diff options
author | Dries Buytaert <dries@buytaert.net> | 2006-01-06 16:21:34 +0000 |
---|---|---|
committer | Dries Buytaert <dries@buytaert.net> | 2006-01-06 16:21:34 +0000 |
commit | 859e045db6ead718e54bb66c3866ae7c3bf6d11a (patch) | |
tree | f9d2e99dbd647308bc65afa8aeb1f66b886f831b /modules/node.module | |
parent | 9d1d40e609061a3498d1eeee3d733513a462df37 (diff) | |
download | brdo-859e045db6ead718e54bb66c3866ae7c3bf6d11a.tar.gz brdo-859e045db6ead718e54bb66c3866ae7c3bf6d11a.tar.bz2 |
- Patch #42955 by Cvbge: critical bugfix: users can't create new content.
Diffstat (limited to 'modules/node.module')
-rw-r--r-- | modules/node.module | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/modules/node.module b/modules/node.module index 685509cf3..3c7283b0e 100644 --- a/modules/node.module +++ b/modules/node.module @@ -2167,8 +2167,10 @@ function node_form_alter($form_id, &$form) { * - "view" * - "update" * - "delete" + * - "create" * @param $node - * The node object (or node array) on which the operation is to be performed. + * The node object (or node array) on which the operation is to be performed, + * or node type (e.g. 'forum') for "create" operation. * @param $uid * The user ID on which the operation is to be performed. * @return @@ -2176,8 +2178,9 @@ function node_form_alter($form_id, &$form) { */ function node_access($op, $node = NULL, $uid = NULL) { // Convert the node to an object if necessary: - $node = (object)$node; - + if ($op != 'create') { + $node = (object)$node; + } // If the node is in a restricted format, disallow editing. if ($op == 'update' && !filter_access($node->format)) { return FALSE; @@ -2200,7 +2203,7 @@ function node_access($op, $node = NULL, $uid = NULL) { // If the module did not override the access rights, use those set in the // node_access table. - if ($node->nid && $node->status) { + if ($op != 'create' && $node->nid && $node->status) { $grants = array(); foreach (node_access_grants($op, $uid) as $realm => $gids) { foreach ($gids as $gid) { |