diff options
Diffstat (limited to 'phpBB/posting.php')
| -rw-r--r-- | phpBB/posting.php | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/phpBB/posting.php b/phpBB/posting.php index 76c8100c78..61df10b125 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -196,6 +196,7 @@ if ($post_data['forum_password']) { login_forum_box(array( 'forum_id' => $forum_id, + 'forum_name' => $post_data['forum_name'], 'forum_password' => $post_data['forum_password']) ); } @@ -1018,7 +1019,7 @@ if ($submit || $preview || $refresh) $forum_type = (int) $db->sql_fetchfield('forum_type'); $db->sql_freeresult($result); - if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id) || (!$auth->acl_get('m_approve', $to_forum_id) && !$auth->acl_get('f_noapprove', $to_forum_id))) + if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id) || !$auth->acl_get('f_noapprove', $to_forum_id)) { $to_forum_id = 0; } @@ -1130,16 +1131,23 @@ if ($submit || $preview || $refresh) $data['topic_replies'] = $post_data['topic_replies']; } + // Only return the username when it is either a guest posting or we are editing a post and + // the username was supplied; otherwise post_data might hold the data of the post that is + // being quoted (which could result in the username being returned being that of the quoted + // post's poster, not the poster of the current post). See: PHPBB3-11769 for more information. + $post_author_name = ((!$user->data['is_registered'] || $mode == 'edit') && $post_data['username'] !== '') ? $post_data['username'] : ''; + // The last parameter tells submit_post if search indexer has to be run - $redirect_url = submit_post($mode, $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false); + $redirect_url = submit_post($mode, $post_data['post_subject'], $post_author_name, $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false); if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote')) { $captcha->reset(); } - // Check the permissions for post approval. Moderators are not affected. - if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id']) && empty($data['force_approved_state'])) || (isset($data['force_approved_state']) && !$data['force_approved_state'])) + // Check the permissions for post approval. + // Moderators must go through post approval like ordinary users. + if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && empty($data['force_approved_state'])) || (isset($data['force_approved_state']) && !$data['force_approved_state'])) { meta_refresh(10, $redirect_url); $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD']; |