[TYPO3-core] RFC: #11896: User Setup miss save of be_users fields and miss handling of default value
Steffen Kamper
info at sk-typo3.de
Sat Sep 19 15:03:56 CEST 2009
Hi,
here comes v2 which also use a hook for access. See OpenID (#10585_v6)
which use the access check for render the OpenID identifier field with
access check (not only admin).
Further the access check is done while writing the be_users fields, so
there is no way to tamper the POST data.
Best way to test is this patch and then 10585_v6 which uses it.
vg Steffen
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 11896_v2.diff
Url: http://lists.netfielders.de/pipermail/typo3-team-core/attachments/20090919/995dc95f/attachment.txt
More information about the TYPO3-team-core
mailing list