From fcec5b61daecb4a0174418d3851ee1e0e8a0d93c Mon Sep 17 00:00:00 2001
From: Meik Sievertsen <acydburn@phpbb.com>
Date: Thu, 8 Mar 2007 15:49:13 +0000
Subject: again... some more fixes.

git-svn-id: file:///svn/phpbb/trunk@7150 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/posting.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'phpBB/posting.php')

diff --git a/phpBB/posting.php b/phpBB/posting.php
index e585b73e7d..cf27952e12 100644
--- a/phpBB/posting.php
+++ b/phpBB/posting.php
@@ -850,7 +850,7 @@ if ($submit || $preview || $refresh)
 					include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
 
 					$template->assign_vars(array(
-						'S_FORUM_SELECT'	=> make_forum_select(false, false, false, true, true),
+						'S_FORUM_SELECT'	=> make_forum_select(false, false, false, true, true, true),
 						'S_UNGLOBALISE'		=> true)
 					);
 
@@ -859,6 +859,12 @@ if ($submit || $preview || $refresh)
 				}
 				else
 				{
+					if (!$auth->acl_get('f_post', $to_forum_id))
+					{
+						// This will only be triggered if the user tried to trick the forum.
+						trigger_error('NOT_AUTHORIZED');
+					}
+
 					$forum_id = $to_forum_id;
 				}
 			}
-- 
cgit v1.2.1