Hello There

I"m using Nextgnn on my website and so far i was the only user  that managed the gallery's.now i am going to open it top pubic use . this why i installed RS with NG extension.

so, far i was able to apply the followng:

1.a user can login to his account, and create a gallery, upload picture and manage them

2.the user cannot see other gallerys and cannot move pictures from his to others.

In additon , i allowed the user to write his own posts.

NOW , here is the problem.

In order to see the gallery , the user  need to create new post, at in the post content a tag lke :[nggallry=XX] and thats it.

the XX supposed to be his own gallerys

BUY, when i tried to put another gallery id that is not belong to him , the POST was published and i was able to see on my post, onther person gallery.
That is security breach.

How, can i fixe it?

regards

Yoav