]

Sorry that immediately did not describe it properly :P

[martinambrus]

OK, this should do it...

[velhbxtyrj]

It seems everything works now correctly.

Anyone can create themes? Or it is also better to give access only to those who have the right to do so.

[martinambrus]

Anyone can create them. Just like original Travian.

[velhbxtyrj]

And here, too, I have a problem. On the local server, everything works the same as on your hosting. But on my hosting it does not want to work.

the operating system & version: Linux server PHP version on the server: 7.0 MySQL / MariaDB version on the server: 10.1.24 MariaDB

What kind of disagreement I have with these my two servers, some things do not want to work either or on the one or on the second ((

[martinambrus]

How do you update your hosting? Do you FTP and rewrite everything there, or did you "git clone" the project there and you're using "git pull" to actually pull updates there?

[velhbxtyrj]

I use FTP and rewrite everything there.

[martinambrus]

Well, unless somebody else reports this and it's reasonably reproducible everywhere, I'm afraid I cannot be of much more help here.

[velhbxtyrj]

I apologize for that. But having tested this for a long time. It does not work anywhere (((You still have this problem on the server .. Unless, of course, you have not already replaced the code, although in some cases this works.) Which ones I'm not ready to say yet. it behaves very strange.

[martinambrus]

I've not updated the code for a while now, so I'm not sure the code is there. You should only be able to see full edit/delete/lock... icons when you're the actual owner of the alliance. In all other cases, you should only be able to edit and delete your own posts, and possibly topics etc., not anyone else's.

[velhbxtyrj]

I know how it works. But after you fixed it. On your server, everything seems to work as it should. But today, having tested all this more diligently, I noticed that everything remained the same. I can not understand how this happens. And because of what happens. But it still does not work as it should. I thought that this is only on my hosting this problem. But no. This is also the case with the local server, and on your server. The code is new.

[martinambrus]

Okay, if you can actually write down some scenarios where you try it and it works, and then others where it doesn't I will be able to reproduce it and fix it properly then.

[martinambrus]

Feel free to capture a video if you don't want to type a lot of text as well :)

[velhbxtyrj]

It's not that I do not want to write a lot of text. I just do not understand in what cases it does not want to work that would really describe the problem (((( Give me a couple of minutes and I'll record the video.

[velhbxtyrj]

I got it!! If the player is not in the alliance, he has access to editing. If the player is the owner of the alliance, he also has access to editing topics and messages by the forum in other alliances. This does not work if the player is in the alliance and does not have any access (can only edit their own themes and messages).

I hope I understand correctly how it works now.

[martinambrus]

I think I understand. Will try that later.

[martinambrus]

this should work fine now :)

[velhbxtyrj]

Almost what you need :P

After writing in the forum the answer in the topic appeared to be able to edit all the messages and completely the entire thread. After trying to reproduce it again, it did not reproduce. I will still watch this. Perhaps this is due to the first message in the topic.

And a couple more questions about editing:

• The founder of the alliance does not have the ability to edit and delete the thread and comments of other players.
• After Assign to position to the "Manage forums" for another player from the alliance, nothing happens. The player can only edit his messages.

[velhbxtyrj]

It looks like it was a single mistake due to the rewriting of the code. More such did not happen.

It remains to solve two of my questions. Or leave everything as is.

[velhbxtyrj]

Perhaps after all the published fixes of the forum, this issue can already be closed?

[iopietro]

Yep, it can be closed.