Devs is this normal behaviour? (General)
by Chris T, Wednesday, December 09, 2020, 20:46 (527 days ago)
Not sure if the following scenario is normal behaviour for the script or if it's just a bug I have?
User A posts a message that Akismet marks as spam
User B can then go to User A's posting list and click on the spam post and read what was posted with the yellow spam warning box?
Shouldn't the spam post by User A be invisible to User B until the post has been approved by admin or mods?

Devs is this normal behaviour?
by Micha , Wednesday, December 09, 2020, 21:34 (527 days ago) @ Chris T
Hi,
no that is not the intended behaviour. Can you check the following changes? Make a backup of the user.inc.php
!
Open the user.inc.php
and go to the 'show_posts'-case, i.e. line 285f. In line 285f there are two SQL statements (depending on the categories of the forum). Commend both lines and add/repalce the code by the following modified statement:
if ($user_postings_count > 0) { //if ($categories == false) $result = @mysqli_query($connid, "SELECT id, pid, tid, user_id, UNIX_TIMESTAMP(time) AS time, UNIX_TIMESTAMP(time + INTERVAL ".$time_difference." MINUTE) AS disp_time, UNIX_TIMESTAMP(last_reply) AS last_reply, subject, category, marked, sticky FROM ".$db_settings['forum_table']." WHERE user_id = ". intval($id) ." ORDER BY time DESC LIMIT ". intval($ul) .", ". intval($settings['search_results_per_page'])); //else $result = @mysqli_query($connid, "SELECT id, pid, tid, user_id, UNIX_TIMESTAMP(time) AS time, UNIX_TIMESTAMP(time + INTERVAL ".$time_difference." MINUTE) AS disp_time, UNIX_TIMESTAMP(last_reply) AS last_reply, subject, category, marked, sticky FROM ".$db_settings['forum_table']." WHERE user_id = ". intval($id) ." AND category IN (". $category_ids_query .") ORDER BY time DESC LIMIT ". intval($ul) .", ". intval($settings['search_results_per_page'])); $categories_restriction = $categories == false ? "" : " AND category IN (". $category_ids_query .") "; $spam_restriction = !$isModOrAdmin ? " AND `id` NOT IN (SELECT `eid` FROM `" . $db_settings['b8_rating_table'] . "` WHERE `spam` = 1 AND `eid` = `id`) AND `id` NOT IN (SELECT `eid` FROM `" . $db_settings['akismet_rating_table'] . "` WHERE `spam` = 1 AND `eid` = `id`) " : ""; $result = @mysqli_query($connid, "SELECT id, pid, tid, user_id, UNIX_TIMESTAMP(time) AS time, UNIX_TIMESTAMP(time + INTERVAL ".$time_difference." MINUTE) AS disp_time, UNIX_TIMESTAMP(last_reply) AS last_reply, subject, category, marked, sticky FROM `" . $db_settings['forum_table'] . "` WHERE user_id = ". intval($id) . " " . $categories_restriction . " " . $spam_restriction . " ORDER BY time DESC LIMIT ". intval($ul) .", ". intval($settings['search_results_per_page'])); $i = 0;
Does it work as expected for you?
/Micha
--
applied-geodesy.org - OpenSource Least-Squares Adjustment Software for Geodetic Sciences
Devs is this normal behaviour?
by Chris T, Thursday, December 10, 2020, 14:29 (526 days ago) @ Micha
My expertise is not at all good but I can try it, does this fix apply to version 2.4.19? as I didn't want to upgrade anything before Christmas.

Devs is this normal behaviour?
by Micha , Thursday, December 10, 2020, 18:21 (526 days ago) @ Chris T
Hi,
does this fix apply to version 2.4.19?
No, I don't thinks so. I add the changes to 2.5.
/Micha
--
applied-geodesy.org - OpenSource Least-Squares Adjustment Software for Geodetic Sciences
Devs is this normal behaviour?
by Chris T, Friday, December 11, 2020, 00:31 (526 days ago) @ Micha
Is there anything I can do in 2.4.19 to fix? or do we just have to wait for 2.5?
Hello,
in 2.5, some new tables (e.g. for B8 SPAM protection) are added. These tables are not presented in former versions and my modified SQL will not work here. Usually, SPAM postings are deleted by the admins/mods and, thus, this problem rarely occurs. For short: It is not a show stopper nor a security issue, so, I believe, we will fix it only for the new 2.5 version.
/Micha
--
applied-geodesy.org - OpenSource Least-Squares Adjustment Software for Geodetic Sciences
Devs is this normal behaviour?
by Chris T, Friday, December 11, 2020, 14:47 (525 days ago) @ Micha
Thank you for your reply.
I will wait for 2.5
Can I also ask, will I be able to upgrade from 2.4.19 to 2.5 directly? Skipping versions in between.

Devs is this normal behaviour?
by Micha , Saturday, December 12, 2020, 10:58 (524 days ago) @ Chris T
Hi Chris,
Can I also ask, will I be able to upgrade from 2.4.19 to 2.5 directly? Skipping versions in between.
Yes, that is the goal.
/Micha
--
applied-geodesy.org - OpenSource Least-Squares Adjustment Software for Geodetic Sciences