The Drupal 7 version of file cleantalk.module includes code to check if the user submitting a form, comment etc. is a logged-in administrator. It does this by checking if the string value "administrator" appears in the array of user roles. The issue is that Drupal allows administrators to change the name of this role, and so the check can fail. A more reliable check is to see if the user role array has a value set for key 3.

I don't think this a problem for Drupal 8 because it appears that the value of the key for the administrator role is in fact "administrator", and Drupal 8 appears to have an isAdmin() function that's probably a better check anyway.

https://www.drupal.org/node/1619504

https://api.drupal.org/api/drupal/core%21modules%21user%21src%21RoleInte...

Patch attached for 7.x.

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

sah62 created an issue. See original summary.

sah62’s picture

Sigh, missing ")" in the first patch file. Here's a fixed version.

Serge-M’s picture

Hello.

Thank you for pointing this out.

We will fix this issue in 1-2 working day.

Best regards.

znaeff’s picture

Status: Active » Fixed

Thank you for your patch. This fixes will be included on the next stable release.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.