Error in apache mod_security when assigning participants to a submission

Software Support
2

After being unable to find a suitable solution, I have decided to modify the code to avoid the use of user-select in the URL, responsible for triggering the security alert. I share the changes in the code hoping it will be of some help…

NOTE: It is recommended use an IDE to ensure that the namespaces and usage of the files contained in the directory will be updated.

  1. Rename folder /lib/pkp/controllers/grid/users/userSelect, for example to userSearch.
  2. Rename file /lib/pkp/controllers/grid/users/userSearch/UserSelectGridHandler.php , for example to UserSearchGridHandler.php.
    image
    image1459×585 62.5 KB
  3. Rename file /lib/pkp/controllers/grid/users/userSearch/UserSelectGridCellProvider.php , for example to UserSearchGridCellProvider.php.
    image
    image1433×275 27.5 KB
  4. Update the reference usage of UserSearchGridCellProvider in file /controllers/grid/users/subscriberSelect/SubscriberSelectGridHandler.php.
    image
    image1477×382 44.2 KB
  5. In file /lib/pkp/templates/controllers/grid/users/stageParticipant/addParticipantForm.tpl, on line 66, change the component attribute from grid.users.userSelect.UserSelectGridHandler to grid.users.userSearch.UserSearchGridHandler.
    image
    image1895×149 15.1 KB
  6. Delete the web template cache from the website admin panel.