afuna: Cat under a blanket. Text: "Cats are just little people with Fur and Fangs" (Default)
afuna ([personal profile] afuna) wrote in [site community profile] changelog2009-03-28 02:18 pm
  • Add Memory
  • Share This Entry

[dw-free] replying from inside the email for openID users doesn't work

[commit: http://hg.dwscoalition.org/dw-free/rev/91128c403d5e]

http://bugs.dwscoalition.org/show_bug.cgi?id=314

Only allow a reply if the currently logged-in user is the user the email
notification was sent to.

Patch by [personal profile] juliet.

Files modified:
  • cgi-bin/talklib.pl
--------------------------------------------------------------------------------
diff -r 3ad73872c71d -r 91128c403d5e cgi-bin/talklib.pl
--- a/cgi-bin/talklib.pl	Sat Mar 28 13:53:55 2009 +0000
+++ b/cgi-bin/talklib.pl	Sat Mar 28 14:17:36 2009 +0000
@@ -2890,9 +2890,11 @@ sub init {
     }
 
     my $cookie_auth;
-    if ($form->{'usertype'} eq "cookieuser") {
+    if (($form->{'usertype'} eq "user") || 
+        ($form->{'usertype'} eq "cookieuser")) {
+        my $userpost = $form->{'userpost'} || $form->{'cookieuser'};
         $bmlerr->("$SC.error.lostcookie")
-            unless ($remote && $remote->{'user'} eq $form->{'cookieuser'});
+            unless $remote && $remote->{'user'} eq $userpost;
         return undef if @$errret;
 
         $cookie_auth = 1;
--------------------------------------------------------------------------------
  • Add Memory
  • Share This Entry
(0 comments)

Post a comment in response:

This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting

If you are unable to use this captcha for any reason, please contact us by email at support@dreamwidth.org

 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.