mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-18 16:11:06 +02:00
Moderators can only see reports/queue/logs from forums they can actually read. #31085
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9015 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Chris Smith
@ -146,6 +146,7 @@
|
||||
<li>[Fix] Disable mass e-mail when e-mail is disabled. (Bug #27385)</li>
|
||||
<li>[Fix] Display coloured poster username of queued posts displayed on the front of the MCP.</li>
|
||||
<li>[Fix] Forum last post information is now correctly updated when a topic/post is disapproved due to editing. (Bug #24475)</li>
|
||||
<li>[Fix] Moderators can only see reports/queue/logs from forums they can actually read. (Bug #31085)</li>
|
||||
|
||||
<li>[Change] No longer allow the direct use of MULTI_INSERT in sql_build_array. sql_multi_insert() must be used.</li>
|
||||
<li>[Change] Display warning in ACP if config.php file is left writable.</li>
|
||||
|
||||
@ -27,7 +27,7 @@ function mcp_front_view($id, $mode, $action)
|
||||
// Latest 5 unapproved
|
||||
if ($module->loaded('queue'))
|
||||
{
|
||||
$forum_list = get_forum_list('m_approve');
|
||||
$forum_list = array_intersect(get_forum_list('f_read'), get_forum_list('m_approve'));
|
||||
$post_list = array();
|
||||
$forum_names = array();
|
||||
|
||||
@ -143,7 +143,7 @@ function mcp_front_view($id, $mode, $action)
|
||||
// Latest 5 reported
|
||||
if ($module->loaded('reports'))
|
||||
{
|
||||
$forum_list = get_forum_list('m_report');
|
||||
$forum_list = array_intersect(get_forum_list('f_read'), get_forum_list('m_report'));
|
||||
|
||||
$template->assign_var('S_SHOW_REPORTS', (!empty($forum_list)) ? true : false);
|
||||
|
||||
@ -246,7 +246,7 @@ function mcp_front_view($id, $mode, $action)
|
||||
// Latest 5 logs
|
||||
if ($module->loaded('logs'))
|
||||
{
|
||||
$forum_list = get_forum_list('m_');
|
||||
$forum_list = array_intersect(get_forum_list('f_read'), get_forum_list('m_'));
|
||||
|
||||
if (!empty($forum_list))
|
||||
{
|
||||
|
||||
@ -63,7 +63,7 @@ class mcp_logs
|
||||
$this->tpl_name = 'mcp_logs';
|
||||
$this->page_title = 'MCP_LOGS';
|
||||
|
||||
$forum_list = get_forum_list('m_');
|
||||
$forum_list = array_intersect(get_forum_list('f_read'), get_forum_list('m_'));
|
||||
$forum_list[] = 0;
|
||||
|
||||
$forum_id = $topic_id = 0;
|
||||
|
||||
@ -242,6 +242,17 @@ class mcp_queue
|
||||
}
|
||||
|
||||
$forum_list_approve = get_forum_list('m_approve', false, true);
|
||||
$forum_list_read = array_flip(get_forum_list('f_read', true, true)); // Flipped so we can isset() the forum IDs
|
||||
|
||||
// Remove forums we cannot read
|
||||
foreach ($forum_list_approve as $k => $forum_data)
|
||||
{
|
||||
if (!isset($forum_list_read[$forum_data['forum_id']]))
|
||||
{
|
||||
unset($forum_list_approve[$k]);
|
||||
}
|
||||
}
|
||||
unset($forum_list_read);
|
||||
|
||||
if (!$forum_id)
|
||||
{
|
||||
|
||||
@ -246,6 +246,17 @@ class mcp_reports
|
||||
|
||||
$forum_info = array();
|
||||
$forum_list_reports = get_forum_list('m_report', false, true);
|
||||
$forum_list_read = array_flip(get_forum_list('f_read', true, true)); // Flipped so we can isset() the forum IDs
|
||||
|
||||
// Remove forums we cannot read
|
||||
foreach ($forum_list_reports as $k => $forum_data)
|
||||
{
|
||||
if (!isset($forum_list_read[$forum_data['forum_id']]))
|
||||
{
|
||||
unset($forum_list_reports[$k]);
|
||||
}
|
||||
}
|
||||
unset($forum_list_read);
|
||||
|
||||
if ($topic_id && $forum_id)
|
||||
{
|
||||
|
||||
@ -612,7 +612,7 @@ function mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by_sql,
|
||||
|
||||
$sql = 'SELECT COUNT(post_id) AS total
|
||||
FROM ' . POSTS_TABLE . "
|
||||
$where_sql " . $db->sql_in_set('forum_id', ($forum_id) ? array($forum_id) : get_forum_list('m_approve')) . '
|
||||
$where_sql " . $db->sql_in_set('forum_id', ($forum_id) ? array($forum_id) : array_intersect(get_forum_list('f_read'), get_forum_list('m_approve'))) . '
|
||||
AND post_approved = 0';
|
||||
|
||||
if ($min_time)
|
||||
@ -628,7 +628,7 @@ function mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by_sql,
|
||||
|
||||
$sql = 'SELECT COUNT(topic_id) AS total
|
||||
FROM ' . TOPICS_TABLE . "
|
||||
$where_sql " . $db->sql_in_set('forum_id', ($forum_id) ? array($forum_id) : get_forum_list('m_approve')) . '
|
||||
$where_sql " . $db->sql_in_set('forum_id', ($forum_id) ? array($forum_id) : array_intersect(get_forum_list('f_read'), get_forum_list('m_approve'))) . '
|
||||
AND topic_approved = 0';
|
||||
|
||||
if ($min_time)
|
||||
@ -654,7 +654,7 @@ function mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by_sql,
|
||||
}
|
||||
else
|
||||
{
|
||||
$where_sql .= ' ' . $db->sql_in_set('p.forum_id', get_forum_list('!m_report'), true, true);
|
||||
$where_sql .= ' ' . $db->sql_in_set('p.forum_id', get_forum_list(array('!f_read', '!m_report')), true, true);
|
||||
}
|
||||
|
||||
if ($mode == 'reports')
|
||||
@ -680,7 +680,7 @@ function mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by_sql,
|
||||
|
||||
$sql = 'SELECT COUNT(log_id) AS total
|
||||
FROM ' . LOG_TABLE . "
|
||||
$where_sql " . $db->sql_in_set('forum_id', ($forum_id) ? array($forum_id) : get_forum_list('m_')) . '
|
||||
$where_sql " . $db->sql_in_set('forum_id', ($forum_id) ? array($forum_id) : array_intersect(get_forum_list('f_read'), get_forum_list('m_'))) . '
|
||||
AND log_time >= ' . $min_time . '
|
||||
AND log_type = ' . LOG_MOD;
|
||||
break;
|
||||
|
||||
Reference in New Issue
Block a user