1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Fixed Spam check on posts in save action, but not save-inline

Discussion in 'Resolved Bug Reports' started by Jon W, Jan 21, 2015.

  1. Jon W

    Jon W Well-Known Member

    I might be missing something here, but it seems that if a spammer makes a post without any spam in it and then edits it (assuming they have permission) then as long as they edit it using the inline editor then it won't get checked for spam and so they can then post whatever they like.

    This is because the actionSaveInline function in XenForo_ControllerPublic_Post doesn't have any spam checking in it.
     
    lazy llama likes this.
  2. Mike

    Mike XenForo Developer Staff Member

    Good catch, sorted now. (Not sure how I didn't manage to reproduce this when initially developing it.)
     
  3. Stuart Wright

    Stuart Wright Well-Known Member

    Nice spot John. We had noticed plenty of spam where the first (and only) post was edited and an invisible cookie stuffing image had been appended. There is no way to detect that invisible image, so the offenders got away with it for more than 6 months.
    Thanks for fixing, Mike.
     
    Jon W likes this.

Share This Page