members
members copied to clipboard
symphonycms
Members extension for Symphony
Use-case is creating a Login-As function; supplying both user email and hash. The current function gets the password hash from memory (not fresh from database) hence links up the wrong...
It seems odd to me that all editors can edit member roles as they could break the site with this access.
The function returns false anyway; failing more silently is preferrable. Fixes #310
The section ID is casted to integer in the IF-block and in the line before, so missing it here is error-prone.
Since the member section ID is typically set in the frontend form (using a hidden field), a (malicious) user can easily manipulate it. Of course, "evil" section IDs like `%3Benv`...
When a user is activated the activation date/time is shown in the field. This does not seem to reflect the actual activation date but is set to whenever the entry...
Backend authors are able to edit Member Role permissions. This feels like a bug to me. Or is this intended?
We've got a form where members administer a list of song titles. This list works similar to the Duplicator interface in the backend: members can add and remove items or...
Think about log in member just after frontend registration, if no activation is needed.
We should fix the extension's coding style (and make it PSR-2 comaptible). However, I suggest to wait until most of the other issues (and pull requests!) are closed.