[mb-devel] Re: [mb-commits] r9411 -
mb_server/trunk/cgi-bin/MusicBrainz/Server
a.mino at free.fr
a.mino at free.fr
Wed Aug 29 09:33:37 UTC 2007
What do you think of adding a new optional parameter to InsertVotes (and
_InsertVote) in Vote.pm, "allowautovote" or something similar, with default
value set to false?
That would prevent voting to its own edits unless it is explicitly permitted,
such as in approve.html.
- Aurélien
Selon Aurélien Mino <a.mino at free.fr>:
> Hi Lukas,
>
> It all comes from this edit [1] where a non-autoeditor voted for its own
> edit.
> I've successfully reproduced this "bypass" on the stagging server [2]
> and wanted to prevent it.
>
> However I did not realize that my commit would break approve feature.
> I'll work on a way to fix it, meanwhile feel free to revert this
> problematic commit (I can't do it now).
>
> [1] http://musicbrainz.org/show/edit/?editid=6889193
> [2] http://test.musicbrainz.org/show/edit/?editid=506
>
> - Aurélien
>
> Lukáš Lalinský wrote:
> > Hi Aurelien,
> >
> > What was the reason for this change? I'm asking because it currently
> > breaks the "Approve" feature, which is intended to work even on your own
> > edits.
> >
> > Lukas
> >
> > On Ut, 2007-08-28 at 22:54 +0000, root at musicbrainz.org wrote:
> >> Author: murdos
> >> Date: 2007-08-28 15:54:18 -0700 (Tue, 28 Aug 2007)
> >> New Revision: 9411
> >>
> >> Modified:
> >> mb_server/trunk/cgi-bin/MusicBrainz/Server/Vote.pm
> >> Log:
> >> Prevent users to vote to their own edits.
> >>
> >>
> >> Modified: mb_server/trunk/cgi-bin/MusicBrainz/Server/Vote.pm
> >> ===================================================================
> >> --- mb_server/trunk/cgi-bin/MusicBrainz/Server/Vote.pm 2007-08-28 09:18:44
> UTC (rev 9410)
> >> +++ mb_server/trunk/cgi-bin/MusicBrainz/Server/Vote.pm 2007-08-28 22:54:18
> UTC (rev 9411)
> >> @@ -65,11 +65,11 @@
> >> $sql->Do("LOCK TABLE vote_open IN EXCLUSIVE MODE");
> >>
> >> my $mod_row = $sql->SelectSingleRowHash(
> >> - "SELECT novotes, status FROM moderation_open WHERE id = ?",
> >> + "SELECT novotes, status, moderator FROM moderation_open WHERE id = ?",
> >> $modid,
> >> );
> >>
> >> - (defined($mod_row) and $mod_row->{status} == STATUS_OPEN)
> >> + (defined($mod_row) and $mod_row->{status} == STATUS_OPEN and
> $mod_row->{moderator} ne $uid)
> >> or return;
> >>
> >> # Find the user's previous (most recent) vote for this mod
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > MusicBrainz-devel mailing list
> > MusicBrainz-devel at lists.musicbrainz.org
> > http://lists.musicbrainz.org/mailman/listinfo/musicbrainz-devel
>
>
> _______________________________________________
> MusicBrainz-devel mailing list
> MusicBrainz-devel at lists.musicbrainz.org
> http://lists.musicbrainz.org/mailman/listinfo/musicbrainz-devel
>
More information about the MusicBrainz-devel
mailing list