- fixed permissions for mcp (global permission settings are false if user is only able to moderate one to x forums)

- determine permission settings for submodules - further approve/disapprove work (approve_details added) git-svn-id: file:///svn/phpbb/trunk@4925 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-28 14:18:52 +00:00 · 2004-07-11 15:20:35 +00:00 · 2004-07-11 15:20:35 +00:00 · 59767029a9
commit 59767029a9
parent 6a69106501
15 changed files with 314 additions and 151 deletions
--- a/phpBB/includes/functions_posting.php
+++ b/phpBB/includes/functions_posting.php
@ -928,4 +928,89 @@ function load_drafts($topic_id = 0, $forum_id = 0, $id = 0)
 	}
 }
 // Topic Review
 function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id = 0, $show_quote_button = true)
 {
 	global $user, $auth, $db, $template, $bbcode, $template;
 	global $config, $phpbb_root_path, $phpEx, $SID;
 	// Go ahead and pull all data for this topic
 	$sql = 'SELECT u.username, u.user_id, u.user_karma, p.post_id, p.post_username, p.post_subject, p.post_text, p.enable_smilies, p.bbcode_uid, p.bbcode_bitfield, p.post_time
 		FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u
 		WHERE p.topic_id = $topic_id
 			AND p.poster_id = u.user_id
 			" . ((!$auth->acl_get('m_approve', $forum_id)) ? 'AND p.post_approved = 1' : '') . '
 			' . (($mode == 'post_review') ? " AND p.post_id > $cur_post_id" : '') . '
 		ORDER BY p.post_time DESC';
 	$result = $db->sql_query_limit($sql, $config['posts_per_page']);
 	if (!$row = $db->sql_fetchrow($result))
 	{
 		return false;
 	}
 	$bbcode_bitfield = 0;
 	do
 	{
 		$rowset[] = $row;
 		$bbcode_bitfield |= $row['bbcode_bitfield'];
 	}
 	while ($row = $db->sql_fetchrow($result));
 	$db->sql_freeresult($result);
 	// Instantiate BBCode class
 	if (!isset($bbcode) && $bbcode_bitfield)
 	{
 		include_once($phpbb_root_path . 'includes/bbcode.'.$phpEx);
 		$bbcode = new bbcode($bbcode_bitfield);
 	}
 	foreach ($rowset as $i => $row)
 	{
 		$poster_id = $row['user_id'];
 		$poster = $row['username'];
 		// Handle anon users posting with usernames
 		if ($poster_id == ANONYMOUS && $row['post_username'])
 		{
 			$poster = $row['post_username'];
 			$poster_rank = $user->lang['GUEST'];
 		}
 		$post_subject = $row['post_subject'];
 		$message = $row['post_text'];
 		if ($row['bbcode_bitfield'])
 		{
 			$bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']);
 		}
 		$message = smilie_text($message, !$row['enable_smilies']);
 		$post_subject = censor_text($post_subject);
 		$message = censor_text($message);
 		$template->assign_block_vars($mode . '_row', array(
 			'POSTER_NAME' 	=> $poster,
 			'POST_SUBJECT' 	=> $post_subject,
 			'MINI_POST_IMG' => $user->img('icon_post', $user->lang['POST']),
 			'POST_DATE' 	=> $user->format_date($row['post_time']),
 			'MESSAGE' 		=> str_replace("\n", '<br />', $message), 
 			'U_POST_ID'		=> $row['post_id'],
 			'U_MINI_POST'	=> "{$phpbb_root_path}viewtopic.$phpEx$SID&amp;p=" . $row['post_id'] . '#' . $row['post_id'],
 			'U_MCP_DETAILS'	=> ($auth->acl_get('m_', $forum_id)) ? "{$phpbb_root_path}mcp.$phpEx$SID&amp;mode=post_details&amp;p=" . $row['post_id'] : '',
 			'U_QUOTE'		=> ($show_quote_button && $auth->acl_get('f_quote', $forum_id)) ? 'javascript:addquote(' . $row['post_id'] . ", '" . str_replace("'", "\\'", $poster) . "')" : '')
 		);
 		unset($rowset[$i]);
 	}
 	if ($mode == 'topic_review')
 	{
 		$template->assign_var('QUOTE_IMG', $user->img('btn_quote', $user->lang['REPLY_WITH_QUOTE']));
 	}
 	return true;
 }
 ?>
--- a/phpBB/includes/mcp/mcp_queue.php
+++ b/phpBB/includes/mcp/mcp_queue.php
@ -24,14 +24,91 @@ class mcp_queue extends module
 		switch ($mode)
 		{
 			case 'approve':
 			case 'disapprove':
 				break;
 			case 'approve_details':
 				$user->add_lang('posting');
 				include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
 				$post_id = request_var('p', 0);
 				$post_info = get_post_data(array($post_id), 'm_approve');
 				if (!sizeof($post_info))
 				{
 					trigger_error('NO_POST_SELECTED');
 				}
 				$post_info = $post_info[$post_id];
 				if ($post_info['topic_first_post_id'] != $post_id && topic_review($post_info['topic_id'], $post_info['forum_id'], 'topic_review', 0, false))
 				{
 					$template->assign_vars(array(
 						'S_TOPIC_REVIEW'	=> true,
 						'TOPIC_TITLE'		=> $post_info['topic_title'])
 					);
 				}
 				// Set some vars
 				$poster = ($post_info['user_colour']) ? '<span style="color:#' . $post_info['user_colour'] . '">' . $post_info['username'] . '</span>' : $post_info['username'];
 				// Process message, leave it uncensored
 				$message = $post_info['post_text'];
 				if ($post_info['bbcode_bitfield'])
 				{
 					include_once($phpbb_root_path . 'includes/bbcode.'.$phpEx);
 					$bbcode = new bbcode($post_info['bbcode_bitfield']);
 					$bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']);
 				}
 				$message = smilie_text($message);
 				$template->assign_vars(array(
 					'S_APPROVE_ACTION'		=> "mcp.$phpEx$SID&amp;i=queue&amp;p=$post_id&amp;f=$forum_id",
 					'S_CAN_VIEWIP'			=> $auth->acl_get('m_ip', $post_info['forum_id']),
 					'S_POST_REPORTED'		=> $post_info['post_reported'],
 					'S_POST_UNAPPROVED'		=> !$post_info['post_approved'],
 					'S_POST_LOCKED'			=> $post_info['post_edit_locked'],
 //					'S_USER_NOTES'			=> ($post_info['user_notes']) ? true : false,
 					'S_USER_WARNINGS'		=> ($post_info['user_warnings']) ? true : false,
 					'U_VIEW_PROFILE'		=> "memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $post_info['user_id'],
 					'U_MCP_USERNOTES'		=> "mcp.$phpEx$SID&amp;i=notes&amp;mode=user_notes&amp;u=" . $post_info['user_id'],
 					'U_MCP_WARNINGS'		=> "mcp.$phpEx$SID&amp;i=warnings&amp;mode=view_user&amp;u=" . $post_info['user_id'],
 					'REPORTED_IMG'			=> $user->img('icon_reported', $user->lang['POST_REPORTED']),
 					'UNAPPROVED_IMG'		=> $user->img('icon_unapproved', $user->lang['POST_UNAPPROVED']),
 					'POSTER_NAME'			=> $poster,
 					'POST_PREVIEW'			=> $message,
 					'POST_SUBJECT'			=> $post_info['post_subject'],
 					'POST_DATE'				=> $user->format_date($post_info['post_time']),
 					'POST_IP'				=> $post_info['poster_ip'],
 					'POST_IPADDR'			=> @gethostbyaddr($post_info['poster_ip']))
 				);
 				$this->display($user->lang['MCP_QUEUE'], 'mcp_approve.html');
 				break;
 			case 'unapproved_topics':
 			case 'unapproved_posts':
 				$forum_info = array();
 				$forum_list_approve = get_forum_list('m_approve', false, true);
 				if (!$forum_id)
 				{
-					if (!$forum_list = implode(', ', get_forum_list('m_approve')))
+					$forum_list = array();
 					foreach ($forum_list_approve as $row)
 					{
 						$forum_list[] = $row['forum_id'];
 					}
 					if (!$forum_list = implode(', ', $forum_list))
 					{
 						trigger_error('NOT_MODERATOR');
 					}
@ -42,6 +119,7 @@ class mcp_queue extends module
 					$result = $db->sql_query($sql);
 					$forum_info['forum_topics'] = (int) $db->sql_fetchfield('sum_forum_topics', 0, $result);
 					$db->sql_freeresult($result);
 				}
 				else
 				{
@ -53,6 +131,13 @@ class mcp_queue extends module
 					}
 					$forum_info = $forum_info[$forum_id];
 					$forum_list = $forum_id;
 				}
 				$forum_options = '<option value="0"' . (($forum_id == 0) ? ' selected="selected"' : '') . '>' . $user->lang['ALL_FORUMS'] . '</option>';
 				foreach ($forum_list_approve as $row)
 				{
 					$forum_options .= '<option value="' . $row['forum_id'] . '"' . (($forum_id == $row['forum_id']) ? ' selected="selected"' : '') . '>' . $row['forum_name'] . '</option>';
 				}
 				mcp_sorting($mode, $sort_days, $sort_key, $sort_dir, $sort_by_sql, $sort_order_sql, $total, $forum_id);
@ -133,7 +218,7 @@ class mcp_queue extends module
 					}
 					else
 					{
-						$poster = '<a href="memberlist.' . $phpEx . $SID . '&amp;mode=viewprofile&amp;u=' . $row['poster_id'] . '">' . $row['username'] . '</a>';
+						$poster = $row['username'];
 					}
 					$s_checkbox = ($mode == 'unapproved_posts') ? '<input type="checkbox" name="post_id_list[]" value="' . $row['post_id'] . '" />' : '<input type="checkbox" name="topic_id_list[]" value="' . $row['topic_id'] . '" />';
@ -143,6 +228,8 @@ class mcp_queue extends module
 						// Q: Why accessing the topic by a post_id instead of its topic_id?
 						// A: To prevent the post from being hidden because of low karma or wrong encoding
 						'U_VIEWTOPIC'	=> "viewtopic.$phpEx$SID&amp;f=" . $row['forum_id'] . '&amp;p=' . $row['post_id'] . (($mode == 'unapproved_posts') ? '#' . $row['post_id'] : ''),
 						'U_VIEW_DETAILS'=> "mcp.$phpEx$SID&amp;i=queue&amp;start=$start&amp;mode=approve_details&amp;f={$forum_id}&amp;p={$row['post_id']}",
 						'U_VIEWPROFILE'	=> ($row['poster_id'] != ANONYMOUS) ? "memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u={$row['poster_id']}" : '',
 						'FORUM_NAME'	=> $row['forum_name'],
 						'TOPIC_TITLE'	=> $row['topic_title'],
@ -155,7 +242,8 @@ class mcp_queue extends module
 				// Now display the page
 				$template->assign_vars(array(
-					'L_DISPLAY_ITEMS'		=>	($mode == 'unapproved_posts') ? $user->lang['DISPLAY_POSTS'] : $user->lang['DISPLAY_TOPICS'])
+					'L_DISPLAY_ITEMS'		=> ($mode == 'unapproved_posts') ? $user->lang['DISPLAY_POSTS'] : $user->lang['DISPLAY_TOPICS'],
 					'S_FORUM_OPTIONS'		=> $forum_options)
 				);
 				$this->display($user->lang['MCP_QUEUE'], 'mcp_queue.html');
--- a/phpBB/includes/ucp/ucp_main.php
+++ b/phpBB/includes/ucp/ucp_main.php
@ -420,7 +420,7 @@ class ucp_main extends module
 					$topic_id = $row['topic_id'];
 					// Goto message generation
-					$replies = ($auth->acl_get('m_approve')) ? $row['topic_replies_real'] : $row['topic_replies'];
+					$replies = ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies'];
 					$topic_type = '';
 					switch ($row['topic_type'])
@ -637,7 +637,7 @@ class ucp_main extends module
 					$forum_id = $row['forum_id'];
 					$topic_id = $row['b_topic_id'];
-					$replies = ($auth->acl_get('m_approve')) ? $row['topic_replies_real'] : $row['topic_replies'];
+					$replies = ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies'];
 					$topic_type = '';
 					switch ($row['topic_type'])
--- a/phpBB/includes/ucp/ucp_pm_viewmessage.php
+++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php
@ -171,7 +171,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)
 		'U_MCP_REPORT'		=> "{$phpbb_root_path}mcp.$phpEx$SID&amp;mode=pm_details&amp;p=" . $message_row['msg_id'],
 		'U_REPORT'			=> ($config['auth_report_pm'] && $auth->acl_get('u_pm_report')) ? "{$phpbb_root_path}report.$phpEx$SID&amp;pm=" . $message_row['msg_id'] : '',
-		'U_IP' 				=> ($auth->acl_get('m_') && $message_row['message_reported']) ? "{$phpbb_root_path}mcp.$phpEx?sid=" . $user->session_id . "&amp;mode=pm_details&amp;p=" . $message_row['msg_id'] . '#ip' : '',
+		'U_IP' 				=> ($auth->acl_get('m_ip') && $message_row['message_reported']) ? "{$phpbb_root_path}mcp.$phpEx?sid=" . $user->session_id . "&amp;mode=pm_details&amp;p=" . $message_row['msg_id'] . '#ip' : '',
 		'U_DELETE' 			=> ($auth->acl_get('u_pm_delete')) ? "$url&amp;mode=compose&amp;action=delete&amp;f=$folder_id&amp;p=" . $message_row['msg_id'] : '',
 		'U_AUTHOR_PROFILE' 		=> "{$phpbb_root_path}memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $author_id,
 		'U_EMAIL' 			=> $user_info['email'],
--- a/phpBB/install/schemas/schema_data.sql
+++ b/phpBB/install/schemas/schema_data.sql
@ -408,14 +408,14 @@ INSERT INTO phpbb_bots (bot_id, bot_active, bot_name, user_id, bot_agent, bot_ip
 # MSSQL IDENTITY phpbb_modules OFF #
 # -- Modules
-INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('ucp', 'MAIN', 'main', 1, 1, 'front\r\nsubscribed\r\nbookmarks\r\ndrafts', '');
+INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('ucp', 'MAIN', 'main', 1, 1, 'front\r\nsubscribed\r\nbookmarks,cfg_allow_bookmarks\r\ndrafts', '');
 INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('ucp', 'PM', 'pm', 2, 1, 'view_messages\r\ncompose\r\nunread\r\ndrafts\r\noptions', 'cfg_allow_privmsg');
 INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('ucp', 'PROFILE', 'profile', 3, 1, 'profile_info\r\nreg_details\r\nsignature\r\navatar', '');
 INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('ucp', 'PREFS', 'prefs', 4, 1, 'personal\r\nview\r\npost', '');
 INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('ucp', 'ZEBRA', 'zebra', 5, 1, 'friends\r\nfoes', '');
 INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('ucp', 'ATTACHMENTS', 'attachments', 6, 1, '', 'acl_u_attach && cfg_allow_attachments');
-INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('mcp', 'MAIN', 'main', 1, 1, 'front\r\nforum_view\r\ntopic_view\r\npost_details', '');
+INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('mcp', 'MAIN', 'main', 1, 1, 'front\r\nforum_view\r\ntopic_view\r\npost_details', 'acl_m_');
-INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('mcp', 'QUEUE', 'queue', 2, 1, 'unapproved_topics\r\nunapproved_posts', 'acl_m_approve');
+INSERT INTO phpbb_modules (module_type, module_title, module_filename, module_order, module_enabled, module_subs, module_acl) VALUES ('mcp', 'QUEUE', 'queue', 2, 1, 'unapproved_topics\r\nunapproved_posts\r\nreports', 'acl_m_approve');
 # MSSQL IDENTITY phpbb_modules OFF #
--- a/phpBB/language/en/mcp.php
+++ b/phpBB/language/en/mcp.php
@ -238,6 +238,8 @@ $lang += array(
 	'USER_CANNOT_POST'		=> 'You cannot post in this forum',
 	'USER_CANNOT_REPORT'	=> 'You cannot report posts in this forum',
 	'VIEW_DETAILS'			=> 'View Details',
 	'YOU_SELECTED_TOPIC'	=> 'You selected topic number %d: %s',
 	'report_reasons'		=> array(
--- a/phpBB/mcp.php
+++ b/phpBB/mcp.php
@ -36,8 +36,7 @@ class module
 		if ($post_id)
 		{
-			if (!$topic_id || !$forum_id)
+			// We determine the topic and forum id here, to make sure the moderator really has moderative rights on this post
 			{
 			$sql = 'SELECT topic_id, forum_id
 				FROM ' . POSTS_TABLE . "
 				WHERE post_id = $post_id";
@ -48,7 +47,6 @@ class module
 			$topic_id = (int) $row['topic_id'];
 			$forum_id = (int) $row['forum_id'];
 		}
 		}
 		if ($topic_id && !$forum_id)
 		{
@ -62,6 +60,20 @@ class module
 			$forum_id = (int) $row['forum_id'];
 		}
 		// If we do not have a forum id and the user is not a super moderator (global options are set to false, even if the user is able to moderator at least one forum
 		if (!$forum_id && !$auth->acl_get('m_'))
 		{
 			$forum_list = get_forum_list('m_');
 			if (!sizeof($forum_list))
 			{
 				trigger_error('MODULE_NOT_EXIST');
 			}
 			// We do not check all forums, only the first one should be sufficiant.
 			$forum_id = $forum_list[0];
 		}
 		$sql = 'SELECT module_id, module_title, module_filename, module_subs, module_acl
 			FROM ' . MODULES_TABLE . "
 			WHERE module_type = '{$module_type}'
@ -76,7 +88,7 @@ class module
 			if ($row['module_acl'])
 			{
 				$is_auth = false;
-				eval('$is_auth = (' . preg_replace(array('#acl_([a-z_]+)#e', '#cfg_([a-z_]+)#e'), array('(int) $auth->acl_get("\\1")', '(int) $config["\\1"]'), trim($row['module_acl'])) . ');');
+				eval('$is_auth = (' . preg_replace(array('#acl_([a-z_]+)#e', '#cfg_([a-z_]+)#e'), array('(int) $auth->acl_get("\\1", ' . $forum_id . ')', '(int) $config["\\1"]'), trim($row['module_acl'])) . ');');
 				// The user is not authorised to use this module, skip it
 				if (!$is_auth)
@ -106,19 +118,26 @@ class module
 					$submodules_ary = explode("\n", $row['module_subs']);
 					foreach ($submodules_ary as $submodule)
 					{
 						if (!trim($submodule))
 						{
 							continue;
 						}
 						$submodule = explode(',', trim($submodule));
 						$submodule_title = array_shift($submodule);
 						$is_auth = true;
 						foreach ($submodule as $auth_option)
 						{
-							if (!$auth->acl_get($auth_option))
+							eval('$is_auth = (' . preg_replace(array('#acl_([a-z_]+)#e', '#cfg_([a-z_]+)#e'), array('(int) $auth->acl_get("\\1", ' . $forum_id . ')', '(int) $config["\\1"]'), trim($auth_option)) . ');');
 							if (!$is_auth)
 							{
-								$is_auth = false;
+								break;
 							}
 						}
-						if (!$is_auth || empty($submodule_title))
+						if (!$is_auth)
 						{
 							continue;
 						}
@ -316,14 +335,14 @@ if ($mode2)
 }
 // Only Moderators can go beyond this point
-if ($user->data['user_id'] == ANONYMOUS || !$auth->acl_get('m_'))
+if ($user->data['user_id'] == ANONYMOUS)
 {
-	if ($user->data['user_id'] != ANONYMOUS)
+	login_box("{$phpbb_root_path}mcp.$phpEx$SID&amp;mode=$mode&amp;i=$module", '', $user->lang['LOGIN_EXPLAIN_MCP']);
 	if ($user->data['user_id'] == ANONYMOUS)
 	{
 		redirect("index.$phpEx$SID");
 	}
 	login_box("{$phpbb_root_path}mcp.$phpEx$SID&amp;mode=$mode&amp;i=$module", '', $user->lang['LOGIN_EXPLAIN_MCP']);
 }
 $quickmod = (isset($_REQUEST['quickmod'])) ? true : false;
@ -365,7 +384,7 @@ if (!$quickmod)
 	$mcp->create('mcp', "mcp.$phpEx$SID", $post_id, $topic_id, $forum_id, $module, $mode);
 	// Load and execute the relevant module
-	$mcp->load();
+	$mcp->load('mcp', false, $mode);
 	exit;
 }
--- a/phpBB/posting.php
+++ b/phpBB/posting.php
@ -1271,92 +1271,6 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
 }
 // Topic Review
 function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id = 0)
 {
 	global $user, $auth, $db, $template, $bbcode, $template;
 	global $config, $phpbb_root_path, $phpEx, $SID;
 	// Go ahead and pull all data for this topic
 	$sql = 'SELECT u.username, u.user_id, u.user_karma, p.post_id, p.post_username, p.post_subject, p.post_text, p.enable_smilies, p.bbcode_uid, p.bbcode_bitfield, p.post_time
 		FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u
 		WHERE p.topic_id = $topic_id
 			AND p.poster_id = u.user_id
 			" . ((!$auth->acl_get('m_approve', $forum_id)) ? 'AND p.post_approved = 1' : '') . '
 			' . (($mode == 'post_review') ? " AND p.post_id > $cur_post_id" : '') . '
 		ORDER BY p.post_time DESC';
 	$result = $db->sql_query_limit($sql, $config['posts_per_page']);
 	if (!$row = $db->sql_fetchrow($result))
 	{
 		return false;
 	}
 	$bbcode_bitfield = 0;
 	do
 	{
 		$rowset[] = $row;
 		$bbcode_bitfield |= $row['bbcode_bitfield'];
 	}
 	while ($row = $db->sql_fetchrow($result));
 	$db->sql_freeresult($result);
 	// Instantiate BBCode class
 	if (!isset($bbcode) && $bbcode_bitfield)
 	{
 		include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
 		$bbcode = new bbcode($bbcode_bitfield);
 	}
 	foreach ($rowset as $i => $row)
 	{
 		$poster_id = $row['user_id'];
 		$poster = $row['username'];
 		// Handle anon users posting with usernames
 		if ($poster_id == ANONYMOUS && $row['post_username'])
 		{
 			$poster = $row['post_username'];
 			$poster_rank = $user->lang['GUEST'];
 		}
 		$post_subject = $row['post_subject'];
 		$message = $row['post_text'];
 		if ($row['bbcode_bitfield'])
 		{
 			$bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']);
 		}
 		$message = smilie_text($message, !$row['enable_smilies']);
 		$post_subject = censor_text($post_subject);
 		$message = censor_text($message);
 		$template->assign_block_vars($mode . '_row', array(
 			'KARMA_IMG'		=> ($config['enable_karma']) ? $user->img('karma_center', $user->lang['KARMA'][$row['user_karma']], false, (int) $row['user_karma']) : '',
 			'POSTER_NAME' 	=> $poster,
 			'POST_SUBJECT' 	=> $post_subject,
 			'MINI_POST_IMG' => $user->img('icon_post', $user->lang['POST']),
 			'POST_DATE' 	=> $user->format_date($row['post_time']),
 			'MESSAGE' 		=> str_replace("\n", '<br />', $message), 
 			'U_POST_ID'		=> $row['post_id'],
 			'U_MINI_POST'	=> "{$phpbb_root_path}viewtopic.$phpEx$SID&amp;p=" . $row['post_id'] . '#' . $row['post_id'],
 			'U_QUOTE'		=> ($auth->acl_get('f_quote', $forum_id)) ? 'javascript:addquote(' . $row['post_id'] . ", '" . str_replace("'", "\\'", $poster) . "')" : '')
 		);
 		unset($rowset[$i]);
 	}
 	if ($mode == 'topic_review')
 	{
 		$template->assign_var('QUOTE_IMG', $user->img('btn_quote', $user->lang['REPLY_WITH_QUOTE']));
 	}
 	return true;
 }
 // Delete Post
 function delete_post($mode, $post_id, $topic_id, $forum_id, $data)
 {
@ -1443,7 +1357,7 @@ function delete_post($mode, $post_id, $topic_id, $forum_id, $data)
 				$sql = 'SELECT MAX(post_id) as last_post_id
 					FROM ' . POSTS_TABLE . "
 					WHERE topic_id = $topic_id " .
-						(($auth->acl_get('m_approve')) ? 'AND post_approved = 1' : '');
+						(($auth->acl_get('m_approve', $forum_id)) ? 'AND post_approved = 1' : '');
 				$result = $db->sql_query($sql);
 				$row = $db->sql_fetchrow($result);
 				$db->sql_freeresult($result);
@ -1456,7 +1370,7 @@ function delete_post($mode, $post_id, $topic_id, $forum_id, $data)
 			$sql = 'SELECT post_id
 				FROM ' . POSTS_TABLE . "
 				WHERE topic_id = $topic_id " . 
-					(($auth->acl_get('m_approve')) ? 'AND post_approved = 1' : '') . '
+					(($auth->acl_get('m_approve', $forum_id)) ? 'AND post_approved = 1' : '') . '
 					AND post_time > ' . $data['post_time'] . '
 				ORDER BY post_time ASC';
 			$result = $db->sql_query_limit($sql, 1);
@ -1998,7 +1912,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
 	markread($mark_mode, $data['forum_id'], $data['topic_id'], $data['post_time']);
 	// Send Notifications
-	if ($mode != 'edit' && $mode != 'delete')
+	if ($mode != 'edit' && $mode != 'delete' && !$auth->acl_get('f_moderate', $data['forum_id']))
 	{
 		user_notification($mode, stripslashes($subject), stripslashes($data['topic_title']), stripslashes($data['forum_name']), $data['forum_id'], $data['topic_id'], $data['post_id']);
 	}
--- a/phpBB/search.php
+++ b/phpBB/search.php
@ -766,7 +766,7 @@ if ($search_keywords || $search_author || $search_id)
 			'LAST_VIEW_TIME'	=> $user->format_date($row['topic_last_view_time']),
 			'LAST_POST_AUTHOR' 	=> $last_post_author,
 			'GOTO_PAGE' 		=> $goto_page, 
-			'TOPIC_REPLIES'		=> ($auth->acl_get('m_approve')) ? $row['topic_replies_real'] : $row['topic_replies'],
+			'TOPIC_REPLIES'		=> ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies'],
 			'TOPIC_VIEWS'		=> $row['topic_views'],
 			'FORUM_TITLE'		=> $row['forum_name'], 
 			'TOPIC_TITLE' 		=> censor_text($row['topic_title']),
--- a/phpBB/styles/subSilver/template/mcp_approve.html
+++ b/phpBB/styles/subSilver/template/mcp_approve.html
@ -0,0 +1,46 @@
 <!-- INCLUDE mcp_header.html -->
 <table width="100%" cellpadding="3" cellspacing="1" border="0" class="tablebg"><form method="post" name="mcp" action="{S_APPROVE_ACTION}">
 	<tr>
 		<th colspan="2" height="28" align="center">{L_POST_DETAILS}</th>
 	</tr>
 	<tr>
 		<td class="row3" colspan="2" align="center"><span class="gensmall">{RETURN_QUEUE}</span></td>
 	</tr>
 	<tr>
 		<td class="row1"><b class="gen">{L_POST_SUBJECT}: </b></td>
 		<td class="row2"><span class="gen">{POST_SUBJECT}</span></td>
 	</tr>
 	<tr>
 		<td class="row1" width="20%"><b class="gen">{L_POSTER}: </b></td>
 		<td class="row2" width="80%"><span class="gen">{POSTER_NAME} &nbsp; [ <a href="{U_VIEW_PROFILE}">{L_READ_PROFILE}</a> ]<!-- IF S_USER_NOTES --> [ <a href="{U_MCP_USERNOTES}">{L_READ_USERNOTES}</a> ]<!-- ENDIF --><!-- IF S_USER_WARNINGS --> [ <a href="{U_MCP_WARNINGS}">{L_READ_WARNINGS}</a> ]<!-- ENDIF --></span></td>
 	</tr>
 	<!-- IF S_CAN_VIEWIP -->
 	<tr>
 		<td class="row1"><b class="gen">{L_THIS_POST_IP}: </b></td>
 		<td class="row2"><span class="gen">{POST_IP} [ {POST_IPADDR} ]</span></td>
 	</tr>
 	<!-- ENDIF -->
 	<tr>
 		<td class="row1"><b class="gen">{L_POSTED}: </b></td>
 		<td class="row2"><span class="postdetails">{POST_DATE}</span></td>
 	</tr>
 	</tr>
 	<tr>
 		<th colspan="2" height="28" align="center">{L_PREVIEW}</th>
 	</th>
 	<tr>
 		<td class="row1" colspan="2"><div class="gen" style="overflow: auto; width: 100%; height: 80pt; border: 1px;">{POST_PREVIEW}</div></td>
 	</tr>
 	<!-- IF S_POST_UNAPPROVED -->
 	<tr>
 		<td class="cat" align="center" colspan="2"><input class="btnmain" type="submit" value="{L_APPROVE}" name="mode[approve]" /> &nbsp; <input class="btnlite" type="submit" value="{L_DISAPPROVE}" name="mode[disapprove]" /></td>
 	</tr>
 	<!-- ENDIF -->
 </form></table>
 <br clear="all" />
 <!-- IF S_TOPIC_REVIEW --><!-- INCLUDE posting_topic_review.html --><!-- ENDIF -->
 <!-- INCLUDE mcp_footer.html -->
--- a/phpBB/styles/subSilver/template/mcp_queue.html
+++ b/phpBB/styles/subSilver/template/mcp_queue.html
@ -5,23 +5,22 @@
 		<th colspan="6" height="28" nowrap="nowrap">{L_DISPLAY_OPTIONS}</th>
 	</tr>
 	<tr>
-		<td colspan="5" class="cat" height="28" align="center"><span class="gensmall">{L_DISPLAY_ITEMS}:</span> {S_SELECT_SORT_DAYS}&nbsp;<span class="gensmall">{L_SORT_BY}</span> {S_SELECT_SORT_KEY} {S_SELECT_SORT_DIR}&nbsp;<input class="btnlite" type="submit" name="sort" value="{L_GO}" /></span></td>
+		<td colspan="5" class="cat" height="28" align="center"><span class="gensmall">{L_DISPLAY_ITEMS}:</span> {S_SELECT_SORT_DAYS}&nbsp;<span class="gensmall">{L_SORT_BY}</span> {S_SELECT_SORT_KEY} {S_SELECT_SORT_DIR}&nbsp;<span class="gensmall">{L_FORUM}</span> <select name="f">{S_FORUM_OPTIONS}</select>&nbsp;<input class="btnlite" type="submit" name="sort" value="{L_GO}" /></span></td>
 	</tr>
 	<tr> 
-		<th height="28">&nbsp;{L_FORUM}&nbsp;</th>
+		<th height="28">&nbsp;{L_TOPIC}&nbsp;</th>
 		<th>&nbsp;{L_TOPIC}&nbsp;</th>
 		<th>&nbsp;{L_AUTHOR}&nbsp;</th>
 		<th>&nbsp;{L_POST_TIME}&nbsp;</th>
 		<th width="5%">&nbsp;{L_SELECT}&nbsp;</th>
 	</tr>
 	<!-- BEGIN postrow -->
-	<tr>
+	<!-- IF postrow.S_ROW_COUNT is even --><tr class="row1"><!-- ELSE --><tr class="row2"><!-- ENDIF -->
-		<td class="row1" width="15%"><a class="gen" href="{postrow.U_VIEWFORUM}">{postrow.FORUM_NAME}</a></td>
+		<td style="padding: 4px;"><p class="topictitle"><a href="{postrow.U_VIEWTOPIC}">{postrow.TOPIC_TITLE}</a></p><br />
-		<td class="row2" width="18%"><a class="gen" href="{postrow.U_VIEWTOPIC}">{postrow.TOPIC_TITLE}</a></td>
+			<span class="gensmall">{L_FORUM}: <a href="{postrow.U_VIEWFORUM}">{postrow.FORUM_NAME}</a></span></td>
-		<td class="row1" align="center" width="15%"><span class="gen">{postrow.POSTER}</span></td>
+		<td style="padding: 4px;" align="left" valign="top" nowrap="nowrap"><span class="gen"><!-- IF postrow.U_VIEWPROFILE --><a href="{postrow.U_VIEWPROFILE}">{postrow.POSTER}</a><!-- ELSE -->{postrow.POSTER}<!-- ENDIF --></span><br />
-		<td class="row2" align="center" width="15%"><span class="gensmall">{postrow.POST_TIME}</span></td>
+			<span class="gensmall">[ <a href="{postrow.U_VIEW_DETAILS}">{L_VIEW_DETAILS}</a> ]</span></td>
-		<td class="row1" align="center">{postrow.S_CHECKBOX}</td>
+		<td class="postdetails" style="padding: 4px;" align="left" valign="top" nowrap="nowrap">{postrow.POST_TIME}</td>
 		<td align="center">{postrow.S_CHECKBOX}</td>
 	</tr>
 	<!-- BEGINELSE -->
 	<tr>
@ -35,8 +34,7 @@
 <table width="100%" cellspacing="2" cellpadding="2" border="0" align="center">
 	<tr>
-		<td class="nav" align="left" valign="middle">{PAGE_NUMBER}</td>
+		<td align="right" valign="top" nowrap="nowrap"><b class="gensmall"><a href="javascript:marklist('mcp', true);">{L_MARK_ALL}</a> :: <a href="javascript:marklist('mcp', false);">{L_UNMARK_ALL}</a></b></td>
 		<td align="right" valign="top" nowrap="nowrap"><b class="gensmall"><a href="javascript:marklist('mcp', true);">{L_MARK_ALL}</a> :: <a href="javascript:marklist('mcp', false);">{L_UNMARK_ALL}</a></b><br /><span class="nav">{PAGINATION}</span></td>
 	</tr>
 </table>
--- a/phpBB/styles/subSilver/template/posting_topic_review.html
+++ b/phpBB/styles/subSilver/template/posting_topic_review.html
@ -52,7 +52,7 @@
 						<tr>
 							<td><table width="100%" cellspacing="0">
 								<tr valign="middle">
-									<td width="100%">&nbsp;</td>
+									<td width="100%" align="left"><span class="gensmall"><!-- IF topic_review_row.U_MCP_DETAILS -->[ <a href="{topic_review_row.U_MCP_DETAILS}">{L_POST_DETAILS}</a> ]<!-- ENDIF --></span></td>
 									<td width="10" nowrap="nowrap"><a href="{topic_review_row.U_MINI_POST}">{topic_review_row.MINI_POST_IMG}</a></td>
 									<td class="gensmall" nowrap="nowrap"><b>{L_POSTED}:</b> {topic_review_row.POST_DATE}</td>
 								</tr>
--- a/phpBB/ucp.php
+++ b/phpBB/ucp.php
@ -101,15 +101,22 @@ class module
 					$submodules_ary = explode("\n", $row['module_subs']);
 					foreach ($submodules_ary as $submodule)
 					{
 						if (!trim($submodule))
 						{
 							continue;
 						}
 						$submodule = explode(',', trim($submodule));
 						$submodule_title = array_shift($submodule);
 						$is_auth = true;
 						foreach ($submodule as $auth_option)
 						{
-							if (!$auth->acl_get($auth_option))
+							eval('$is_auth = (' . preg_replace(array('#acl_([a-z_]+)#e', '#cfg_([a-z_]+)#e'), array('(int) $auth->acl_get("\\1")', '(int) $config["\\1"]'), trim($auth_option)) . ');');
 							if (!$is_auth)
 							{
-								$is_auth = false;
+								break;
 							}
 						}
--- a/phpBB/viewforum.php
+++ b/phpBB/viewforum.php
@ -410,7 +410,7 @@ if ($forum_data['forum_type'] == FORUM_POST || ($forum_data['forum_flags'] & 16)
 			}
 			// Replies
-			$replies = ($auth->acl_get('m_approve')) ? $row['topic_replies_real'] : $row['topic_replies'];
+			$replies = ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies'];
 			// Topic type/folder
 			$topic_type = '';
@ -550,7 +550,7 @@ if ($forum_data['forum_type'] == FORUM_POST || ($forum_data['forum_flags'] & 16)
 				'LAST_VIEW_TIME'	=> $user->format_date($row['topic_last_view_time']),
 				'LAST_POST_AUTHOR' 	=> ($row['topic_last_poster_name'] != '') ? $row['topic_last_poster_name'] : $user->lang['GUEST'],
 				'GOTO_PAGE' 		=> $goto_page, 
-				'REPLIES' 			=> ($auth->acl_get('m_approve')) ? $row['topic_replies_real'] : $row['topic_replies'],
+				'REPLIES' 			=> ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies'],
 				'VIEWS' 			=> $row['topic_views'],
 				'TOPIC_TITLE' 		=> censor_text($row['topic_title']),
 				'TOPIC_TYPE' 		=> $topic_type,
--- a/phpBB/viewtopic.php
+++ b/phpBB/viewtopic.php
@ -160,11 +160,11 @@ if ($user->data['user_id'] != ANONYMOUS)
 			break;
 		default:
-			$extra_fields .= ', tw.notify_status, bm.order_id as bookmarked';
+			$extra_fields .= ', tw.notify_status' . (($config['allow_bookmarks']) ? ', bm.order_id as bookmarked' : '');
 			$join_sql_table .= ' LEFT JOIN ' . TOPICS_WATCH_TABLE . ' tw ON (tw.user_id = ' . $user->data['user_id'] . ' 
 				AND t.topic_id = tw.topic_id)';
-			$join_sql_table .= ' LEFT JOIN ' . BOOKMARKS_TABLE . ' bm ON (bm.user_id = ' . $user->data['user_id'] . '
+			$join_sql_table .= ($config['allow_bookmarks']) ? ' LEFT JOIN ' . BOOKMARKS_TABLE . ' bm ON (bm.user_id = ' . $user->data['user_id'] . '
-				AND t.topic_id = bm.topic_id)';
+				AND t.topic_id = bm.topic_id)' : '';
 	}
 }
@ -172,7 +172,7 @@ if ($user->data['user_id'] != ANONYMOUS)
 // whereupon we join on the forum_id passed as a parameter ... this
 // is done so navigation, forum name, etc. remain consistent with where
 // user clicked to view a global topic
-$sql = 'SELECT t.topic_id, t.forum_id, t.topic_title, t.topic_attachment, t.topic_status, t.topic_approved, ' . (($auth->acl_get('m_approve')) ? 't.topic_replies_real AS topic_replies' : 't.topic_replies') . ', t.topic_last_post_id, t.topic_last_poster_id, t.topic_last_post_time, t.topic_poster, t.topic_time, t.topic_time_limit, t.topic_type, t.topic_bumped, t.topic_bumper, t.poll_max_options, t.poll_start, t.poll_length, t.poll_title, f.forum_name, f.forum_desc, f.forum_parents, f.parent_id, f.left_id, f.right_id, f.forum_status, f.forum_type, f.forum_id, f.forum_style, f.forum_password, f.forum_rules, f.forum_rules_link, f.forum_rules_flags' . $extra_fields . '
+$sql = 'SELECT t.topic_id, t.forum_id, t.topic_title, t.topic_attachment, t.topic_status, t.topic_approved, t.topic_replies_real, t.topic_replies, t.topic_last_post_id, t.topic_last_poster_id, t.topic_last_post_time, t.topic_poster, t.topic_time, t.topic_time_limit, t.topic_type, t.topic_bumped, t.topic_bumper, t.poll_max_options, t.poll_start, t.poll_length, t.poll_title, f.forum_name, f.forum_desc, f.forum_parents, f.parent_id, f.left_id, f.right_id, f.forum_status, f.forum_type, f.forum_id, f.forum_style, f.forum_password, f.forum_rules, f.forum_rules_link, f.forum_rules_flags' . $extra_fields . '
 	FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f' . $join_sql_table . "
 	WHERE $join_sql
 		AND (f.forum_id = t.forum_id
@ -194,6 +194,10 @@ if (!($topic_data = $db->sql_fetchrow($result)))
 // Extract the data
 extract($topic_data);
 // We make this check here because the correct forum_id is determined
 $topic_replies = ($auth->acl_get('m_approve', $forum_id) ? $topic_replies_real : $topic_replies;
 unset($topic_replies_real);
 if ($user->data['user_id'] != ANONYMOUS)
 {
 	if ($config['load_db_lastread'])
@ -497,7 +501,7 @@ $template->assign_vars(array(
 	'L_WATCH_TOPIC' 		=> $s_watching_topic['title'], 
 	'U_BOOKMARK_TOPIC'		=> ($user->data['user_id'] != ANONYMOUS && $config['allow_bookmarks']) ? $viewtopic_url . '&amp;bookmark=1' : '',
-	'L_BOOKMARK_TOPIC'		=> ($user->data['user_id'] != ANONYMOUS && $bookmarked) ? $user->lang['BOOKMARK_TOPIC_REMOVE'] : $user->lang['BOOKMARK_TOPIC'],
+	'L_BOOKMARK_TOPIC'		=> ($user->data['user_id'] != ANONYMOUS && $config['allow_bookmarks'] && $bookmarked) ? $user->lang['BOOKMARK_TOPIC_REMOVE'] : $user->lang['BOOKMARK_TOPIC'],
 	'U_POST_NEW_TOPIC' 		=> "posting.$phpEx$SID&amp;mode=post&amp;f=$forum_id",
 	'U_POST_REPLY_TOPIC' 	=> "posting.$phpEx$SID&amp;mode=reply&amp;f=$forum_id&amp;t=$topic_id",
@ -1259,7 +1263,7 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i)
 		'U_REPORT'			=> "report.$phpEx$SID&amp;p=" . $row['post_id'],
 		'U_MCP_REPORT'		=> ($auth->acl_gets('m_', 'a_', 'f_report', $forum_id)) ? "mcp.$phpEx$SID&amp;mode=post_details&amp;p=" . $row['post_id'] : '',
 		'U_MCP_APPROVE'		=> ($auth->acl_get('m_approve', $forum_id)) ? "mcp.$phpEx$SID&amp;i=queue&amp;mode=approve&amp;p=" . $row['post_id'] : '',
-		'U_MCP_DETAILS'		=> ($auth->acl_gets('a_', 'm_', $forum_id)) ? "mcp.$phpEx$SID&amp;mode=post_details&amp;p=" . $row['post_id'] : '',
+		'U_MCP_DETAILS'		=> ($auth->acl_get('m_', $forum_id)) ? "mcp.$phpEx$SID&amp;mode=post_details&amp;p=" . $row['post_id'] : '',
 		'U_MINI_POST'		=> "viewtopic.$phpEx$SID&amp;p=" . $row['post_id'] . '#' . $row['post_id'],
 		'U_POST_ID' 		=> ($unread_post_id == $row['post_id']) ? 'unread' : $row['post_id'],
 		'POST_ID'			=> $row['post_id'],