Bug in publish_xp.php?

GearJamminHero

Joined: 2006-07-13
Posts: 1
Posted: Thu, 2006-07-13 06:40

I found that publish_xp.php does not appear to correctly check for an authenticated user in Gallery 1.5.3. The remainder of “select-album” code is executed with anonymous user session. This is illustrated below:
[img]http://trojanedbinaries.com/security/gallery-1.5.3~publish_xp.php-bug.gif[/img]

Line 205 of publish_xp.php should be updated from:
205 - if (empty($gallery->album) || empty($set_albumName))
To:
205 - elseif (empty($gallery->album) || empty($set_albumName)) {

Once updated, the anonymous user will get the intended error message displayed.

[img]http://trojanedbinaries.com/security/gallery-1.5.3~publish_xp.php-patch.gif[/img]

Is there another preferred channel for security or bug related issues? I think I may poke around some more to see what I can find.

 
Tim_j
Tim_j's picture

Joined: 2002-08-15
Posts: 6818
Posted: Thu, 2006-07-13 13:57

Hello,

thanks for reporting !

If you found a security issue write a mail to

For normal issues, just use the forum.

Thanks,

Jens
--
Last Gallery v1 Developer and v1 translation manager.