diff options
| author | Andreas Fischer <bantu@phpbb.com> | 2009-12-09 21:33:25 +0000 |
|---|---|---|
| committer | Andreas Fischer <bantu@phpbb.com> | 2009-12-09 21:33:25 +0000 |
| commit | 25545c06b25644a093f442b42bd97bab627aa3e5 (patch) | |
| tree | 49cf4dca9c2031446b496336eeae6eef4f446eef /phpBB | |
| parent | aedff9c97a72d2e47f8013e14a068400232b258e (diff) | |
| download | forums-25545c06b25644a093f442b42bd97bab627aa3e5.tar forums-25545c06b25644a093f442b42bd97bab627aa3e5.tar.gz forums-25545c06b25644a093f442b42bd97bab627aa3e5.tar.bz2 forums-25545c06b25644a093f442b42bd97bab627aa3e5.tar.xz forums-25545c06b25644a093f442b42bd97bab627aa3e5.zip | |
Let's add some more checks. #54295
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10308 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/feed.php | 28 |
1 files changed, 19 insertions, 9 deletions
diff --git a/phpBB/feed.php b/phpBB/feed.php index ef1bfd48d1..d658e2993b 100644 --- a/phpBB/feed.php +++ b/phpBB/feed.php @@ -66,10 +66,7 @@ if ($feed === false) } // Open Feed -if ($feed->open() === false) -{ - trigger_error('NO_FEED'); -} +$feed->open(); // Iterate through items while ($row = $feed->get_item()) @@ -480,25 +477,33 @@ class phpbb_feed function open() { - global $db, $user; + global $auth, $db, $user; if ($this->topic_id) { - $sql = 'SELECT topic_title + // Topic feed + $sql = 'SELECT forum_id FROM ' . TOPICS_TABLE . ' WHERE topic_id = ' . $this->topic_id; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); + $this->forum_id = (int) $row['forum_id']; $db->sql_freeresult($result); if (empty($row)) { - return false; + trigger_error('NO_TOPIC'); + } + + if (!$auth->acl_get('f_read', $this->forum_id)) + { + trigger_error('SORRY_AUTH_READ'); } } else if ($this->forum_id) { - $sql = 'SELECT forum_name + // Forum feed + $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . $this->forum_id; $result = $db->sql_query($sql); @@ -507,7 +512,12 @@ class phpbb_feed if (empty($row)) { - return false; + trigger_error('NO_FORUM'); + } + + if (!$auth->acl_get('f_read', $this->forum_id)) + { + trigger_error('SORRY_AUTH_READ'); } } |