aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/posting.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/posting.php')
-rw-r--r--phpBB/posting.php10
1 files changed, 8 insertions, 2 deletions
diff --git a/phpBB/posting.php b/phpBB/posting.php
index ac459197b3..1609382551 100644
--- a/phpBB/posting.php
+++ b/phpBB/posting.php
@@ -697,7 +697,7 @@ if ($submit || $preview || $refresh)
$message_parser->message = utf8_normalize_nfc(request_var('message', '', true));
$post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true));
- $post_data['post_edit_reason'] = ($request->variable('edit_reason', false, false, phpbb_request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : '';
+ $post_data['post_edit_reason'] = ($request->variable('edit_reason', false, false, \phpbb\request\request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : '';
$post_data['orig_topic_type'] = $post_data['topic_type'];
$post_data['topic_type'] = request_var('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL));
@@ -1152,8 +1152,14 @@ if ($submit || $preview || $refresh)
$data['topic_posts_softdeleted'] = $post_data['topic_posts_softdeleted'];
}
+ // Only return the username when it is either a guest posting or we are editing a post and
+ // the username was supplied; otherwise post_data might hold the data of the post that is
+ // being quoted (which could result in the username being returned being that of the quoted
+ // post's poster, not the poster of the current post). See: PHPBB3-11769 for more information.
+ $post_author_name = ((!$user->data['is_registered'] || $mode == 'edit') && $post_data['username'] !== '') ? $post_data['username'] : '';
+
// The last parameter tells submit_post if search indexer has to be run
- $redirect_url = submit_post($mode, $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false);
+ $redirect_url = submit_post($mode, $post_data['post_subject'], $post_author_name, $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false);
if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
{
generated by cgit v1.2.1 (git 2.21.0) at 2025-03-23 02:38:52 +0000