diff --git a/phpBB/download/file.php b/phpBB/download/file.php
index 6d0796d2c4..77367a7afd 100644
--- a/phpBB/download/file.php
+++ b/phpBB/download/file.php
@@ -220,7 +220,7 @@ else
 		{
 			phpbb_download_handle_forum_auth($db, $auth, $attachment['topic_id']);
 
-			$sql = 'SELECT forum_id, post_visibility
+			$sql = 'SELECT forum_id, poster_id, post_visibility
 				FROM ' . POSTS_TABLE . '
 				WHERE post_id = ' . (int) $attachment['post_msg_id'];
 			$result = $db->sql_query($sql);
diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 1ae59448ac..f0aef9eac3 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -656,15 +656,15 @@ function phpbb_download_handle_forum_auth($db, $auth, $topic_id)
 {
 	global $phpbb_container;
 
-	$sql_array = array(
-		'SELECT'	=> 't.topic_visibility, t.forum_id, f.forum_name, f.forum_password, f.parent_id',
-		'FROM'		=> array(
+	$sql_array = [
+		'SELECT'	=> 't.forum_id, t.topic_poster, t.topic_visibility, f.forum_name, f.forum_password, f.parent_id',
+		'FROM'		=> [
 			TOPICS_TABLE => 't',
 			FORUMS_TABLE => 'f',
-		),
-		'WHERE'	=> 't.topic_id = ' . (int) $topic_id . '
+		],
+		'WHERE'		=> 't.topic_id = ' . (int) $topic_id . '
 			AND t.forum_id = f.forum_id',
-	);
+	];
 
 	$sql = $db->sql_build_query('SELECT', $sql_array);
 	$result = $db->sql_query($sql);
diff --git a/phpBB/phpbb/content_visibility.php b/phpBB/phpbb/content_visibility.php
index 772a85ec4a..316df79319 100644
--- a/phpBB/phpbb/content_visibility.php
+++ b/phpBB/phpbb/content_visibility.php
@@ -145,13 +145,13 @@ class content_visibility
 	public function is_visible($mode, $forum_id, $data)
 	{
 		$visibility = $data[$mode . '_visibility'];
-
+		$poster_key = ($mode === 'topic') ? 'topic_poster' : 'poster_id';
 		$is_visible = ($visibility == ITEM_APPROVED) ||
-			($this->config['display_unapproved_posts']
-				&& ($this->user->data['user_id'] != ANONYMOUS)
-				&& ($visibility == ITEM_UNAPPROVED || $visibility == ITEM_REAPPROVE)
-			) ||
-			$this->auth->acl_get('m_approve', $forum_id);
+			($this->config['display_unapproved_posts'] &&
+				($this->user->data['user_id'] != ANONYMOUS) &&
+				($visibility == ITEM_UNAPPROVED || $visibility == ITEM_REAPPROVE) &&
+				($this->user->data['user_id'] == $data[$poster_key])) ||
+			 $this->auth->acl_get('m_approve', $forum_id);
 
 		/**
 		* Allow changing the result of calling is_visible