From 317b9b4e0ca3d620abec0fe0f16ed0c691996dec Mon Sep 17 00:00:00 2001 From: Dries Buytaert Date: Fri, 20 Aug 2010 01:21:14 +0000 Subject: [PATCH] =?UTF-8?q?-=20Patch=20#881578=20by=20G=C3=A1bor=20Hojtsy,?= =?UTF-8?q?=20scor:=20solve=20SA-CORE-2010-002=20issues.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/comment/comment.module | 2 +- modules/file/file.module | 11 +++++++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/modules/comment/comment.module b/modules/comment/comment.module index 02c0b9295e7..ce976d139b1 100644 --- a/modules/comment/comment.module +++ b/modules/comment/comment.module @@ -1398,7 +1398,7 @@ function comment_access($op, $comment) { global $user; if ($op == 'edit') { - return ($user->uid && $user->uid == $comment->uid && user_access('edit own comments')) || user_access('administer comments'); + return ($user->uid && $user->uid == $comment->uid && $comment->status == COMMENT_PUBLISHED && user_access('edit own comments')) || user_access('administer comments'); } } diff --git a/modules/file/file.module b/modules/file/file.module index 0340eb05978..445dc624d49 100644 --- a/modules/file/file.module +++ b/modules/file/file.module @@ -125,9 +125,16 @@ function file_file_download($uri, $field_type = 'file') { // Get the file record based on the URI. If not in the database just return. $files = file_load_multiple(array(), array('uri' => $uri)); if (count($files)) { - $file = reset($files); + foreach ($files as $item) { + // Since some database servers sometimes use a case-insensitive comparison + // by default, double check that the filename is an exact match. + if ($item->uri === $uri) { + $file = $item; + break; + } + } } - else { + if (!isset($file)) { return; }