Now that we have fixed the usage of authorize.php when using Installer module for manual module installs (#1920), it's become clear that we should be using authorize.php for all downloading/installing of modules/themes/layouts.
Without using authorize.php, Installer module only works if the owner of web root directory and the web server user are the same. By using authorize.php, we could enable users to more securely set up their site and still allow modules to be downloaded/installed. If the owner of the web root is the web server user (as is the case in most shared hosting environments and Pantheon), then we don't have a problem. But when these users are different, authorize.php could enable the use of the Installer UI.
GitHub Issue #:
2271
Recent comments
Backdrop CMS: 1.34.0 Installation profile: standard PHP version: 8.4.21 Drupal 7 compatibility: on Database server...
User seeing admin stuff
Sounds maybe like something is caching pages for all users when it should be caching per user -- just a wild first guess. (If this was so, she would have gotten an error if she tried to click on...
User seeing admin stuff
This appears to be the issue that was created, https://github.com/backdrop/backdrop-issues/issues/6401
format for image upload directory spec