diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index 44e03912da..024b439863 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -131,6 +131,8 @@
[Fix] Pagination of User Notes in MCP uses two different config values. (Bug #56025)
[Fix] List hidden groups on viewprofile where the viewing user is also a member. (Bug #31845)
[Fix] Sort viewprofile group list by group name.
+ [Fix] Strictly check whether a moderator can post in the destination forum when moving topic. (Bug #56255)
+ [Fix] Added some error handling to the compress class.
[Fix] Correctly determine permissions to show quick reply button. (Bug #56555)
[Fix] Do not unsubscribe users from topics replying with quickreply. (Bug #56235)
[Fix] Don't submit when pressing enter on preview button. (Bug #54395)
diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php
index ddadda8ed2..a1bc2e7795 100644
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@@ -66,8 +66,6 @@ function make_forum_select($select_id = false, $ignore_id = false, $ignore_acl =
{
global $db, $user, $auth;
- $acl = ($ignore_acl) ? '' : (($only_acl_post) ? 'f_post' : array('f_list', 'a_forum', 'a_forumadd', 'a_forumdel'));
-
// This query is identical to the jumpbox one
$sql = 'SELECT forum_id, forum_name, parent_id, forum_type, forum_flags, forum_options, left_id, right_id
FROM ' . FORUMS_TABLE . '
@@ -98,18 +96,21 @@ function make_forum_select($select_id = false, $ignore_id = false, $ignore_acl =
$right = $row['right_id'];
$disabled = false;
- if ($acl && !$auth->acl_gets($acl, $row['forum_id']))
+ if (!$ignore_acl && $auth->acl_get('f_list', $row['forum_id']))
{
- // List permission?
- if ($auth->acl_get('f_list', $row['forum_id']))
+ if ($only_acl_post && !$auth->acl_get('f_post', $row['forum_id']) || (!$auth->acl_get('m_approve', $row['forum_id']) && !$auth->acl_get('f_noapprove', $row['forum_id'])))
{
$disabled = true;
}
- else
+ else if (!$only_acl_post && !$auth->acl_gets(array('a_forum', 'a_forumadd', 'a_forumdel'), $row['forum_id']))
{
- continue;
+ $disabled = true;
}
}
+ else if (!$ignore_acl)
+ {
+ continue;
+ }
if (
((is_array($ignore_id) && in_array($row['forum_id'], $ignore_id)) || $row['forum_id'] == $ignore_id)
diff --git a/phpBB/includes/functions_compress.php b/phpBB/includes/functions_compress.php
index 590daabf1d..f17c780a65 100644
--- a/phpBB/includes/functions_compress.php
+++ b/phpBB/includes/functions_compress.php
@@ -80,6 +80,11 @@ class compress
}
}
}
+ else
+ {
+ // $src does not exist
+ return false;
+ }
return true;
}
@@ -89,6 +94,11 @@ class compress
*/
function add_custom_file($src, $filename)
{
+ if (!file_exists($src))
+ {
+ return false;
+ }
+
$this->data($filename, file_get_contents($src), false, stat($src));
return true;
}
diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php
index 50b05e989f..80c3559649 100644
--- a/phpBB/includes/mcp/mcp_main.php
+++ b/phpBB/includes/mcp/mcp_main.php
@@ -568,7 +568,7 @@ function mcp_move_topic($topic_ids)
{
$additional_msg = $user->lang['FORUM_NOT_POSTABLE'];
}
- else if (!$auth->acl_get('f_post', $to_forum_id))
+ else if (!$auth->acl_get('f_post', $to_forum_id) || (!$auth->acl_get('m_approve', $to_forum_id) && !$auth->acl_get('f_noapprove', $to_forum_id)))
{
$additional_msg = $user->lang['USER_CANNOT_POST'];
}
diff --git a/phpBB/posting.php b/phpBB/posting.php
index 660ca8ef23..d5a46db9f9 100644
--- a/phpBB/posting.php
+++ b/phpBB/posting.php
@@ -992,7 +992,7 @@ if ($submit || $preview || $refresh)
$forum_type = (int) $db->sql_fetchfield('forum_type');
$db->sql_freeresult($result);
- if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id))
+ if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id) || (!$auth->acl_get('m_approve', $to_forum_id) && !$auth->acl_get('f_noapprove', $to_forum_id)))
{
$to_forum_id = 0;
}