Anybody can connect in admin role

rwheeler7864 / clients-oriented-ftp

Automatically exported from code.google.com/p/clients-oriented-ftp

0 stars 0 forks source link

Anybody can connect in admin role #78

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago

Repoduce the problem
1. You must edit cookies (for Firefox, install Cookies Manager+ 
<https://addons.mozilla.org/fr/firefox/addon/cookies-manager-plus/>)
2. Add in the cookie :
 * name : access, value : admin
 * name : userlevel, value : 9
3. Go to index.php page
4. You are logged :-)

The remember login method must be secure

Original issue reported on code.google.com by leblanc....@gmail.com on 30 Jun 2011 at 10:11

GoogleCodeExporter commented 8 years ago

Thanks for reporting this. I will try to resolve this one ASAP.

Original comment by powerdrummer on 19 Aug 2011 at 3:10

GoogleCodeExporter commented 8 years ago

Solved on r83.

Original comment by powerdrummer on 20 Aug 2011 at 12:57

Changed state: Done