On Wednesday, 15 March 2017 at 02:14:34 UTC, Sönke Ludwig wrote:
Am 14.03.2017 um 21:56 schrieb Daniel Kozak via
Digitalmars-d-announce:
Dne 14.3.2017 v 21:24 Sönke Ludwig via Digitalmars-d-announce
napsal(a):
Did you delete the comments yourself? The time limit for
deletion/editing currently isn't enforced on the server
(ticket
already open), so anyone can delete their own tickets
currently at any
time.
I've noted the other issues and will tackle those tomorrow.
I have deleted not only my comments, I can delete enyone
comment
Okay, that was supposed to be implemented before 1.0.0, but
then I forgot about it:
https://github.com/rejectedsoftware/diskuto/blob/d8376f3e54a03574f69af13a0b41b5e994b6ce44/source/diskuto/web.d#L107
You'll also want a CSRF token for that, checking that the user is
the author isn't enough.
