Fossil SCM

Fix a db_unprotect() call in the Admin pages.

drh 2020-08-30 20:29 trunk
Commit b9fa7e28712c59816654c622e7634c1be20a0bccea2e3f10c4b2140c0258961a
Parent a645302b4783fd5…
1 file changed +1 -1
~ src/security_audit.c
M src/security_audit.c
+1 -1
--- src/security_audit.c
+++ src/security_audit.c
@@ -604,11 +604,11 @@
604604
 if( P("cancel") ){
605605
 /* User pressed the cancel button. Go back */
606606
 cgi_redirect("secaudit0");
607607
 }
608608
 if( P("apply") ){
609
- db_unprotect(PROTECT_USER);
609
+ db_unprotect(PROTECT_USER|PROTECT_CONFIG);
610610
 db_multi_exec(
611611
 "UPDATE user SET cap=''"
612612
 " WHERE login IN ('nobody','anonymous');"
613613
 "DELETE FROM config WHERE name='public-pages';"
614614
 );
615615
--- src/security_audit.c
+++ src/security_audit.c
@@ -604,11 +604,11 @@
604 if( P("cancel") ){
605 /* User pressed the cancel button. Go back */
606 cgi_redirect("secaudit0");
607 }
608 if( P("apply") ){
609 db_unprotect(PROTECT_USER);
610 db_multi_exec(
611 "UPDATE user SET cap=''"
612 " WHERE login IN ('nobody','anonymous');"
613 "DELETE FROM config WHERE name='public-pages';"
614 );
615
--- src/security_audit.c
+++ src/security_audit.c
@@ -604,11 +604,11 @@
604 if( P("cancel") ){
605 /* User pressed the cancel button. Go back */
606 cgi_redirect("secaudit0");
607 }
608 if( P("apply") ){
609 db_unprotect(PROTECT_USER|PROTECT_CONFIG);
610 db_multi_exec(
611 "UPDATE user SET cap=''"
612 " WHERE login IN ('nobody','anonymous');"
613 "DELETE FROM config WHERE name='public-pages';"
614 );
615

Keyboard Shortcuts

Open search /
Next entry (timeline) j
Previous entry (timeline) k
Open focused entry Enter
Show this help ?
Toggle theme Top nav button