cvs node.module incorrectly assumes 404 when access denied [#27873]

Later cousin of http://drupal.org/node/27864 for 4.6.2

To reproduce:
- Take a page which is denied to anonymous users by node_privacy_byrole
- Go to it as an anonymous user
- Receive 404 error

cvs shares the same code for both the view and edit ops, so a slightly larger patch

Comment	File	Size	Author
#3	27873-node.module-cvs_0.patch	977 bytes	willmoy
#1	27873-node.module-cvs.patch	977 bytes	willmoy

Comments

Comment #1

willmoy commented 31 July 2005 at 01:03

Status	File	Size
new	27873-node.module-cvs.patch	977 bytes

patch attached

Comment #2

dries commented 31 July 2005 at 10:19

Status:

Needs review

» Needs work

That code is insecure and may lead to SQL injection attacks.

Comment #3

willmoy commented 1 August 2005 at 14:27

Status:

Needs work

» Needs review

Status	File	Size
new	27873-node.module-cvs_0.patch	977 bytes

This patch updated as the 4.6.2 one was.

Comment #4

Steven commented 5 August 2005 at 00:40

Status:

Needs review

» Fixed

Committed. Please submit only a issue next time, with multiple attachements.

Comment #5

(not verified) commented 19 August 2005 at 00:48

Comment #6

(not verified) commented 2 September 2005 at 00:51

Comment #7

(not verified) commented 16 September 2005 at 01:22

Comment #8

(not verified) commented 30 September 2005 at 06:10

Status:

Fixed

» Closed (fixed)

cvs node.module incorrectly assumes 404 when access denied

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

Comment #6

Comment #7

Comment #8

News items

Our community

Documentation

Drupal code base

Governance of community