[geeklog-hg] geeklog: Fixed a bug where wrong permissions with articles submi...
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Wed Oct 22 10:56:14 EDT 2014
changeset 9541:0b4f271e4504
url: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/0b4f271e4504
user: dengen <taharaxp at gmail.com>
date: Wed Oct 22 23:55:22 2014 +0900
description:
Fixed a bug where wrong permissions with articles submitted by guest users (bug #0001787)
diffstat:
system/classes/story.class.php | 29 ++++++++++++++++++++++++++---
1 files changed, 26 insertions(+), 3 deletions(-)
diffs (53 lines):
diff -r 4510fbe249c2 -r 0b4f271e4504 system/classes/story.class.php
--- a/system/classes/story.class.php Sun Aug 31 12:59:41 2014 -0400
+++ b/system/classes/story.class.php Wed Oct 22 23:55:22 2014 +0900
@@ -1165,8 +1165,8 @@
if (!isset($_CONF['show_topic_icon'])) {
$_CONF['show_topic_icon'] = 1;
}
-
- if (DB_getItem($_TABLES['topics'], 'archive_flag', "tid = '{$tmptid}'") == 1) {
+/*
+ if (DB_getItem($_TABLES['topics'], 'archive_flag', "tid = '{$tmptid}'") == 1) { // A bug using undefined variable $tmptid
$this->_frontpage = 0;
} elseif (isset($_CONF['frontpage'])) {
$this->_frontpage = $_CONF['frontpage'];
@@ -1174,7 +1174,8 @@
$this->_frontpage = 1;
}
- $this->_oldsid = $this->_sid;
+ $this->_oldsid = $this->_sid; // dead code
+*/
$this->_date = mktime();
$this->_featured = 0;
$this->_commentcode = $_CONF['comment_code'];
@@ -1196,6 +1197,28 @@
$this->_perm_anon = $T['perm_anon'];
*/
+ // Save Topics selected
+ TOPIC_saveTopicSelectionControl('article', $this->_sid);
+
+ $sql = "SELECT group_id,perm_owner,perm_group,perm_members,perm_anon,archive_flag "
+ . "FROM {$_TABLES['topics']} t, {$_TABLES['topic_assignments']} ta "
+ . "WHERE ta.type = 'article' AND ta.id = '{$this->_sid}' "
+ . "AND ta.tdefault = 1 AND ta.tid = t.tid";
+ $result = DB_query($sql);
+ $A = DB_fetchArray($result);
+ if ($A['archive_flag'] == 1) {
+ $this->_frontpage = 0;
+ } elseif (isset($_CONF['frontpage'])) {
+ $this->_frontpage = $_CONF['frontpage'];
+ } else {
+ $this->_frontpage = 1;
+ }
+ $this->_group_id = $A['group_id'];
+ $this->_perm_owner = $A['perm_owner'];
+ $this->_perm_group = $A['perm_group'];
+ $this->_perm_members = $A['perm_members'];
+ $this->_perm_anon = $A['perm_anon'];
+
$this->saveToDatabase();
PLG_itemSaved($this->_sid, 'article');
More information about the geeklog-cvs
mailing list