More Access Denied details
I would like to give you some more details and hopefully speed up the 'next stable release' process.
I would like to give you some more details and hopefully speed up the 'next stable release' process.
After the release of 0.7.24 rc1 I'm overloaded with false positives due to a missed point of the upgrade instructions (see previous news). This slows down the process of discovering of not covered yet (if any) issues related with the latest e-token security protection.
The case is simple, we are able to stop those false positives with one line of code. However, this will solve our (core developer and support team) problems only. I'll give you some extra info which should help you identify us as 'good guys'
During e-token test, I found very bad issue - it was there forever. In few simple words, if you use default e107.htaccess (renamed to .htaccess) your site will do something like 10 to 20 extra sql queries (depending on your site configuration) plus of course additional php parsing processor job of your server per missing image/css/javascript file reference.
A simple calculation says: if your average site sql requests count is 20, you have 4 missing images, you end up with 100 sql queries per page (instead 20). You should understand now the issue is really bad.
Most of "Access denied" issues were side effect of the above. It's really easy for me to 'mask' the problem as solved, but I hope you understand now why I don't want to do this.
We didn't invented upgrade instructions to 'keep you' busy, so please follow them, give us maximum information so that we'll be able to reproduce your problems, fix them and go forth. A whole 0.8 branch is waiting for us for the final work.
I wish to use the moment and add big THANKS to all community members who helped us fighting the latest issues.