The following warnings occurred:

Warning [2] Undefined array key "avatartype" - Line: 783 - File: global.php PHP 8.1.31 (Linux) File Line Function /global.php 783 errorHandler->error /printthread.php 16 require_once Warning [2] Undefined array key "avatartype" - Line: 783 - File: global.php PHP 8.1.31 (Linux) File Line Function /global.php 783 errorHandler->error /printthread.php 16 require_once Warning [2] Undefined variable $newpmmsg - Line: 40 - File: global.php(841) : eval()'d code PHP 8.1.31 (Linux) File Line Function /global.php(841) : eval()'d code 40 errorHandler->error /global.php 841 eval /printthread.php 16 require_once Warning [2] Undefined array key "style" - Line: 909 - File: global.php PHP 8.1.31 (Linux) File Line Function /global.php 909 errorHandler->error /printthread.php 16 require_once Warning [2] Undefined property: MyLanguage::$lang_select_default - Line: 5024 - File: inc/functions.php PHP 8.1.31 (Linux) File Line Function /inc/functions.php 5024 errorHandler->error /global.php 909 build_theme_select /printthread.php 16 require_once Warning [2] Undefined array key "additionalgroups" - Line: 7162 - File: inc/functions.php PHP 8.1.31 (Linux) File Line Function /inc/functions.php 7162 errorHandler->error /inc/functions.php 5044 is_member /global.php 909 build_theme_select /printthread.php 16 require_once Warning [2] Undefined array key 1 - Line: 1415 - File: inc/functions.php PHP 8.1.31 (Linux) File Line Function /inc/functions.php 1415 errorHandler->error /inc/functions.php 1370 fetch_forum_permissions /printthread.php 76 forum_permissions Warning [2] Undefined array key "showimages" - Line: 160 - File: printthread.php PHP 8.1.31 (Linux) File Line Function /printthread.php 160 errorHandler->error Warning [2] Undefined array key "showvideos" - Line: 165 - File: printthread.php PHP 8.1.31 (Linux) File Line Function /printthread.php 165 errorHandler->error Warning [2] Undefined array key "showimages" - Line: 160 - File: printthread.php PHP 8.1.31 (Linux) File Line Function /printthread.php 160 errorHandler->error Warning [2] Undefined array key "showvideos" - Line: 165 - File: printthread.php PHP 8.1.31 (Linux) File Line Function /printthread.php 165 errorHandler->error Warning [2] Undefined array key "showimages" - Line: 160 - File: printthread.php PHP 8.1.31 (Linux) File Line Function /printthread.php 160 errorHandler->error Warning [2] Undefined array key "showvideos" - Line: 165 - File: printthread.php PHP 8.1.31 (Linux) File Line Function /printthread.php 165 errorHandler->error Warning [2] Undefined array key "showimages" - Line: 160 - File: printthread.php PHP 8.1.31 (Linux) File Line Function /printthread.php 160 errorHandler->error Warning [2] Undefined array key "showvideos" - Line: 165 - File: printthread.php PHP 8.1.31 (Linux) File Line Function /printthread.php 165 errorHandler->error Warning [2] Undefined array key "showimages" - Line: 160 - File: printthread.php PHP 8.1.31 (Linux) File Line Function /printthread.php 160 errorHandler->error Warning [2] Undefined array key "showvideos" - Line: 165 - File: printthread.php PHP 8.1.31 (Linux) File Line Function /printthread.php 165 errorHandler->error

HELP!! Clients can see any submission just by changing the submission ID in the URL! - Printable Version +- Form Tools (https://forums.formtools.org) +-- Forum: Form Tools (https://forums.formtools.org/forumdisplay.php?fid=1) +--- Forum: General Discussion (https://forums.formtools.org/forumdisplay.php?fid=5) +--- Thread: HELP!! Clients can see any submission just by changing the submission ID in the URL! (/showthread.php?tid=75)

HELP!! Clients can see any submission just by changing the submission ID in the URL! - harmony - Mar 19th, 2009 I don't know if this is a feature or a bug, but if a client logs in and then edits a submission, if they happen to change the submission ID in the URL and press Enter, they are taken to the edit screen for the submission ID, allowing them to edit submissions that are not in their View! Zoinks. Is this correct? I thought filters was a way to restrict clients to a certain set of submissions. RE: HELP!! Clients can see any submission just by changing the submission ID in the U - harmony - Mar 19th, 2009 I must be doing something wrong. Could there be something wrong with cookies? RE: HELP!! Clients can see any submission just by changing the submission ID in the URL! - Ben - Mar 19th, 2009 Hmm. This could be a bug. Yes, there are security measures in place to only permit a user access to submissions + Views that they're assigned to. If they try to access a submission or a View that they're not permitted to see they get booted out. I've just checked it on my own installaion and it works fine for me... would it be possible for you to send me your FT login info so I could see the problem first hand? Let me know! My email is formtools@encorewebstudios.com - Ben RE: HELP!! Clients can see any submission just by changing the submission ID in the URL! - Ben - Mar 19th, 2009 Nevermind. I see... I'll release a fix for this today. Thanks for reporting it! - Ben RE: HELP!! Clients can see any submission just by changing the submission ID in the URL! - Ben - Mar 19th, 2009 This has been fixed in today's build. For any future security-related problems, could you contact me privately? Thanks! - Ben