My apologies for not responding, I had attempted to sign up for the list, and that had failed. Oops! Now, here I am. :)
Paul van Schayck said, about the <<br />> ..
oops, that was a mistake in my search/replace.. I thought I had fixed all of those occurences that I made.
Also, for the !loggedin() || !have_priv(admin) .. i just copied that code from another module, that had used it in that exact same spot.. the file had a comment that said "// check for admin access here" .. :P
no, i don't think it should be !loggedin() && !have_priv(admin) .. that wouldn't make sense, if it were &&.. that needs to be an || .
Re: Johnathan Ernst:
As I said, I had just copied the code from the other places in the admin/* files that used it. Before I changed that, the code simply said:
if(!loggedin()) .. which meant anyone logged in could access that admin function. It does make sense that if not logged in you couldn't have admin privs, so I could change all the files to check that instead.
So, my next question.. do you have to have admin priv to be a maintainer? Becauses some of the files check for loggedin, havepriv(admin) and maintainer flags.
Should admin/adminCommentView.php be protected? I realise it's in the admin category, but it doesn't look like anyone can get into any mischief with that.. could almost be handy for users.
---
anyway, i've fixed those issues, merged it to latest CVS, and will be re-sending it off in just a minute.
Thanks :)
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com