[geeklog-cvs] geeklog-1.3/public_html comment.php,1.38.4.4,1.38.4.5

[dhaun at iowaoutdoors.org]

Update of /var/cvs/geeklog-1.3/public_html
In directory www:/tmp/cvs-serv30783

Modified Files:
      Tag: geeklog_1_3_7sr2_1
	comment.php 
Log Message:
Fix for the anonymous comment spamming even if comments for anonymous users were switched off.


Index: comment.php
===================================================================
RCS file: /var/cvs/geeklog-1.3/public_html/comment.php,v
retrieving revision 1.38.4.4
retrieving revision 1.38.4.5
diff -C2 -d -r1.38.4.4 -r1.38.4.5
*** comment.php	23 Jan 2004 21:28:58 -0000	1.38.4.4
--- comment.php	1 Jun 2004 06:25:55 -0000	1.38.4.5
***************
*** 219,230 ****
  *
  */
! function savecomment($uid,$save,$anon,$title,$comment,$sid,$pid,$type,$postmode) 
  {
!     global $_CONF, $_TABLES, $_USER, $LANG03, $REMOTE_ADDR; 
  
!     if (($uid < 1) || (($uid != $_USER['uid']) && !empty ($_USER['username'])) ||
!             (empty ($_USER['username']) && (($_CONF['loginrequired'] == 1) ||
!             ($_CONF['commentsloginrequired'] == 1)))) {
!         $retval .= COM_refresh ($_CONF['site_url'] . '/index.php');
          return $retval;
      }
--- 219,239 ----
  *
  */
! function savecomment($uid,$save,$anon,$title,$comment,$sid,$pid,$type,$postmode)
  {
!     global $_CONF, $_TABLES, $_USER, $LANG03, $REMOTE_ADDR;
  
!     $retval = '';
! 
!     // ignore $uid as it may be manipulated anyway
!     if (empty ($_USER['uid'])) {
!         $uid = 1;
!     } else {
!         $uid = $_USER['uid'];
!     }
! 
!     if (empty ($sid) || empty ($title) || empty ($comment) || empty ($type) ||
!             (($uid == 1) && (($_CONF['loginrequired'] == 1) ||
!                 ($_CONF['commentsloginrequired'] == 1)))) {
!         $retval = COM_refresh ($_CONF['site_url'] . '/index.php');
          return $retval;
      }