diff options
| author | Nils Adermann <naderman@naderman.de> | 2011-08-25 23:21:09 -0400 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2011-08-25 23:21:09 -0400 |
| commit | 73aca1a6fb72137befa6b61fba402ebe5e2babe1 (patch) | |
| tree | 8e530b869ead1325644c89e0f5120bd527136d37 /phpBB | |
| parent | 459570bcca9347f4f115e0e53d098b4ebd4ffc1a (diff) | |
| parent | 0d4089da7fab3c4e2f177ad62bed142d4df181e1 (diff) | |
| download | forums-73aca1a6fb72137befa6b61fba402ebe5e2babe1.tar forums-73aca1a6fb72137befa6b61fba402ebe5e2babe1.tar.gz forums-73aca1a6fb72137befa6b61fba402ebe5e2babe1.tar.bz2 forums-73aca1a6fb72137befa6b61fba402ebe5e2babe1.tar.xz forums-73aca1a6fb72137befa6b61fba402ebe5e2babe1.zip | |
Merge branch 'develop-olympus' into develop
* develop-olympus:
[ticket/10320] Exclude passworded forums when determining "Most active topic".
[ticket/10320] Move phpbb_feed_base::get_passworded_forums() to user class.
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/feed.php | 25 | ||||
| -rw-r--r-- | phpBB/includes/functions_display.php | 6 | ||||
| -rw-r--r-- | phpBB/includes/session.php | 33 |
3 files changed, 40 insertions, 24 deletions
diff --git a/phpBB/feed.php b/phpBB/feed.php index 1a09e4da23..aacbb48591 100644 --- a/phpBB/feed.php +++ b/phpBB/feed.php @@ -604,30 +604,9 @@ class phpbb_feed_base function get_passworded_forums() { - global $db, $user; - - // Exclude passworded forums - $sql = 'SELECT f.forum_id, fa.user_id - FROM ' . FORUMS_TABLE . ' f - LEFT JOIN ' . FORUMS_ACCESS_TABLE . " fa - ON (fa.forum_id = f.forum_id - AND fa.session_id = '" . $db->sql_escape($user->session_id) . "') - WHERE f.forum_password <> ''"; - $result = $db->sql_query($sql); - - $forum_ids = array(); - while ($row = $db->sql_fetchrow($result)) - { - $forum_id = (int) $row['forum_id']; - - if ($row['user_id'] != $user->data['user_id']) - { - $forum_ids[$forum_id] = $forum_id; - } - } - $db->sql_freeresult($result); + global $user; - return $forum_ids; + return $user->get_passworded_forums(); } function get_item() diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index 9c27f7eed1..131e3c1321 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -990,13 +990,17 @@ function display_user_activity(&$userdata) } // Obtain active topic + // We need to exclude passworded forums here so we do not leak the topic title + $forum_ary_topic = array_unique(array_merge($forum_ary, $user->get_passworded_forums())); + $forum_sql_topic = (!empty($forum_ary_topic)) ? 'AND ' . $db->sql_in_set('forum_id', $forum_ary_topic, true) : ''; + $sql = 'SELECT topic_id, COUNT(post_id) AS num_posts FROM ' . POSTS_TABLE . ' WHERE poster_id = ' . $userdata['user_id'] . " AND post_postcount = 1 AND (post_approved = 1 $sql_m_approve) - $forum_sql + $forum_sql_topic GROUP BY topic_id ORDER BY num_posts DESC"; $result = $db->sql_query_limit($sql, 1); diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 84ad98d31f..e734c8074f 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -2443,4 +2443,37 @@ class user extends session return true; } + + /** + * Returns all password protected forum ids the user is currently NOT authenticated for. + * + * @return array Array of forum ids + * @access public + */ + function get_passworded_forums() + { + global $db; + + $sql = 'SELECT f.forum_id, fa.user_id + FROM ' . FORUMS_TABLE . ' f + LEFT JOIN ' . FORUMS_ACCESS_TABLE . " fa + ON (fa.forum_id = f.forum_id + AND fa.session_id = '" . $db->sql_escape($this->session_id) . "') + WHERE f.forum_password <> ''"; + $result = $db->sql_query($sql); + + $forum_ids = array(); + while ($row = $db->sql_fetchrow($result)) + { + $forum_id = (int) $row['forum_id']; + + if ($row['user_id'] != $this->data['user_id']) + { + $forum_ids[$forum_id] = $forum_id; + } + } + $db->sql_freeresult($result); + + return $forum_ids; + } } |