Well I just installed ccBoard and its fantastic so far but I've ran into a small security problem.
Many individuals like to secure the /administrator directory using .htaccess on an apache server, with this being done, the image that is used to post a "New Topic", looks like a board with a star on it, is located in /administrator/images/*
If users use .htaccess for their /administrator directory, every time an visitor views a forum, a username/password box pops up asking for /administrator acess to retrieve the /administrator/images/new_f2.png file
For the time being, a work around to this can be to copy the new_f2.png image from /administrator/images into the /componets/com_ccboard/assets folder and modify the file; components/com_ccboard/views/topiclist/tmpl/default.php
There are 2 lines in that php script that reference /administrator/images/new_f2.png
Change those 2 lines to referencecomponents/com_ccboard/assets/new_f2.png
There may be a few more security issues that relate to this type of configuration, If i find more I will definately post them.
Thanks george. I have already taken care of this for the next release.
Thank you for valuable time and effort and really appreciate the same.
I just found another issue with the "post editor" but i cannot find out what it is requesting from /administrator/
I'll post my findings once i discover the what the problem is.
wow 17,000 views almost on this thread, holy cow. I'm guessing this is the most viewed thread on the site :)
Apparently this must have been a very common problem.
Powered by Joomla!.
Designed by: Joomla Template, url. Valid XHTML and CSS.
© 2008-2009 CODECLASSIC.ORG. All Rights Reserved.