From 8e5e954438b232f4ce7aec6a5db3d52b974c07a8 Mon Sep 17 00:00:00 2001 From: Nicofuma Date: Sun, 22 Feb 2015 23:36:27 +0100 Subject: [ticket/13645] Move the feeds to controllers PHPBB3-13645 --- phpBB/phpbb/feed/topic.php | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'phpBB/phpbb/feed/topic.php') diff --git a/phpBB/phpbb/feed/topic.php b/phpBB/phpbb/feed/topic.php index 66c49e55cf..c916d3bccc 100644 --- a/phpBB/phpbb/feed/topic.php +++ b/phpBB/phpbb/feed/topic.php @@ -13,6 +13,11 @@ namespace phpbb\feed; +use phpbb\feed\exception\no_feed_exception; +use phpbb\feed\exception\no_topic_exception; +use phpbb\feed\exception\unauthorized_forum_exception; +use phpbb\feed\exception\unauthorized_topic_exception; + /** * Topic feed for a specific topic * @@ -50,7 +55,7 @@ class topic extends \phpbb\feed\post_base if (empty($this->topic_data)) { - trigger_error('NO_TOPIC'); + throw new no_topic_exception($this->topic_id); } $this->forum_id = (int) $this->topic_data['forum_id']; @@ -58,19 +63,19 @@ class topic extends \phpbb\feed\post_base // Make sure topic is either approved or user authed if ($this->topic_data['topic_visibility'] != ITEM_APPROVED && !$this->auth->acl_get('m_approve', $this->forum_id)) { - trigger_error('SORRY_AUTH_READ'); + throw new unauthorized_topic_exception($this->topic_id); } // Make sure forum is not excluded from feed if (phpbb_optionget(FORUM_OPTION_FEED_EXCLUDE, $this->topic_data['forum_options'])) { - trigger_error('NO_FEED'); + throw new no_feed_exception(); } // Make sure we can read this forum if (!$this->auth->acl_get('f_read', $this->forum_id)) { - trigger_error('SORRY_AUTH_READ'); + throw new unauthorized_forum_exception($this->forum_id); } // Make sure forum is not passworded or user is authed @@ -80,7 +85,7 @@ class topic extends \phpbb\feed\post_base if (isset($forum_ids_passworded[$this->forum_id])) { - trigger_error('SORRY_AUTH_READ'); + throw new unauthorized_forum_exception($this->forum_id); } unset($forum_ids_passworded); -- cgit v1.2.1 From 5df9a4547337ef90300c21d0f997bc67e43cba9e Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Thu, 6 Aug 2015 14:20:06 +0200 Subject: [ticket/13645] Proper OOP for feeds PHPBB3-13645 --- phpBB/phpbb/feed/topic.php | 68 +++++++++++++++++++++++++++------------------- 1 file changed, 40 insertions(+), 28 deletions(-) (limited to 'phpBB/phpbb/feed/topic.php') diff --git a/phpBB/phpbb/feed/topic.php b/phpBB/phpbb/feed/topic.php index c916d3bccc..f029c2b00e 100644 --- a/phpBB/phpbb/feed/topic.php +++ b/phpBB/phpbb/feed/topic.php @@ -1,15 +1,15 @@ -* @license GNU General Public License, version 2 (GPL-2.0) -* -* For full copyright and license information, please see -* the docs/CREDITS.txt file. -* -*/ + * + * This file is part of the phpBB Forum Software package. + * + * @copyright (c) phpBB Limited + * @license GNU General Public License, version 2 (GPL-2.0) + * + * For full copyright and license information, please see + * the docs/CREDITS.txt file. + * + */ namespace phpbb\feed; @@ -19,22 +19,22 @@ use phpbb\feed\exception\unauthorized_forum_exception; use phpbb\feed\exception\unauthorized_topic_exception; /** -* Topic feed for a specific topic -* -* This will give you the last {$this->num_items} posts made within this topic. -*/ -class topic extends \phpbb\feed\post_base + * Topic feed for a specific topic + * + * This will give you the last {$this->num_items} posts made within this topic. + */ +class topic extends post_base { - var $topic_id = 0; - var $forum_id = 0; - var $topic_data = array(); + protected $topic_id = 0; + protected $forum_id = 0; + protected $topic_data = array(); /** - * Set the Topic ID - * - * @param int $topic_id Topic ID - * @return \phpbb\feed\topic - */ + * Set the Topic ID + * + * @param int $topic_id Topic ID + * @return \phpbb\feed\topic + */ public function set_topic_id($topic_id) { $this->topic_id = (int) $topic_id; @@ -42,7 +42,10 @@ class topic extends \phpbb\feed\post_base return $this; } - function open() + /** + * {@inheritdoc} + */ + public function open() { $sql = 'SELECT f.forum_options, f.forum_password, t.topic_id, t.forum_id, t.topic_visibility, t.topic_title, t.topic_time, t.topic_views, t.topic_posts_approved, t.topic_type FROM ' . TOPICS_TABLE . ' t @@ -94,11 +97,14 @@ class topic extends \phpbb\feed\post_base parent::open(); } - function get_sql() + /** + * {@inheritdoc} + */ + protected function get_sql() { $this->sql = array( 'SELECT' => 'p.post_id, p.post_time, p.post_edit_time, p.post_visibility, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, p.post_attachment, ' . - 'u.username, u.user_id', + 'u.username, u.user_id', 'FROM' => array( POSTS_TABLE => 'p', USERS_TABLE => 'u', @@ -112,14 +118,20 @@ class topic extends \phpbb\feed\post_base return true; } - function adjust_item(&$item_row, &$row) + /** + * {@inheritdoc} + */ + public function adjust_item(&$item_row, &$row) { parent::adjust_item($item_row, $row); $item_row['forum_id'] = $this->forum_id; } - function get_item() + /** + * {@inheritdoc} + */ + public function get_item() { return ($row = parent::get_item()) ? array_merge($this->topic_data, $row) : $row; } -- cgit v1.2.1 From 4b6c2c8cde0b87d32f8df8af87239580ddc340c4 Mon Sep 17 00:00:00 2001 From: Jakub Senko Date: Sun, 29 May 2016 12:42:57 +0200 Subject: [ticket/10961] Send HTTP 403 when applicable PHPBB3-10961 --- phpBB/phpbb/feed/topic.php | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'phpBB/phpbb/feed/topic.php') diff --git a/phpBB/phpbb/feed/topic.php b/phpBB/phpbb/feed/topic.php index f029c2b00e..e5f2c41468 100644 --- a/phpBB/phpbb/feed/topic.php +++ b/phpBB/phpbb/feed/topic.php @@ -66,6 +66,14 @@ class topic extends post_base // Make sure topic is either approved or user authed if ($this->topic_data['topic_visibility'] != ITEM_APPROVED && !$this->auth->acl_get('m_approve', $this->forum_id)) { + if ($this->user->data['user_id'] != ANONYMOUS) + { + send_status_line(403, 'Forbidden'); + } + else + { + send_status_line(401, 'Unauthorized'); + } throw new unauthorized_topic_exception($this->topic_id); } @@ -78,6 +86,14 @@ class topic extends post_base // Make sure we can read this forum if (!$this->auth->acl_get('f_read', $this->forum_id)) { + if ($this->user->data['user_id'] != ANONYMOUS) + { + send_status_line(403, 'Forbidden'); + } + else + { + send_status_line(401, 'Unauthorized'); + } throw new unauthorized_forum_exception($this->forum_id); } @@ -88,6 +104,14 @@ class topic extends post_base if (isset($forum_ids_passworded[$this->forum_id])) { + if ($this->user->data['user_id'] != ANONYMOUS) + { + send_status_line(403, 'Forbidden'); + } + else + { + send_status_line(401, 'Unauthorized'); + } throw new unauthorized_forum_exception($this->forum_id); } -- cgit v1.2.1 From 7cad25e4cbed2efbf891001cd2664f825674d5a7 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Sun, 25 Dec 2016 17:54:11 +0100 Subject: [ticket/14838] Do not query full attachments table in feeds The fetch_attachments() will also now throw a runtime exception if a feed tries to do this nonetheless. PHPBB3-14838 --- phpBB/phpbb/feed/topic.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'phpBB/phpbb/feed/topic.php') diff --git a/phpBB/phpbb/feed/topic.php b/phpBB/phpbb/feed/topic.php index 66c49e55cf..295bf3f795 100644 --- a/phpBB/phpbb/feed/topic.php +++ b/phpBB/phpbb/feed/topic.php @@ -91,6 +91,8 @@ class topic extends \phpbb\feed\post_base function get_sql() { + parent::fetch_attachments(); + $this->sql = array( 'SELECT' => 'p.post_id, p.post_time, p.post_edit_time, p.post_visibility, p.post_subject, p.post_text, p.bbcode_bitfield, p.bbcode_uid, p.enable_bbcode, p.enable_smilies, p.enable_magic_url, p.post_attachment, ' . 'u.username, u.user_id', -- cgit v1.2.1