Hi Samuel,
> Take a look at the attached file. If I'm logged in as an administrator
> who can normally see and submit the /admin/users.html page, and I load
> the attached file in my browser (with the server names in the source
> code correct, of course), and I fill in the form and hit "Save changes",
> will it add only that one user, or will it delete all other users?
snippet from Pootle/users.py:
362 for key, value in argdict.iteritems():
363 if key.startswith("userremove-"):
364 usercode = key.replace("userremove-", "", 1)
365 if self.hasuser(users, usercode):
366 raise NotImplementedError("Can't remove users")
Essentially this code would remove (if it would be implemented) only the users,
which are passed via an "userremove-foo" variable. Thus submitting your almost
empty user page would not do any harm.
Someone please correct me, if I am wrong ...
Anyway: good question!
regards,
Lars
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Translate-pootle mailing list
Translate-pootle@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/translate-pootle
