[geeklog-cvs] geeklog: For anonymous comments, use the anonymous user's name f...
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Fri Sep 11 11:54:44 EDT 2009
details: http://project.geeklog.net/cgi-bin/hgweb.cgi/rev/132a67d1d0bf
changeset: 7305:132a67d1d0bf
user: Dirk Haun <dirk at haun-online.de>
date: Fri Sep 11 16:20:05 2009 +0200
description:
For anonymous comments, use the anonymous user's name from the database, not from the language file (cf. bug #0000960)
diffstat:
public_html/docs/history | 2 ++
system/lib-comment.php | 18 ++++++++++--------
2 files changed, 12 insertions(+), 8 deletions(-)
diffs (47 lines):
diff -r b7a7ff3e25aa -r 132a67d1d0bf public_html/docs/history
--- a/public_html/docs/history Fri Sep 11 13:19:25 2009 +0200
+++ b/public_html/docs/history Fri Sep 11 16:20:05 2009 +0200
@@ -3,6 +3,8 @@
Oct ??, 2009 (1.6.1)
------------
+- For anonymous comments, use the anonymous user's name from the database, not
+ from the language file (cf. bug #0000960) [Dirk]
- The session and password cookies are now created with the HttpOnly flag set
to make it somewhat harder to read them from JavaScript (requires browser
support) [Dirk]
diff -r b7a7ff3e25aa -r 132a67d1d0bf system/lib-comment.php
--- a/system/lib-comment.php Fri Sep 11 13:19:25 2009 +0200
+++ b/system/lib-comment.php Fri Sep 11 16:20:05 2009 +0200
@@ -930,7 +930,7 @@
$name = htmlspecialchars(COM_checkWords(strip_tags(
COM_stripslashes($_COOKIE[$_CONF['cookie_anon_name']]))));
} else {
- $name = $LANG03[24]; // anonymous user
+ $name = COM_getDisplayName(1); // anonymous user
}
$usernameblock = '<input type="text" name="username" size="16" value="' .
$name . '" maxlength="32"' . XHTML . '>';
@@ -1101,13 +1101,15 @@
$comment = addslashes(CMT_prepareText($comment, $postmode, $type));
$title = addslashes(COM_checkWords(strip_tags($title)));
- if (isset($_POST['username']) && strcmp($_POST['username'],$LANG03[24]) != 0
- && $uid == 1) {
- $name = COM_checkWords(strip_tags(COM_stripslashes($_POST['username'])));
- setcookie($_CONF['cookie_anon_name'], $name, time() + 31536000,
- $_CONF['cookie_path'], $_CONF['cookiedomain'],
- $_CONF['cookiesecure']);
- $name = addslashes($name);
+ if (($uid == 1) && isset($_POST['username'])) {
+ $anon = COM_getDisplayName(1);
+ if (strcmp($_POST['username'], $anon) != 0) {
+ $name = COM_checkWords(strip_tags(COM_stripslashes($_POST['username'])));
+ setcookie($_CONF['cookie_anon_name'], $name, time() + 31536000,
+ $_CONF['cookie_path'], $_CONF['cookiedomain'],
+ $_CONF['cookiesecure']);
+ $name = addslashes($name);
+ }
}
// check for non-int pid's
More information about the geeklog-cvs
mailing list