[Koha-bugs] [Bug 643] Allow override of 'debarred' status

bugzilla-daemon Tue, 23 Sep 2014 05:20:13 -0700

http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=643


M. Tompsett <mtomp...@hotmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|Needs Signoff               |Failed QA
                 CC|                            |mtomp...@hotmail.com

--- Comment #14 from M. Tompsett <mtomp...@hotmail.com> ---
Sorry, but this doesn't solve the problem raised in comment #12.

The issue is there is no equivalent CAN_user_force_checkout on the server-side,
not whether someone can fake it or not. And also, even a lousy hacker can still
read the randomish forceallow code from the page source and fake the url in
this.

-- 
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 643] Allow override of 'debarred' status

Reply via email to