[#2913] Hidden profiles can be guessed and pulled via url
- ignatius2
- OFFLINE
-
Premium Member
- Posts: 153
- Thanks: 0
- Karma: 0
12 years 6 months ago - 12 years 6 months ago #179687
by ignatius2
Replied by ignatius2 on topic Re: Hidden profiles can be guessed and pulled via url
and here is another attachment to the previous post.
Thanks
Post-headers.PNG
Cna't figure out how to attach this????
Thanks
Post-headers.PNG
Cna't figure out how to attach this????
Last edit: 12 years 6 months ago by ignatius2.
Please Log in to join the conversation.
krileon
Team Member- OFFLINE
- Posts: 68554
- Thanks: 9095
- Karma: 1434
12 years 6 months ago - 12 years 6 months ago #179704
by krileon
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic Re: Hidden profiles can be guessed and pulled via url
For the post you need to expand it then select the Params tab, your parameters specific to the redirect type should be there (redirect_url, etc..). I am still unable to confirm so again not sure what more to advise aside from disabling CB plugins 1 by 1 until resolved and if not then re-attempt with Joomla system plugins (non-core that is). Please PM backend super administrator login credentials and will take a look.
Forum is wonky with images and sometimes don't attach. I find it easier to use free alternatives like imageshack.
Forum is wonky with images and sometimes don't attach. I find it easier to use free alternatives like imageshack.
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Last edit: 12 years 6 months ago by krileon.
Please Log in to join the conversation.
- ignatius2
- OFFLINE
-
Premium Member
- Posts: 153
- Thanks: 0
- Karma: 0
12 years 6 months ago #179713
by ignatius2
Replied by ignatius2 on topic Re: Hidden profiles can be guessed and pulled via url
Thanks Kyle,
I sent you a PM with the back end address and credentials.
Please advise if you have not received it... I sent you PM's in the past which I think never made it.
Thanks
John
I sent you a PM with the back end address and credentials.
Please advise if you have not received it... I sent you PM's in the past which I think never made it.
Thanks
John
Please Log in to join the conversation.
- krileon
- Team Member
- OFFLINE
- Posts: 68554
- Thanks: 9095
- Karma: 1434
12 years 6 months ago - 12 years 6 months ago #179765
by krileon
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic Re: Hidden profiles can be guessed and pulled via url
Have reviewed your install and was not using latest release. However, even with latest release the problem is still present. Your install is refusing to save the "params" row of the plugin entirely for all action types. I could not find a conflict installed, but I could not debug properly due to permissions preventing me from enabling debug mode and maximum error reporting; please configure this manually and will continue review.
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Last edit: 12 years 6 months ago by krileon.
Please Log in to join the conversation.
- ignatius2
- OFFLINE
-
Premium Member
- Posts: 153
- Thanks: 0
- Karma: 0
12 years 6 months ago - 12 years 6 months ago #179792
by ignatius2
Replied by ignatius2 on topic Re: Hidden profiles can be guessed and pulled via url
For some reason I had to set the permissions to 777 for this to work? I then tried to disable all the plugins (Joomla and CB), but this did not change anything, so I set the entire test site to 777 to make sure you would not run into any permissions issue again.
Note BTW that eXtplorer is installed, so you can access the files from the component menu.
Thanks
Note BTW that eXtplorer is installed, so you can access the files from the component menu.
Thanks
Last edit: 12 years 6 months ago by ignatius2.
Please Log in to join the conversation.
- krileon
- Team Member
- OFFLINE
- Posts: 68554
- Thanks: 9095
- Karma: 1434
12 years 6 months ago - 12 years 6 months ago #179813
by krileon
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic Re: Hidden profiles can be guessed and pulled via url
Was able to investigate further and have found the cause. I've installed a fixed build on your site for you to confirm as well. I'll be fixing the other known bug and releasing 1.0.2 today.
forge.joomlapolis.com/issues/2913
UPDATE: 1.0.2 is released with issue confirmed fix, please download and install for those experiencing this issue.
forge.joomlapolis.com/issues/2913
UPDATE: 1.0.2 is released with issue confirmed fix, please download and install for those experiencing this issue.
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Last edit: 12 years 6 months ago by krileon.
Please Log in to join the conversation.
Moderators: beat, nant, krileon
Time to create page: 0.360 seconds
-
You are here:
- Home
- Forums
- Archive
- Advanced Members Support
- [#2913] Hidden profiles can be guessed and pulled via url