fixed a security problem allowing post edits

2003-11-17 01:19:57 +00:00 · 2003-11-17 01:19:57 +00:00 · 065e6a0cd1
commit 065e6a0cd1
parent e69e464721
2 changed files with 3 additions and 1 deletions
--- a/lib/WebGUI/Forum/UI.pm
+++ b/lib/WebGUI/Forum/UI.pm
@ -1921,7 +1921,7 @@ sub www_postSave {
 	}
 	if ($session{form}{forumPostId} > 0) { # edit
 		my $post = WebGUI::Forum::Post->new($session{form}{forumPostId});
-		return WebGUI::Privilege::insufficient unless ($post->getThread->getForum->canPost);
+		return WebGUI::Privilege::insufficient unless ($post->canEdit);
 		if ($post->getThread->getForum->get("addEditStampToPosts")) {
 			$postData{message} .= "\n\n --- (".WebGUI::International::get(1029)." "
                        .WebGUI::DateTime::epochToHuman(WebGUI::DateTime::time())." ".WebGUI::International::get(1030)