[Vtigercrm-developers] Be aware of this one!
IT-Solutions4You
info at its4you.sk
Fri Jan 29 14:57:31 GMT 2016
Nice ;-)
Are you able to create a user if user_name field's displaytype is set to
"2" in the vtiger_field table ? I don't test it yet.
Matus
Dňa 29. 1. 2016 o 14:15 Alan Lord napísal(a):
> Note this bug report by Nilay earlier today:
>
> http://code.vtiger.com/vtiger/vtigercrm/issues/90
>
> Essentially any user can edit their Preferences and if you put it into
> Edit View, _you_ can change your username... You can change it to anything.
>
> Create a non-admin user.
> Login as this user.
> Go to your preferences page.
> Click Edit.
> Change your username to "admin". ;-)
>
> This will stop the admin, or you, from being able to login.
>
> ...
>
> The fix? Change the user_name field's displaytype to "2" in the
> vtiger_field table.
>
>
>
> _______________________________________________
> http://www.vtiger.com/
>
More information about the vtigercrm-developers
mailing list