Privacy issue
By Derk Kremer on Tuesday, 07 November 2017
Posted in General Issues
Replies 2
Likes 0
Views 432
Votes 0
Hey,

By change I was confronted with a privacy issue. I have made a comment in the activity stream en placed it on twitter. From twitter you can link to the concerning comment. That's fine. However you also can see a toolbar (not signed in) with the option 'about' (see attachment). When a quest clicks on this link, he or she can see my whole profile. In the tab 'privacy' from my profile, all fields are set to 'registered only'.

In short: linking from a twitter message everyone can see my whole profile.

Can you tell me where the setting is to prevent this?
This issue is much more greater than I thought: also registered users can see all the profile data of other users, even if some data are privacy data for only themselves.

It's all via the link 'about'. How can I change this? I prefer to let disappear the link 'about'

regards,
Derk Kremer
·
Tuesday, 07 November 2017 05:11
·
0 Likes
·
0 Votes
·
0 Comments
·
Hi Derk,

Do you set the profile viewing to only me and registered user still can view your about? If yes, I've tested locally to set it only me and registered user hitting this http://take.ms/N0Tdx when try to accessing the user's about.
It seems the login credential given above is not working as I want to try to replicate this issue in your site http://take.ms/WZHge

It's all via the link 'about'. How can I change this? I prefer to let disappear the link 'about'

-> If you just want to remove the about in the profile cover you can remove the code below (LINE 224-226)


		<div class="es-profile-header-nav__item <?php echo $active == 'about' ? 'is-active' : '';?>">

			<a href="<?php echo $aboutPermalink;?>" class="es-profile-header-nav__link"><span><?php echo JText::_('COM_ES_ABOUT');?></span></a>

		</div>

in file:
.../components/com_easysocial/themes/wireframe/helpers/cover/user.php

You're suggested to backup the file that you want to customize beforehand for precaution
Muhammad Fadhli
·
Tuesday, 07 November 2017 13:40
·
0 Likes
·
0 Votes
·
0 Comments
·
View Full Post