diff options
author | Ed Lyons <ejlyons@ix.netcom.com> | 2013-02-02 17:58:59 -0500 |
---|---|---|
committer | Steve Clay <steve@mrclay.org> | 2013-02-02 20:55:22 -0500 |
commit | 035f68a467ab50776c3f52af0cceb750d60cb4a9 (patch) | |
tree | 31160c537dd6c1745fe7f6db089a1e897ea454a5 /mod/notifications/views/default | |
parent | 9b8839602051aa1b5c441695ae897c0b049ff889 (diff) | |
download | elgg-035f68a467ab50776c3f52af0cceb750d60cb4a9.tar.gz elgg-035f68a467ab50776c3f52af0cceb750d60cb4a9.tar.bz2 |
Update mod/messages/start.php
We had an Elgg user named Chris Read with username 'read'. Once he registered, people's messages stopped working because hitting a message in your inbox was a url like: [site_name]/messages/read/459 - and the message code, supporting the old URL format, looked up the parameter right after messages and did a lookup on that word. So, since it got a user, redirected to his inbox. Yipes! So I put in some code checking that the parameter really is your username, so it would work for Chris, but not for anyone else. It works fine now.
Diffstat (limited to 'mod/notifications/views/default')
0 files changed, 0 insertions, 0 deletions