Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.Hello,
I have identified two seemingly serious issues.
1) Anonymous users have the ability to delete and edit images that they haven't uploaded when they use the image browser with the FCKeditor even when the permissions shouldn't allow them.
My permissions are set as follows for anonymous users:
image module
create images Y
edit images N
edit own images N
view original images Y
imagebrowser module
administer imagebrowser N
browse all images Y* see below
browse own images Y
insert Image preset: Original Y
insert Image preset: Preview N
insert Image preset: Thumbnail N
upload images Y
view images Y
2) * When the Browse All images setting is turned off, then it effectively makes the uploading images impossible. This occurs even when browse own images is enabled for anonymous users. Upload just perpetually loads.....
I would really like to use this module, but I'm running into these 2 very serious barriers.
In short here are summaries of the problem:
1) Anonymous users can delete images that admins and authenticated users upload using the image browser withing FCKeditor.
2) There is no way for anonymous (or authenticated) users to only see their uploaded pictures because it perpetually loads.
Any ideas?
Please Help!
Comments
Comment #1
jdelaune commentedI'll certainly look into this asap. Just don't have a huge amount of spare time at the moment.
Cheers
Comment #2
jdelaune commentedOnce again I'm really sorry that these slipped through the net. Both issues have been fixed and will be rolling out in a dev snapshot shortly for testing:
1) Anonymous users need the username of ' ' to be visible in Views and not ''.
2) Only users with the 'edit images' permissions can edit or delete image nodes.
Thanks very much for flagging these up.
Comment #3
CarbonPig commentedNo Problem. Please Keep me posted on new release. Thanks, CP
Comment #4
jdelaune commentedUnfortunately tonight's CVS release didn't go to plan. Hopefully the issue is fixed and when it gets re-packaged tomorrow night things should be good to download.