Context Navigation

← Previous Ticket
Next Ticket →

#2592 closed defect (bug) (fixed)

BP Group Extension Access Bug

Reported by:	travel-junkie	Owned by:
Milestone:	1.2.6	Priority:	major
Severity:		Version:
Component:	Groups	Keywords:
Cc:

Description

When you handtype in an url to an edit page, that has been created using the extension API, then you get access to that page even though you’re logged out.

Here's the fix. In bp-groups-classes.php around line 1026, just add

if ( !$bp->is_item_admin )
    return false;

right after this line:

if ( $this->enable_edit_item ) {

Change History (1)

#1 @johnjamesjacoby
15 years ago

Resolution set to fixed
Status changed from new to closed

(In [3205]) Fixes #2592 props travel-junkie

Note: See TracTickets for help on using tickets.

Trac UI Preferences

Download in other formats:

Comma-delimited Text
Tab-delimited Text
RSS Feed

BuddyPress.org