The function forum_access_access() has an optional parameter where you can pass in a user object to check for access rights for a particular forum $tid and access type ('update') for a particular user.
If you don't pass a user object in then the current user is assumed via global $user. There is one private function in forum_access_access() that uses the $user object as a parameter but if forum_access_access() has been invoked with the optional user object parameter then $user doesn't exist but $account does.
The attached patch changes the parameter sent to the private function _forum_access_get_roles() to $account.
This is the case in both d5 and d6 versions.
Comment | File | Size | Author |
---|---|---|---|
forum_access-d6.module.patch | 730 bytes | jaydub | |
forum_access-d5.module.patch | 738 bytes | jaydub | |
Comments
Comment #1
salvisCommitted to both -dev versions.
Thanks for fixing this ugly bug!