[TYPO3-core] [TYPO3-security] RFC: EM displays insecure extensions
Dmitry Dulepov
9f4eetb02 at sneakemail.com
Tue Feb 20 11:59:17 CET 2007
Hi!
Karsten Dambekalns wrote:
> I checked for 4.1, with the DB-based extension list cache. Two problems
> are addresses by the attached patch:
> * the database field for reviewstate was unsigned, thus it never stored -1
> * the code didn't filter a reviewstate of < 0
Works fine (checked with page_php_content), +1.
Question: it seems that "-1" extensions will be in db but there is no
way to see them in EM. So, why do we need them in db at all?
> For 4.0 the needed change affects the code only to ignore review states
> < 0 completely. See attached diff.
Could not check this (missing 4.0 setup at the moment) but looks ok, so +1.
--
Dmitry Dulepov
Web: http://typo3bloke.net/
Skype: callto:liels_bugs
"It is our choices, that show what we truly are,
far more than our abilities." (A.P.W.B.D.)
More information about the TYPO3-team-core
mailing list