Forum mit Informationen zur aktuellen Version und Link zum Download
Forum informing about the latest version and download link
User avatar
Posts: 86
Joined: Sat 21. Mar 2020, 19:02
Location: Wittingen


Post by Mike-on-Tour »

At least one user (and myself) experienced spam inserted into the phpbb_usermap_poi table which led to Usermap's failure to correctly display search tabs and the overlay control element.
Usermap uses a modal window to allow (authorized) users to create a new POI. The HTML code for that window (and thus the form used to enter the data) was always included in Usermap's main window. If guests are permitted to view the map (e.g. to display POIs) anyone with the necessary knowledge is able to access the input form even if guests are not allowed to create POIs. To prevent this I have changed the /ext/mot/usermap/styles/prosilver/template/usermap_main.html file so if guests are allowed to see the map and are not permitted to create POIs this form will no longer be available.
This should solve the problem at least on a short term but I will look into this issue a lot deeper in the future.

All Usermap users (at least all who allow guests to see the map) are strongly adviced to download the attached file, unzip it, upload the contained file usermap_main.html into the above mentioned directory and purge the cache. Afterwards you should be safe from that kind of spam.

This file will be part of the next version of Usermap.
(1.62 KiB) Downloaded 12 times