mirror of
https://github.com/e107inc/e107.git
synced 2025-07-13 11:06:20 +02:00
FIX user can transfer his moderator permissions from one forum to an other forum
I am working further on the moderator permissions and discovered that my previous commit
692509f is a bad solution. Because the moderator submits the threadId and postID for the post
who he wants to delete. This threadId was used to check the moderator permissions of the postId.
So if a moderator has only permissions for one forum, he could change the transmitted threadId
in an other forum to get there also moderator permisssions...
Sorry that I did not noticed this glitch before I made the previous commit. :-/
This commit is contained in:
phibel
@ -368,28 +368,46 @@ class e107forum
|
||||
}
|
||||
|
||||
|
||||
public function ajaxModerate()
|
||||
/**
|
||||
* get user ids with moderator permissions for the given $postId
|
||||
* @param $postId id of a forum post
|
||||
* @return an array with user ids how have moderator permissions for the $postId
|
||||
*/
|
||||
public function getModeratorUserIdsByPostId($postId)
|
||||
{
|
||||
$ret = array('hide' => false, 'msg' => 'unkown', 'status' => 'error');
|
||||
$modArray = array();
|
||||
|
||||
// get moderator-class for the thread to check permissions of the user
|
||||
if (isset($_POST['thread']))
|
||||
{
|
||||
$threadId = intval($_POST['thread']);
|
||||
|
||||
$sql = e107::getDb();
|
||||
$query = "SELECT f.forum_moderators
|
||||
FROM #forum AS f
|
||||
INNER JOIN #forum_thread AS ft ON f.forum_id = ft.thread_forum_id
|
||||
WHERE ft.thread_id = ". $threadId;
|
||||
$sql->gen($query);
|
||||
INNER JOIN #forum_post AS fp ON ft.thread_id = fp.post_thread
|
||||
WHERE fp.post_id = ". $postId;
|
||||
if ($sql->gen($query) > 0)
|
||||
{
|
||||
$row = $sql->fetch();
|
||||
$modArray = $this->forumGetMods($row[forum_moderators]);
|
||||
return array_keys($this->forumGetMods($row['forum_moderators']));
|
||||
}
|
||||
return array();
|
||||
}
|
||||
|
||||
|
||||
public function ajaxModerate()
|
||||
{
|
||||
$ret = array('hide' => false, 'msg' => 'unkown', 'status' => 'error');
|
||||
$moderatorUserIds = array();
|
||||
|
||||
if (isset($_POST['thread']) && is_numeric($_POST['thread']))
|
||||
{
|
||||
$threadId = intval($_POST['thread']);
|
||||
}
|
||||
|
||||
if (isset($_POST['post']) && is_numeric($_POST['post']))
|
||||
{
|
||||
$postId = intval($_POST['post']);
|
||||
$moderatorUserIds = $this->getModeratorUserIdsByPostId($postId);
|
||||
}
|
||||
|
||||
// Check if user has moderator permissions for this thread
|
||||
if(!in_array(USERID, array_keys($modArray)))
|
||||
if(!in_array(USERID, $moderatorUserIds))
|
||||
{
|
||||
$ret['msg'] = ''.LAN_FORUM_8030.' '. json_encode($_POST);
|
||||
$ret['hide'] = false;
|
||||
@ -414,7 +432,7 @@ class e107forum
|
||||
break;
|
||||
|
||||
case 'deletepost':
|
||||
if(!$postId = vartrue($_POST['post']))
|
||||
if(!$postId)
|
||||
{
|
||||
// echo "No Post";
|
||||
// exit;
|
||||
|
||||
@ -889,7 +889,7 @@
|
||||
// if(!$this->forum->threadDetermineInitialPost($this->postInfo['post_id']))
|
||||
if(empty($this->postInfo['thread_start']))
|
||||
{
|
||||
$text .= "<li class='text-right'><a href='" . e_REQUEST_URI . "' data-forum-action='deletepost' data-forum-thread='" . $this->postInfo['post_thread'] . "' data-forum-post='" . $this->postInfo['post_id'] . "'>" . LAN_DELETE . " " . $tp->toGlyph('trash') . "</a></li>";
|
||||
$text .= "<li class='text-right'><a href='" . e_REQUEST_URI . "' data-forum-action='deletepost' data-forum-post='" . $this->postInfo['post_id'] . "'>" . LAN_DELETE . " " . $tp->toGlyph('trash') . "</a></li>";
|
||||
}
|
||||
|
||||
if($type == 'thread')
|
||||
|
||||
Reference in New Issue
Block a user