diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php index 0919a4bdcf..9cf4ca9c96 100644 --- a/phpBB/includes/mcp/mcp_main.php +++ b/phpBB/includes/mcp/mcp_main.php @@ -881,16 +881,38 @@ function mcp_restore_topic($topic_ids) */ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = '', $action = 'delete_topic') { - global $auth, $user, $db, $phpEx, $phpbb_root_path, $request, $phpbb_container, $phpbb_log; + global $auth, $user, $db, $phpEx, $phpbb_root_path, $request, $phpbb_container, $phpbb_log, $phpbb_dispatcher; - $check_permission = ($is_soft) ? 'm_softdelete' : 'm_delete'; - if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array($check_permission))) + $forum_id = $request->variable('f', 0); + $check_permission = ($is_soft) ? ['m_softdelete'] : ['m_delete']; + /** + * This event allows you to modify the current user's checked permissions when deleting a topic + * + * @event core.mcp_delete_topic_modify_permissions + * @var array topic_ids The array of topic IDs to be deleted + * @var int forum_id The current forum ID + * @var bool is_soft Boolean designating whether we're soft deleting or not + * @var string soft_delete_reason The reason we're soft deleting + * @var string action The current delete action + * @var array check_permission The array with a permission to check for, can be set to false to not check them + * @since 3.3.3-RC1 + */ + $vars = array( + 'topic_ids', + 'forum_id', + 'is_soft', + 'soft_delete_reason', + 'action', + 'check_permission', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_delete_topic_modify_permissions', compact($vars))); + + if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', $check_permission)) { return; } $redirect = $request->variable('redirect', build_url(array('action', 'quickmod'))); - $forum_id = $request->variable('f', 0); $s_hidden_fields = array( 'topic_id_list' => $topic_ids, @@ -1002,6 +1024,28 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = '' $s_hidden_fields['delete_permanent'] = '1'; } + /** + * This event allows you to modify the hidden form fields when deleting topics + * + * @event core.mcp_delete_topic_modify_hidden_fields + * @var string l_confirm The confirmation text language variable (DELETE_TOPIC(S), DELETE_TOPIC(S)_PERMANENTLY) + * @var array s_hidden_fields The array holding the hidden form fields + * @var array topic_ids The array of topic IDs to be deleted + * @var int forum_id The current forum ID + * @var bool only_softdeleted If the topic_ids are all soft deleted, this is true + * @var bool only_shadow If the topic_ids are all shadow topics, this is true + * @since 3.3.3-RC1 + */ + $vars = array( + 'l_confirm', + 's_hidden_fields', + 'topic_ids', + 'forum_id', + 'only_softdeleted', + 'only_shadow', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_delete_topic_modify_hidden_fields', compact($vars))); + confirm_box(false, $l_confirm, build_hidden_fields($s_hidden_fields), 'confirm_delete_body.html'); } diff --git a/phpBB/mcp.php b/phpBB/mcp.php index 23d2ce7d4e..a330bc65a5 100644 --- a/phpBB/mcp.php +++ b/phpBB/mcp.php @@ -125,6 +125,26 @@ if (!$auth->acl_getf_global('m_')) } } + /** + * Allow modification of the permissions to access the mcp file + * + * @event core.mcp_modify_permissions + * @var array user_quickmod_actions Array holding the quickmod actions and their respectiev permissions + * @var bool quickmod Whether or not the action is performed via QuickMod + * @var bool allow_user Boolean holding if the user can access the mcp + * @var int forum_id The current forum ID + * @var int topic_id The current topic ID + * @since 3.3.3-RC1 + */ + $vars = array( + 'user_quickmod_actions', + 'quickmod', + 'allow_user', + 'forum_id', + 'topic_id', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_modify_permissions', compact($vars))); + if (!$allow_user) { send_status_line(403, 'Forbidden');