mbirth/LuckyCoinkydink
Archived
1
0
Fork 0
Code Issues Pull Requests Activity

fix non-admin user select and delete comments.

Browse Source 
Thanks to berberic (forum)
This commit is contained in:
Ian
2015-01-12 12:12:03 +01:00
parent 4433f91e69
commit 05f14a9f5a
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/functions_comments.inc.php
View File

@ -541,7 +541,7 @@ function serendipity_deleteComment($id, $entry_id, $type='comments', $token=fals
// Load articles author id and check it // Load articles author id and check it
$sql = serendipity_db_query("SELECT authorid FROM {$serendipity['dbPrefix']}entries $sql = serendipity_db_query("SELECT authorid FROM {$serendipity['dbPrefix']}entries
WHERE entry_id = ". $entry_id, true); WHERE id = ". $entry_id, true);
if ($sql['authorid'] != $serendipity['authorid']) { if ($sql['authorid'] != $serendipity['authorid']) {
return false; // wrong user having no adminEntriesMaintainOthers right return false; // wrong user having no adminEntriesMaintainOthers right
} }