Maybe I'm missing something here, but by essentially moving the check from the server to the client (i.e. in the session) then what's to prevent me from changing my session and editing the post hours after it has been sent out via email?
Or more simply clicking the "edit" link, leaving the browser tab open and editing the post after it's been sent out. The email and the online version will not match anymore. Is this desirable? -- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. https://bugs.launchpad.net/bugs/731990 Title: Forum post editing timeout issue Status in Mahara ePortfolio: New Bug description: We have postdelay forum config parameter that defines for how long it is allowed to edit the post after it has been submitted. Say it is set to 30 mins. When user decides to edit the post just before timeout, s/he will be allowed to do so, but submission might not be possible due to the timeout (Access denied error). What I suggest is to make possible to submit the post even if time is out (but editing was initiated before timeout). _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : mahara-contributors@lists.launchpad.net Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp
