Fix one design failure in phpBB3. Do not count non-approved posts to the user_posts. Before, a user was able to circumvent basically any protection based on post counts.

At the same time implement the queue_trigger feature. git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8805 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-07-31 05:50:42 +02:00 · 2008-09-02 06:36:24 +00:00
parent 7f813a9ef6
commit 5c4870fcce
8 changed files with 72 additions and 28 deletions
--- a/phpBB/includes/mcp/mcp_post.php
+++ b/phpBB/includes/mcp/mcp_post.php
@@ -415,8 +415,8 @@ function change_poster(&$post_info, $userdata)
 		sync('forum', 'forum_id', $post_info['forum_id'], false, false);
 	}

-	// Adjust post counts
-	if ($post_info['post_postcount'])
+	// Adjust post counts... only if the post is approved (else, it was not added the users post count anyway)
+	if ($post_info['post_postcount'] && $post_info['post_approved'])
 	{
 		$sql = 'UPDATE ' . USERS_TABLE . '
 			SET user_posts = user_posts - 1
@@ -470,11 +470,11 @@ function change_poster(&$post_info, $userdata)
 	if (file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx))
 	{
 		require("{$phpbb_root_path}includes/search/$search_type.$phpEx");
-	
+
 		// We do some additional checks in the module to ensure it can actually be utilised
 		$error = false;
 		$search = new $search_type($error);
-	
+
 		if (!$error && method_exists($search, 'destroy_cache'))
 		{
 			$search->destroy_cache(array(), array($post_info['user_id'], $userdata['user_id']));