From f657ee51f89fcc0561155069c00957c46f31d96c Mon Sep 17 00:00:00 2001
From: Jakub Senko <jakubsenko@gmail.com>
Date: Fri, 28 Sep 2018 12:55:45 +0200
Subject: [ticket/15593] Do not allow print view with direct URL

PHPBB3-15593
---
 phpBB/viewtopic.php | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'phpBB/viewtopic.php')

diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php
index 79852330d9..ba30fa9c58 100644
--- a/phpBB/viewtopic.php
+++ b/phpBB/viewtopic.php
@@ -342,6 +342,12 @@ if (($topic_data['topic_type'] != POST_NORMAL) && $topic_data['topic_time_limit'
 // Setup look and feel
 $user->setup('viewtopic', $topic_data['forum_style']);
 
+if ($view == 'print' && !$auth->acl_get('f_print', $forum_id))
+{
+	send_status_line(403, 'Forbidden');
+	trigger_error('NO_AUTH_PRINT_TOPIC');
+}
+
 $overrides_f_read_check = false;
 $overrides_forum_password_check = false;
 $topic_tracking_info = isset($topic_tracking_info) ? $topic_tracking_info : null;
-- 
cgit v1.2.1