From 927fb79b0c670a68f97223cff3c03540357bbe03 Mon Sep 17 00:00:00 2001
From: Aryeh Gregor <simetrical@users.mediawiki.org>
Date: Thu, 10 Jan 2008 19:27:49 +0000
Subject: [PATCH] Right, *this* was the vulnerability that existed.  Users
 couldn't mark the other edits bot, but they could mark their own rollback
 revision as bot.

---
 includes/Article.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/includes/Article.php b/includes/Article.php
index e5f0bc7048..0481f2d1c3 100644
--- a/includes/Article.php
+++ b/includes/Article.php
@@ -2368,7 +2368,7 @@ class Article {
 		if ($wgUser->isAllowed('minoredit'))
 			$flags |= EDIT_MINOR;
 
-		if( $bot )
+		if( $bot && ($wgUser->isAllowed('markbotedits') || $wgUser->isAllowed('bot')) )
 			$flags |= EDIT_FORCE_BOT;
 		$this->doEdit( $target->getText(), $summary, $flags );
 
-- 
2.20.1