r29547 MediaWiki - Code Review archive
Repository:
MediaWiki
Revision:
<
r29546
|
r29547
|
r29548
>
Date:
19:27, 10 January 2008
Author:
simetrical
Status:
old
Tags:
Comment:
Right, *this* was the vulnerability that existed. Users couldn't mark the other edits bot, but they could mark their own rollback revision as bot.
Modified paths:
/trunk/phase3/includes/Article.php
(modified) (
history
)
Diff
[
purge
]
Index: trunk/phase3/includes/Article.php
—
—
@@ -2368,7 +2368,7 @@
2369
2369
if ($wgUser->isAllowed('minoredit'))
2370
2370
$flags |= EDIT_MINOR;
2371
2371
2372
- if( $bot )
2372
+ if( $bot && ($wgUser->isAllowed('markbotedits') || $wgUser->isAllowed('bot')) )
2373
2373
$flags |= EDIT_FORCE_BOT;
2374
2374
$this->doEdit( $target->getText(), $summary, $flags );
2375
2375
Status & tagging log
15:23, 12 September 2011
Meno25
(
talk
|
contribs
)
changed the
status
of r29547
[
removed:
ok
added:
old]