Closed sleemanj closed 3 years ago
No it doesn't. You must have a poor configuration or an old version. Ensure you properly configure your EFM and ImageManger.
invalid
new
to closed
**fernando.algarvio**~~@gmail.com~~
to **fernando.algarvio**~~@gmail.com~~, guest
You can see the problem in Xinha demo instalation, right here:
Isn't the permission to delete the files being denied by the operating system instead of the application? Should this screen appears called directly by the browser or should it only appears called by the editor? Isn't this the latest version?
invalid
to ``closed
to reopened
The folder opened is restricted to the the example (demo) images distributed with Xinha, it is fine for somebody to delete these if the developer has not config'd Xinha, who cares, they are only example images.
You can not escape the example images folder unless the developer specifically changes the config to another folder. If they change the config to another folder, then they would also change the other configuration items for EFM to meet their security requirements.
This is only a problem in my view if you have a way to escape the demo images folder with default EFM configuration. Such a way is not proven to exist.
invalid
reopened
to closed
Hi!
Extended File Manager allows browser access to photos and lets anyone delete files.
You can try it modifying the following url to your installation:
http://www.yoururl.com/xinha/plugins/ExtendedFileManager/backend.php?__plugin=ExtendedFileManager&__function=images&mode=image&dir=/&viewtype=thumbview
Reported by guest, migrated from http://trac.xinha.org/ticket/1591