Ian's patch: check goodtoken instead of token while approving comments

via email link
2012-03-01 13:41:27 +01:00
parent 06f4ab7c3f
commit 8d828e1fc3
1 changed files with 1 additions and 1 deletions
--- a/include/functions_comments.inc.php
+++ b/include/functions_comments.inc.php
@ -658,7 +658,7 @@ function serendipity_approveComment($cid, $entry_id, $force = false, $moderate =
    $rs  = serendipity_db_query($sql, true);
    
    // Check for adminEntriesMaintainOthers
-    if (!$force && !$token && $rs['entry_authorid'] != $serendipity['authorid'] && !serendipity_checkPermission('adminEntriesMaintainOthers')) {
+    if (!$force && !$goodtoken && $rs['entry_authorid'] != $serendipity['authorid'] && !serendipity_checkPermission('adminEntriesMaintainOthers')) {
        return false; // wrong user having no adminEntriesMaintainOthers right
    }