Chapril
/
xmpp.chapril.org-ejabberd
mirror of https://github.com/processone/ejabberd.git
24
1
Fork 0
Code Releases Activity

* src/mod_muc/mod_muc_room.erl: Owner of a password protected room 

must provide the password, like other participants (EJAB-867)

SVN Revision: 1880
This commit is contained in:
Badlop 2009-02-16 15:57:02 +00:00
parent f6ddd8bc5b
commit 22d87353be
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@ -1,5 +1,8 @@
2009-02-16 Badlop <badlop@process-one.net>
* src/mod_muc/mod_muc_room.erl: Owner of a password protected room
must provide the password, like other participants (EJAB-867)
* src/mod_muc/mod_muc_log.erl: Prevent XSS in MUC logs by
linkifying only a few known protocols (EJAB-850)

5
src/mod_muc/mod_muc_room.erl
View File

@ -1489,7 +1489,7 @@ add_new_user(From, Nick, {xmlelement, _, Attrs, Els} = Packet, StateData) ->
From, Err),
StateData;
{_, _, _, Role} ->
case check_password(Affiliation, Els, StateData) of
case check_password(ServiceAffiliation, Els, StateData) of
true ->
NewState =
add_user_presence(
@ -1546,8 +1546,9 @@ add_new_user(From, Nick, {xmlelement, _, Attrs, Els} = Packet, StateData) ->
end.
check_password(owner, _Els, _StateData) ->
%% Don't check pass if user is owner in MUC service (access_admin option)
true;
check_password(_Affiliation, Els, StateData) ->
check_password(_ServiceAffiliation, Els, StateData) ->
case (StateData#state.config)#config.password_protected of
false ->
true;