Topic: Username editable (Read 3453 times)

StoneHalo · « **on:** January 12, 2004, 05:09:07 pm »

I have the integration with vBulletin. I noticed when editing a comment it allows them to change their username (the name of the person leaving the comment), this isn't good!

Could a future version only allow the content of the comment to be editable, not the username?

Thanks

Nibbler · « **Reply #1 on:** January 12, 2004, 07:06:32 pm »

I had this issue before here. My solution was to make these changes:

Change:

Code: [Select]


$update = db_query("UPDATE {$CONFIG['TABLE_COMMENTS']} SET msg_body='$msg_body', msg_author='$msg_author' WHERE msg_id='$msg_id' AND author_id ='" . USER_ID . "' LIMIT 1");

to:

Code: [Select]


$update = db_query("UPDATE {$CONFIG['TABLE_COMMENTS']} SET msg_body='$msg_body', WHERE msg_id='$msg_id' AND author_id ='" . USER_ID . "' LIMIT 1");

and:

Code: [Select]


$update = db_query("UPDATE {$CONFIG['TABLE_COMMENTS']} SET msg_body='$msg_body', msg_author='$msg_author' WHERE msg_id='$msg_id' AND author_md5_id ='{$USER['ID']}' AND author_id = '0' LIMIT 1");

to:

Code: [Select]


$update = db_query("UPDATE {$CONFIG['TABLE_COMMENTS']} SET msg_body='$msg_body' WHERE msg_id='$msg_id' AND author_md5_id ='{$USER['ID']}' AND author_id = '0' LIMIT 1");

Now only admin can change the name of the poster. It would be nice to stop the name box being changeable too, but I couldnt find where to do that.

StoneHalo · « **Reply #2 on:** January 12, 2004, 07:47:52 pm »

Ok, thanks, I'll try that. What file do I make these changes in?

Nibbler · « **Reply #3 on:** January 12, 2004, 08:00:04 pm »

db_input.php

StoneHalo · « **Reply #4 on:** January 12, 2004, 09:47:42 pm »

Thanks Nibbler.

If anyone knows a way to disable the usename being editable when editing a comment please let us know!

Joachim Müller · « **Reply #5 on:** January 13, 2004, 05:39:37 am »

just made a tracker out of this bugger: #875870

GauGau

StoneHalo · « **Reply #6 on:** January 13, 2004, 11:41:32 am »

Thanks GauGau

I'll keep an eye on it.

Joachim Müller · « **Reply #7 on:** January 29, 2004, 08:48:25 am »

just committed the changes Nibbler proposd to the devel branch of the cvs and updated the tracker. Waiting for a dev team member to confirm the fix.

GauGau

Flappo · « **Reply #8 on:** March 16, 2004, 05:05:07 pm »

The solution above did not work at mine so i did the following:

i removed

Code: [Select]

, msg_author='$msg_author'

from

Code: [Select]

  $update = db_query("UPDATE {$CONFIG['TABLE_COMMENTS']} SET msg_body='$msg_body', msg_author='$msg_author' WHERE msg_id='$msg_id' AND author_id ='" . USER_ID . "' LIMIT 1");

maybe it is not the finest solution, but it works.... if a user changes his name while editing a comment the query does not change the name of the user.. only when you are admin you can change it.....

News:

Author Topic: Username editable (Read 3453 times)

StoneHalo

Username editable

Nibbler

Username editable

StoneHalo

Username editable

Nibbler

Username editable

StoneHalo

Username editable

Joachim Müller

Username editable

StoneHalo

Username editable

Joachim Müller

Username editable

Flappo

Username editable