aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB
diff options
context:
space:
mode:
authorAndreas Fischer <bantu@phpbb.com>2010-03-05 18:51:30 +0100
committerAndreas Fischer <bantu@phpbb.com>2010-03-05 18:51:30 +0100
commit7f991e848042fe43849d4e2e31bbf9c7ff3afce3 (patch)
tree3c87e8502e490f58c96ed970113602bba8517061 /phpBB
parentac329275662f737f03f485107cb69412739c1afa (diff)
downloadforums-7f991e848042fe43849d4e2e31bbf9c7ff3afce3.tar
forums-7f991e848042fe43849d4e2e31bbf9c7ff3afce3.tar.gz
forums-7f991e848042fe43849d4e2e31bbf9c7ff3afce3.tar.bz2
forums-7f991e848042fe43849d4e2e31bbf9c7ff3afce3.tar.xz
forums-7f991e848042fe43849d4e2e31bbf9c7ff3afce3.zip
Fix Bug #58595 - ATOM Feed exposes forum content under some circumstances.
Diffstat (limited to 'phpBB')
-rw-r--r--phpBB/docs/CHANGELOG.html1
-rw-r--r--phpBB/feed.php2
2 files changed, 2 insertions, 1 deletions
diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index 3042027e83..112e8451cd 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -99,6 +99,7 @@
<li>[Fix] Add terminating semicolons to JavaScript code. (Bug #58085 - Patch by nn-)</li>
<li>[Fix] Minor language fixes. (Bug #54855)</li>
<li>[Fix] Parsing urls in signatures properly uses config settings. (Bug #57105)</li>
+ <li>[Fix] Do not expose forum content of forums with ACL entries but no actual permission in ATOM Feeds. (Bug #58595)</li>
<li>[Feature] Support for Microsoft's Native SQL Server Driver for PHP (Bug #57055 - Patch by Chris Pucci at Microsoft)</li>
</ul>
diff --git a/phpBB/feed.php b/phpBB/feed.php
index 1832efbc61..a42aa42a7f 100644
--- a/phpBB/feed.php
+++ b/phpBB/feed.php
@@ -522,7 +522,7 @@ class phpbb_feed_base
if (!isset($forum_ids))
{
- $forum_ids = array_keys($auth->acl_getf('f_read'));
+ $forum_ids = array_keys($auth->acl_getf('f_read', true));
}
return $forum_ids;
generated by cgit v1.2.1 (git 2.21.0) at 2024-11-26 09:44:21 +0000