I may have discovered a security leak... possibly a serious one, but I have an easy suggestion to fix it, I think... When I'm on the homepage, when signed in as a mach "user" his name is jamez, I can click on the author of an article... and it takes me to a page where I can edit the author's profile, just so happens in this case, that's an admin of the site. But the same hyper link could be set to got to a listing or open a jquery submenu whatever, but it goes to a listing of articles by that same author... finally some code "I" can contribute back... I'll write up that view, first and maybe that fancy open a selection list later...
I may have discovered a security leak... possibly a serious one, but I have an easy suggestion to fix it, I think... When I'm on the homepage, when signed in as a mach "user" his name is jamez, I can click on the author of an article... and it takes me to a page where I can edit the author's profile, just so happens in this case, that's an admin of the site. But the same hyper link could be set to got to a listing or open a jquery submenu whatever, but it goes to a listing of articles by that same author... finally some code "I" can contribute back... I'll write up that view, first and maybe that fancy open a selection list later...