From 8f535993ed9ba3a82b7c7c694439c66107295f66 Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Sun, 8 Oct 2006 06:09:41 +0000
Subject: [PATCH] - Patch #69202 by AjK, dopry, chx et al: don't allow
 anonymous users to send   themselves a copy.  Prevents spam.

---
 modules/contact/contact.module | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/modules/contact/contact.module b/modules/contact/contact.module
index 573dbc6b2da3..f0a7b60cb59b 100644
--- a/modules/contact/contact.module
+++ b/modules/contact/contact.module
@@ -40,7 +40,7 @@ function contact_help($section) {
  * Implementation of hook_perm
  */
 function contact_perm() {
-  return array('access site-wide contact form', 'access personal contact forms');
+  return array('access site-wide contact form');
 }
 /**
  * Implementation of hook_menu().
@@ -106,7 +106,7 @@ function contact_menu($may_cache) {
           'title' => t('contact'),
           'callback' => 'contact_user_page',
           'type' => MENU_LOCAL_TASK,
-          'access' => ($user->uid && user_access('access personal contact forms')),
+          'access' => $user->uid,
           'weight' => 2,
         );
       }
@@ -475,9 +475,13 @@ function contact_mail_page() {
       '#title' => t('Message'),
       '#required' => TRUE,
     );
-    $form['copy'] = array('#type' => 'checkbox',
-      '#title' => t('Send yourself a copy.'),
-    );
+    // We do not allow anonymous users to send themselves a copy
+    // because it can be abused to spam people.
+    if ($user->uid) {
+      $form['copy'] = array('#type' => 'checkbox',
+        '#title' => t('Send yourself a copy.'),
+      );
+    }
     $form['submit'] = array('#type' => 'submit',
       '#value' => t('Send e-mail'),
     );
-- 
GitLab