URL to your eFiction: http://www.naiceanilme.com
Your version of eFiction: 3.3.1
Latest Patche(s): Yes
Have you modified your eFiction?: Yes, Tags
Version of PHP: 4.4.7
Version of MySQL: 5.0.21
Have you searched for your problem: Yes
Alright, I'm not quite sure where to post this, so I hope Tammy will forgive me if I actually decided for the wrong subforum:(
A while back some stories of a certain author on my archive disappeared. After checking back with the author, because I was interested why she decided to delete the stories, I found out that the person never actually deleted those stories. I disregarded the incident as a mystical accumulation of bad luck. Until it happened again - to the same author. So then I assumed she was either sharing her computer with someone who logged into her account or her account was specifically hacked. Again, only one or two stories were deleted.
Now though, I have another author with the same problem. So this starts to look really weird. In case this is not an eFiction security problem (and I guess the chance is slim since my search brought up no one with the same problem), is there a way to only allow admins to delete stories?
Open includes/deletefunctions.php and at line 28 add:
if(!isADMIN) return;
That should keep everyone but admins from deleting stories. It's not tested.
