Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 24th February 2013, 15:34
mrtnzlml mrtnzlml is offline
Junior Member
 
Join Date: Feb 2013
Location: Czech Republic
Posts: 16
Thanks: 1
Thanked 3 Times in 3 Posts
Default Secure deletion, roles

Hi!
I have handle for URL handleDeleteFTP($ftp_user_id). This function call sites_ftp_user_delete from ISPConfig. But there is problem with security, because one of GET parameters is ftp_user_id and everyone (if they are logged) can change this id and send it. How can I check owner of this record which want to delete? ISPConfig remote API is still little bit magic for me...

Second problem. I use this function for login:
$result = $this->client->client_get($this->session_id, array('username' => $username));
Everything is OK, but I need to know roles of users. $result contains no information for identify users by role. I need to know if user is in role admin or not...

Thanks for some clue.
Reply With Quote
Sponsored Links
 

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to force postfix to use secure smtp? concept21 Installation/Configuration 3 31st July 2012 10:14
Secure Site Won't Load After Installing SSL BigBuddy General 2 9th May 2012 20:46
Does anyone know which is more secure Microsoft Distributed File System or NTFS renegadeviking Server Operation 0 11th June 2009 04:54
Secure proftp by using tls tom Tips/Tricks/Mods 3 6th August 2008 14:09
Secure SMTP not working? binjured HOWTO-Related Questions 5 17th June 2006 12:20


All times are GMT +2. The time now is 14:58.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.