diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2008-09-02 06:36:24 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2008-09-02 06:36:24 +0000 |
| commit | 5c4870fcce2f2a71b74166947939461bea90eac2 (patch) | |
| tree | 5afb093e27c11146d7933f510ba284cda6d7becd /phpBB/includes/acp | |
| parent | 7f813a9ef65fbf3dd24565e3e199ab67b38df70c (diff) | |
| download | forums-5c4870fcce2f2a71b74166947939461bea90eac2.tar forums-5c4870fcce2f2a71b74166947939461bea90eac2.tar.gz forums-5c4870fcce2f2a71b74166947939461bea90eac2.tar.bz2 forums-5c4870fcce2f2a71b74166947939461bea90eac2.tar.xz forums-5c4870fcce2f2a71b74166947939461bea90eac2.zip | |
Fix one design failure in phpBB3. Do not count non-approved posts to the user_posts. Before, a user was able to circumvent basically any protection based on post counts.
At the same time implement the queue_trigger feature.
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8805 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/acp')
| -rw-r--r-- | phpBB/includes/acp/acp_forums.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_main.php | 2 |
2 files changed, 4 insertions, 2 deletions
diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index 8c05cce5b1..fa07c00dee 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -1647,7 +1647,8 @@ class acp_forums $sql = 'SELECT poster_id FROM ' . POSTS_TABLE . ' WHERE forum_id = ' . $forum_id . ' - AND post_postcount = 1'; + AND post_postcount = 1 + AND post_approved = 1'; $result = $db->sql_query($sql); $post_counts = array(); @@ -1768,6 +1769,7 @@ class acp_forums WHERE user_id = ' . $poster_id . ' AND user_posts < ' . $substract; $db->sql_query($sql); + $sql = 'UPDATE ' . USERS_TABLE . ' SET user_posts = user_posts - ' . $substract . ' WHERE user_id = ' . $poster_id . ' diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php index 2999c05f03..8de14cc720 100644 --- a/phpBB/includes/acp/acp_main.php +++ b/phpBB/includes/acp/acp_main.php @@ -186,7 +186,7 @@ class acp_main $sql = 'SELECT COUNT(p.post_id) AS num_posts, u.user_id FROM ' . USERS_TABLE . ' u - LEFT JOIN ' . POSTS_TABLE . ' p ON (u.user_id = p.poster_id AND p.post_postcount = 1) + LEFT JOIN ' . POSTS_TABLE . ' p ON (u.user_id = p.poster_id AND p.post_postcount = 1 AND p.post_approved = 1) GROUP BY u.user_id'; $result = $db->sql_query($sql); |