From 2c8afb820e3842bed2ab6cec4053e71b5c566985 Mon Sep 17 00:00:00 2001
From: Meik Sievertsen <acydburn@phpbb.com>
Date: Tue, 6 Jun 2006 10:54:51 +0000
Subject: make sure we check the attachment status for the correct user ;)

git-svn-id: file:///svn/phpbb/trunk@6014 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/includes/message_parser.php | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'phpBB/includes/message_parser.php')

diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php
index 344fdff8a6..e4be20a91b 100644
--- a/phpBB/includes/message_parser.php
+++ b/phpBB/includes/message_parser.php
@@ -1116,13 +1116,15 @@ class parse_message extends bbcode_firstpass
 	/**
 	* Get Attachment Data
 	*/
-	function get_submitted_attachment_data()
+	function get_submitted_attachment_data($check_user_id = false)
 	{
 		global $user, $db, $phpbb_root_path, $phpEx, $config;
 
 		$this->filename_data['filecomment'] = request_var('filecomment', '', true);
 		$this->attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array();
 
+		$check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id;
+
 		// Regenerate data array...
 		$attach_ids = $filenames = array();
 
@@ -1149,7 +1151,7 @@ class parse_message extends bbcode_firstpass
 			$sql = 'SELECT attach_id, physical_filename, real_filename, extension, mimetype, filesize, filetime, thumbnail
 				FROM ' . ATTACHMENTS_TABLE . '
 				WHERE attach_id IN (' . implode(', ', array_keys($attach_ids)) . ')
-					AND poster_id = ' . $user->data['user_id'];
+					AND poster_id = ' . $check_user_id;
 			$result = $db->sql_query($sql);
 
 			while ($row = $db->sql_fetchrow($result))
@@ -1167,7 +1169,7 @@ class parse_message extends bbcode_firstpass
 
 			if (sizeof($attach_ids))
 			{
-				trigger_error('NO_ACCESS_ATTACHMENT');
+				trigger_error($user->lang['NO_ACCESS_ATTACHMENT'], E_USER_ERROR);
 			}
 		}
 
@@ -1175,7 +1177,7 @@ class parse_message extends bbcode_firstpass
 		if (sizeof($filenames))
 		{
 			include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx);
-			
+
 			$sql = 'SELECT attach_id
 				FROM ' . ATTACHMENTS_TABLE . "
 				WHERE LOWER(physical_filename) IN ('" . implode("', '", array_map('strtolower', $filenames)) . "')";
@@ -1185,7 +1187,7 @@ class parse_message extends bbcode_firstpass
 
 			if ($row)
 			{
-				trigger_error('NO_ACCESS_ATTACHMENT');
+				trigger_error($user->lang['NO_ACCESS_ATTACHMENT'], E_USER_ERROR);
 			}
 
 			foreach ($filenames as $pos => $physical_filename)
-- 
cgit v1.2.1