Recent Topics

1 May 17, 2011 03:22    

version 4.0.5 running on XAMPP

On the User Settings page (.../admin.php?ctrl=usersettings), as the administrator I can change a setting to prevent users from changing the value stored in the nickname field.

This setting correctly prevents the nickname change in one place, but not in another.

When a non-admin user logs in and then clicks on the "Admin" link in the top right corner and then clicks on "My Profile" (.../admin.php?ctrl=user&user_tab=identity&user_ID=XX) the Nickname field is (correctly) not displayed and therefore can not be updated.

However, if the user returns to the blog screen and then clicks the down-arrow next to his name and selects "Edit user profile...", the User Profile page (.../library/?disp=profile&redirect_to=%2Flibrary%2F) includes a field to edit the password. The password can be changed and saved.

The setting should block users from changing the nickname everywhere.

(I also posted a feature request http://forums.b2evolution.net/viewtopic.php?p=108538#108538 for expanding the "don't allow a user to edit his nickname" to "don't allow a user to edit his profile".)

2 May 28, 2011 06:32

I can't reproduce this in CVS version. Seems to be fixed already.


Form is loading...