From 57f3628ea3cb3b812f0149da3cce08fd0453751b Mon Sep 17 00:00:00 2001
From: Alexander Ebert <ebert@woltlab.com>
Date: Fri, 26 Apr 2024 13:24:27 +0200
Subject: [PATCH] Bind the tmpHash to the user id if logged-in

---
 files/lib/page/ConversationPage.class.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/files/lib/page/ConversationPage.class.php b/files/lib/page/ConversationPage.class.php
index 2d4e67f..bcf262c 100644
--- a/files/lib/page/ConversationPage.class.php
+++ b/files/lib/page/ConversationPage.class.php
@@ -326,12 +326,17 @@ class ConversationPage extends MultipleLinkPage
 
         MessageQuoteManager::getInstance()->assignVariables();
 
+        $identifier = WCF::getUser()->userID;
+        if ($identifier === 0) {
+            // Bind the tmpHash to the current session to make it unguessable.
+            $identifier = WCF::getSession()->sessionID;
+        }
+
         $tmpHash = \sha1(\implode("\0", [
             // Use class name + conversation ID to match the autosave scoping.
             self::class,
             $this->conversation->conversationID,
-            // Bind the tmpHash to the current session to make it unguessable.
-            WCF::getSession()->sessionID,
+            $identifier,
         ]));
         $attachmentHandler = new AttachmentHandler('com.woltlab.wcf.conversation.message', 0, $tmpHash, 0);
 
-- 
2.20.1