Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Update class.discussionmodel.php
GetUnread was not showing new discussions without any comment. Fixed that.
- Loading branch information
1ab2895
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey R-J, unfortunately I'm going to have to quash this out of the 2.1 release. It actually opens up a security hole, because it bypasses the permissions check for those discussions. If you can come up with a way of fixing the original issue without doing that I'd be keen for a different fix.
1ab2895
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Glad you found that! I will look for a way...
1ab2895
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Was a peregrine find :) #1871
1ab2895
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess it is too late and I have no time for testing, but this seems to work:
I'm not sure if this is the best way but using "or" is always risky and so it has to be combined with a permission check.
1ab2895
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I had a look on it and tested it with different discussions (with and without comments, in public and private categories).
Made it to a pull request
Hope it is in time for 2.1 ;)