webtrees

Editing objects with private data cause corruption and loss

Bug #773135 reported by fisharebest on 2011-04-29

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	webtrees	Fix Released	Critical	fisharebest

Bug Description

When we generate edit forms, we do use using "privacy filtered" versions of the data.

When we process these edits, we must also use the exact same filtered versions of the data. (The private or filtered data is then appended, after the edits).

In many cases, edit_interface.php is fetching the original (unfiltered) versions of the data.

In the "edit fact" code, this causes data corruption. In other edit code, it can cause loss, duplication or corruption.

NOTE: these problems only occur when editing a record that contains "hidden" data. In other words, a user with "edit" rights that is editing a record containing facts that are "show only to managers", or a manager editing a record containing facts which are "hide from everyone".

fisharebest (fisharebest) on 2011-04-29

Changed in webtrees:
assignee:	nobody → fisharebest (fisharebest)
importance:	Undecided → Critical
status:	New → In Progress

Revision history for this message

fisharebest (fisharebest) wrote on 2011-04-29:

As a further explanation, at the beginning of edit_privacy.php, we apply privacy filtering to the record we are editing like this:

//-- privatize the record so that line numbers etc. match what was in the display
//-- data that is hidden because of privacy is stored in the $pgv_private_records array
//-- any private data will be restored when the record is replaced
if (isset($gedrec)) {
$gedrec = privatize_gedcom(WT_GED_ID, $gedrec);
}

Then, later in the code, we undo the filtering, for example:

// Cycle through each individual concerned defined by $cens_pids array.
foreach ($cens_pids as $pid) {
  if (isset($pid)) {
   $gedrec = find_gedcom_record($pid, WT_GED_ID, true);
  } elseif (isset($famid)) {
   $gedrec = find_gedcom_record($famid, WT_GED_ID, true);
  }

There are other, more subtle cases, such as editnote, addchildaction, linkspouseaction.

I'm currently rewriting the privacy functions (which is why I found the error), and will correct these as part of the update.

Revision history for this message

fisharebest (fisharebest) wrote on 2011-04-29:

svn11410

Changed in webtrees:
status:	In Progress → Fix Committed

Revision history for this message

fisharebest (fisharebest) wrote on 2011-06-07:

Fix released in webtrees 1.2.0

Changed in webtrees:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.