#1869 closed defect (bug) (fixed)
Editing another user's post hijacks the post
Reported by: | Sadr | Owned by: | |
---|---|---|---|
Milestone: | 2.1 | Priority: | high |
Severity: | normal | Version: | 2.0 |
Component: | Extend - Akismet | Keywords: | needs-patch |
Cc: | Sadr |
Description
When I edit a user's post, be it a top post or reply, I hijack the thread, becoming the author of the post.
This is happening on a 20k thread forum migrated from BuddyPress forums to bbPress 2 RC3.
Change History (8)
#3
@
12 years ago
I did a fresh install, made some topics in a BuddyPress forum, converted those to a bbPress 2 forum and tried editing a separate user's posts, but they weren't hijacked. Seems it's something specific to the forum on jmonkeyengine.org. I'll try investigate further, but I don't really know where to go from here.
#4
@
12 years ago
- Component changed from Topics to Anonymous Posting
I forgot to actually test the admin-side, so now I did and here's another finding:
If I edit a post from the admin side, the post is not hijacked. However, I can still see the original poster's IP address being changed to mine upon saving my changes.
(...) Okay, found it. It's Akismet. If I disable Akismet, the bug disappears. I tried on a fresh install, and the same bug appears.
To reproduce:
Have the latest bbPress 2.1 (RC3) and Akisment installed and activated. As admin, edit any other user's post. The author of the post is now the admin.
#5
@
12 years ago
- Component changed from Anonymous Posting to Akismet
- Keywords needs-patch added; reporter-feedback removed
Confirmed. Working on a fix.
admin-side, or theme-side?