From ad14664a3a53c270511bc19392c38b60a2c3e3ff Mon Sep 17 00:00:00 2001
From: Josh Woody <a_jelly_doughnut@phpbb.com>
Date: Mon, 18 Jan 2010 16:41:21 +0000
Subject: [PATCH] - Bug #56255 - Moving topics to a forum where you are on
 queue - Allow some error handling in compress class by returning false if
 file does not exist.

git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10427 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/docs/CHANGELOG.html             |  2 ++
 phpBB/includes/functions_admin.php    | 15 ++++++++-------
 phpBB/includes/functions_compress.php | 10 ++++++++++
 phpBB/includes/mcp/mcp_main.php       |  2 +-
 phpBB/posting.php                     |  2 +-
 5 files changed, 22 insertions(+), 9 deletions(-)

diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index 44e03912da..024b439863 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -131,6 +131,8 @@
 		<li>[Fix] Pagination of User Notes in MCP uses two different config values. (Bug #56025)</li>
 		<li>[Fix] List hidden groups on viewprofile where the viewing user is also a member. (Bug #31845)</li>
 		<li>[Fix] Sort viewprofile group list by group name.</li>
+		<li>[Fix] Strictly check whether a moderator can post in the destination forum when moving topic. (Bug #56255)</li> 
+		<li>[Fix] Added some error handling to the compress class.</li>
 		<li>[Fix] Correctly determine permissions to show quick reply button. (Bug #56555)</li>
 		<li>[Fix] Do not unsubscribe users from topics replying with quickreply. (Bug #56235)</li>
 		<li>[Fix] Don't submit when pressing enter on preview button. (Bug #54395)</li>
diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php
index ddadda8ed2..a1bc2e7795 100644
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@@ -66,8 +66,6 @@ function make_forum_select($select_id = false, $ignore_id = false, $ignore_acl =
 {
 	global $db, $user, $auth;
 
-	$acl = ($ignore_acl) ? '' : (($only_acl_post) ? 'f_post' : array('f_list', 'a_forum', 'a_forumadd', 'a_forumdel'));
-
 	// This query is identical to the jumpbox one
 	$sql = 'SELECT forum_id, forum_name, parent_id, forum_type, forum_flags, forum_options, left_id, right_id
 		FROM ' . FORUMS_TABLE . '
@@ -98,18 +96,21 @@ function make_forum_select($select_id = false, $ignore_id = false, $ignore_acl =
 		$right = $row['right_id'];
 		$disabled = false;
 
-		if ($acl && !$auth->acl_gets($acl, $row['forum_id']))
+		if (!$ignore_acl && $auth->acl_get('f_list', $row['forum_id']))
 		{
-			// List permission?
-			if ($auth->acl_get('f_list', $row['forum_id']))
+			if ($only_acl_post && !$auth->acl_get('f_post', $row['forum_id']) || (!$auth->acl_get('m_approve', $row['forum_id']) && !$auth->acl_get('f_noapprove', $row['forum_id'])))
 			{
 				$disabled = true;
 			}
-			else
+			else if (!$only_acl_post && !$auth->acl_gets(array('a_forum', 'a_forumadd', 'a_forumdel'), $row['forum_id']))
 			{
-				continue;
+				$disabled = true;
 			}
 		}
+		else if (!$ignore_acl)
+		{
+			continue;
+		}
 
 		if (
 			((is_array($ignore_id) && in_array($row['forum_id'], $ignore_id)) || $row['forum_id'] == $ignore_id)
diff --git a/phpBB/includes/functions_compress.php b/phpBB/includes/functions_compress.php
index 590daabf1d..f17c780a65 100644
--- a/phpBB/includes/functions_compress.php
+++ b/phpBB/includes/functions_compress.php
@@ -80,6 +80,11 @@ class compress
 				}
 			}
 		}
+		else
+		{
+			// $src does not exist
+			return false;
+		}
 
 		return true;
 	}
@@ -89,6 +94,11 @@ class compress
 	*/
 	function add_custom_file($src, $filename)
 	{
+		if (!file_exists($src))
+		{
+			return false;
+		}
+
 		$this->data($filename, file_get_contents($src), false, stat($src));
 		return true;
 	}
diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php
index 50b05e989f..80c3559649 100644
--- a/phpBB/includes/mcp/mcp_main.php
+++ b/phpBB/includes/mcp/mcp_main.php
@@ -568,7 +568,7 @@ function mcp_move_topic($topic_ids)
 			{
 				$additional_msg = $user->lang['FORUM_NOT_POSTABLE'];
 			}
-			else if (!$auth->acl_get('f_post', $to_forum_id))
+			else if (!$auth->acl_get('f_post', $to_forum_id) || (!$auth->acl_get('m_approve', $to_forum_id) && !$auth->acl_get('f_noapprove', $to_forum_id)))
 			{
 				$additional_msg = $user->lang['USER_CANNOT_POST'];
 			}
diff --git a/phpBB/posting.php b/phpBB/posting.php
index 660ca8ef23..d5a46db9f9 100644
--- a/phpBB/posting.php
+++ b/phpBB/posting.php
@@ -992,7 +992,7 @@ if ($submit || $preview || $refresh)
 					$forum_type = (int) $db->sql_fetchfield('forum_type');
 					$db->sql_freeresult($result);
 
-					if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id))
+					if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id) || (!$auth->acl_get('m_approve', $to_forum_id) && !$auth->acl_get('f_noapprove', $to_forum_id)))
 					{
 						$to_forum_id = 0;
 					}