From f4a1d4ef0297c9c23879e3eadc74f1efe2229f1e Mon Sep 17 00:00:00 2001
From: Alec <arr70017@uga.edu>
Date: Thu, 24 Jan 2019 13:05:33 -0500
Subject: [PATCH 1/5] [ticket/15951] Add
 core.mcp_delete_topic_modify_permissions

Allow modification to permissions when deleting topics
This allows $check_permission to be false in the phpbb_check_ids function call

PHPBB3-15951
---
 phpBB/includes/mcp/mcp_main.php | 30 ++++++++++++++++++++++++++----
 1 file changed, 26 insertions(+), 4 deletions(-)

diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php
index 0919a4bdcf..f9955cff24 100644
--- a/phpBB/includes/mcp/mcp_main.php
+++ b/phpBB/includes/mcp/mcp_main.php
@@ -881,16 +881,38 @@ function mcp_restore_topic($topic_ids)
 */
 function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = '', $action = 'delete_topic')
 {
-	global $auth, $user, $db, $phpEx, $phpbb_root_path, $request, $phpbb_container, $phpbb_log;
+	global $auth, $user, $db, $phpEx, $phpbb_root_path, $request, $phpbb_container, $phpbb_log, $phpbb_dispatcher;
 
-	$check_permission = ($is_soft) ? 'm_softdelete' : 'm_delete';
-	if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array($check_permission)))
+	$forum_id = $request->variable('f', 0);
+	$check_permission = ($is_soft) ? ['m_softdelete'] : ['m_delete'];
+	/**
+	* This event allows you to modify the current user's checked permissions when deleting a topic
+	*
+	* @event core.mcp_delete_topic_modify_permissions
+	* @var	array	topic_ids				The array of topic IDs to be deleted
+	* @var	int		forum_id				The current forum ID
+	* @var	bool	is_soft					Boolean designating whether we're soft deleting or not
+	* @var	string	soft_delete_reason		The reason we're soft deleting
+	* @var	string	action					The current delete action
+	* @var	array	check_permission		The array with a permission to check for, can be set to false to not check them
+	* @since 3.2.6-RC1
+	*/
+	$vars = array(
+		'topic_ids',
+		'forum_id',
+		'is_soft',
+		'soft_delete_reason',
+		'action',
+		'check_permission',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.mcp_delete_topic_modify_permissions', compact($vars)));
+
+	if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', $check_permission))
 	{
 		return;
 	}
 
 	$redirect = $request->variable('redirect', build_url(array('action', 'quickmod')));
-	$forum_id = $request->variable('f', 0);
 
 	$s_hidden_fields = array(
 		'topic_id_list'	=> $topic_ids,

From 663e611fae7beb140d15a946e54ec758e23c01c9 Mon Sep 17 00:00:00 2001
From: Alec <arr70017@uga.edu>
Date: Thu, 24 Jan 2019 13:06:17 -0500
Subject: [PATCH 2/5] [ticket/15951] Add
 core.mcp_delete_topic_modify_hidden_fields

Allow modification of the hidden fields when deleting topics
This lets you control the permissions for permanently deleting topics
Template variables can also be modified at this point

PHPBB3-15951
---
 phpBB/includes/mcp/mcp_main.php | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php
index f9955cff24..f3d871bb2c 100644
--- a/phpBB/includes/mcp/mcp_main.php
+++ b/phpBB/includes/mcp/mcp_main.php
@@ -1024,6 +1024,28 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = ''
 			$s_hidden_fields['delete_permanent'] = '1';
 		}
 
+		/**
+		* This event allows you to modify the hidden form fields when deleting topics
+		*
+		* @event core.mcp_delete_topic_modify_hidden_fields
+		* @var	string	l_confirm				The mode we are deleting in (DELETE_TOPIC(S), DELETE_TOPIC(S)_PERMANENTLY)
+		* @var	array	s_hidden_fields			The array holding the hidden form fields
+		* @var	array	topic_ids				The array of topic IDs to be deleted
+		* @var	int		forum_id				The current forum ID
+		* @var	bool	only_softdeleted		If the topic_ids are all soft deleted, this is true
+		* @var	bool	only_shadow				If the topic_ids are all shadow topics, this is true
+		* @since 3.2.6-RC1
+		*/
+		$vars = array(
+			'l_confirm',
+			's_hidden_fields',
+			'topic_ids',
+			'forum_id',
+			'only_softdeleted',
+			'only_shadow',
+		);
+		extract($phpbb_dispatcher->trigger_event('core.mcp_delete_topic_modify_hidden_fields', compact($vars)));
+
 		confirm_box(false, $l_confirm, build_hidden_fields($s_hidden_fields), 'confirm_delete_body.html');
 	}
 

From ebc4912adad643d021df5b0356c99ebb9195d88a Mon Sep 17 00:00:00 2001
From: Alec <arr70017@uga.edu>
Date: Thu, 24 Jan 2019 13:06:56 -0500
Subject: [PATCH 3/5] [ticket/15951] Add core.mcp_modify_permissions

Allow non staff to access mcp functions
This event would allow normal users to delete topics, for example
If extensions need normal users to access this file they will need this event

PHPBB3-15951
---
 phpBB/mcp.php | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/phpBB/mcp.php b/phpBB/mcp.php
index 23d2ce7d4e..865ab3e54c 100644
--- a/phpBB/mcp.php
+++ b/phpBB/mcp.php
@@ -116,15 +116,35 @@ if (!$auth->acl_getf_global('m_'))
 	);
 
 	$allow_user = false;
+	$topic_info = phpbb_get_topic_data(array($topic_id));
 	if ($quickmod && isset($user_quickmod_actions[$action]) && $user->data['is_registered'] && $auth->acl_gets($user_quickmod_actions[$action], $forum_id))
 	{
-		$topic_info = phpbb_get_topic_data(array($topic_id));
 		if ($topic_info[$topic_id]['topic_poster'] == $user->data['user_id'])
 		{
 			$allow_user = true;
 		}
 	}
 
+	/**
+	* Allow modification of the permissions to access the mcp file
+	*
+	* @event core.mcp_modify_permissions
+	* @var	array		user_quickmod_actions			Array holding the quickmod actions and their respectiev permissions
+	* @var	array		topic_info						An array of the current topic's data
+	* @var	bool		allow_user						Boolean holding if the user can access the mcp
+	* @var	int			forum_id						The current forum ID
+	* @var	int			topic_id						The current topic ID
+	* @since 3.2.6-RC1
+	*/
+	$vars = array(
+		'user_quickmod_actions',
+		'topic_info',
+		'allow_user',
+		'forum_id',
+		'topic_id',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.mcp_modify_permissions', compact($vars)));
+
 	if (!$allow_user)
 	{
 		send_status_line(403, 'Forbidden');

From c903381154ac0c8435a9d06ea7ee1c6b38281127 Mon Sep 17 00:00:00 2001
From: Alec <arr70017@uga.edu>
Date: Tue, 11 Aug 2020 08:08:17 -0400
Subject: [PATCH 4/5] [ticket/15951] Add requested changes

Revert changes with $topic_info
Add $quickmod to the event
Change since versions to latest

PHPBB3-15951
---
 phpBB/includes/mcp/mcp_main.php | 4 ++--
 phpBB/mcp.php                   | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php
index f3d871bb2c..69d99d4d9d 100644
--- a/phpBB/includes/mcp/mcp_main.php
+++ b/phpBB/includes/mcp/mcp_main.php
@@ -895,7 +895,7 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = ''
 	* @var	string	soft_delete_reason		The reason we're soft deleting
 	* @var	string	action					The current delete action
 	* @var	array	check_permission		The array with a permission to check for, can be set to false to not check them
-	* @since 3.2.6-RC1
+	* @since 3.3.2-RC1
 	*/
 	$vars = array(
 		'topic_ids',
@@ -1034,7 +1034,7 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = ''
 		* @var	int		forum_id				The current forum ID
 		* @var	bool	only_softdeleted		If the topic_ids are all soft deleted, this is true
 		* @var	bool	only_shadow				If the topic_ids are all shadow topics, this is true
-		* @since 3.2.6-RC1
+		* @since 3.3.2-RC1
 		*/
 		$vars = array(
 			'l_confirm',
diff --git a/phpBB/mcp.php b/phpBB/mcp.php
index 865ab3e54c..3a33059e7a 100644
--- a/phpBB/mcp.php
+++ b/phpBB/mcp.php
@@ -116,9 +116,9 @@ if (!$auth->acl_getf_global('m_'))
 	);
 
 	$allow_user = false;
-	$topic_info = phpbb_get_topic_data(array($topic_id));
 	if ($quickmod && isset($user_quickmod_actions[$action]) && $user->data['is_registered'] && $auth->acl_gets($user_quickmod_actions[$action], $forum_id))
 	{
+		$topic_info = phpbb_get_topic_data(array($topic_id));
 		if ($topic_info[$topic_id]['topic_poster'] == $user->data['user_id'])
 		{
 			$allow_user = true;
@@ -130,15 +130,15 @@ if (!$auth->acl_getf_global('m_'))
 	*
 	* @event core.mcp_modify_permissions
 	* @var	array		user_quickmod_actions			Array holding the quickmod actions and their respectiev permissions
-	* @var	array		topic_info						An array of the current topic's data
+	* @var	bool		quickmod						Whether or not the action is performed via QuickMod
 	* @var	bool		allow_user						Boolean holding if the user can access the mcp
 	* @var	int			forum_id						The current forum ID
 	* @var	int			topic_id						The current topic ID
-	* @since 3.2.6-RC1
+	* @since 3.3.2-RC1
 	*/
 	$vars = array(
 		'user_quickmod_actions',
-		'topic_info',
+		'quickmod',
 		'allow_user',
 		'forum_id',
 		'topic_id',

From d88dff51fb4c130bb6600a9d2f832295861b7e1f Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Thu, 19 Nov 2020 22:42:14 +0100
Subject: [PATCH 5/5] [ticket/15951] Adjust event docblock and update since
 version

PHPBB3-15951
---
 phpBB/includes/mcp/mcp_main.php | 6 +++---
 phpBB/mcp.php                   | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php
index 69d99d4d9d..9cf4ca9c96 100644
--- a/phpBB/includes/mcp/mcp_main.php
+++ b/phpBB/includes/mcp/mcp_main.php
@@ -895,7 +895,7 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = ''
 	* @var	string	soft_delete_reason		The reason we're soft deleting
 	* @var	string	action					The current delete action
 	* @var	array	check_permission		The array with a permission to check for, can be set to false to not check them
-	* @since 3.3.2-RC1
+	* @since 3.3.3-RC1
 	*/
 	$vars = array(
 		'topic_ids',
@@ -1028,13 +1028,13 @@ function mcp_delete_topic($topic_ids, $is_soft = false, $soft_delete_reason = ''
 		* This event allows you to modify the hidden form fields when deleting topics
 		*
 		* @event core.mcp_delete_topic_modify_hidden_fields
-		* @var	string	l_confirm				The mode we are deleting in (DELETE_TOPIC(S), DELETE_TOPIC(S)_PERMANENTLY)
+		* @var	string	l_confirm				The confirmation text language variable (DELETE_TOPIC(S), DELETE_TOPIC(S)_PERMANENTLY)
 		* @var	array	s_hidden_fields			The array holding the hidden form fields
 		* @var	array	topic_ids				The array of topic IDs to be deleted
 		* @var	int		forum_id				The current forum ID
 		* @var	bool	only_softdeleted		If the topic_ids are all soft deleted, this is true
 		* @var	bool	only_shadow				If the topic_ids are all shadow topics, this is true
-		* @since 3.3.2-RC1
+		* @since 3.3.3-RC1
 		*/
 		$vars = array(
 			'l_confirm',
diff --git a/phpBB/mcp.php b/phpBB/mcp.php
index 3a33059e7a..a330bc65a5 100644
--- a/phpBB/mcp.php
+++ b/phpBB/mcp.php
@@ -134,7 +134,7 @@ if (!$auth->acl_getf_global('m_'))
 	* @var	bool		allow_user						Boolean holding if the user can access the mcp
 	* @var	int			forum_id						The current forum ID
 	* @var	int			topic_id						The current topic ID
-	* @since 3.3.2-RC1
+	* @since 3.3.3-RC1
 	*/
 	$vars = array(
 		'user_quickmod_actions',