diff options
author | Andreas Fischer <bantu@phpbb.com> | 2010-03-05 18:51:30 +0100 |
---|---|---|
committer | Nils Adermann <naderman@naderman.de> | 2010-03-05 20:59:20 +0100 |
commit | b1ab74b0431e2934cccf3bfa80aec0eef928eeb3 (patch) | |
tree | e94a26f0ea3ddc38f16f4af959137e7755575457 | |
parent | Increment version number to 3.0.7 (diff) | |
download | phpbb-b1ab74b0431e2934cccf3bfa80aec0eef928eeb3.tar.gz phpbb-b1ab74b0431e2934cccf3bfa80aec0eef928eeb3.tar.bz2 phpbb-b1ab74b0431e2934cccf3bfa80aec0eef928eeb3.zip |
Fix Bug #58595 - ATOM Feed exposes forum content under some circumstances.
-rw-r--r-- | phpBB/docs/CHANGELOG.html | 9 | ||||
-rw-r--r-- | phpBB/feed.php | 2 |
2 files changed, 9 insertions, 2 deletions
diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 6b0c0f08bd..65421aacd3 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -86,7 +86,14 @@ <div class="inner"><span class="corners-top"><span></span></span> <div class="content"> - <a name="v306"></a><h3>1.i. Changes since 3.0.6</h3> + + <a name="v307"></a><h3>1.i. Changes since 3.0.7</h3> + + <ul> + <li>[Fix] Do not expose forum content of forums with ACL entries but no actual permission in ATOM Feeds. (Bug #58595)</li> + </ul> + + <a name="v306"></a><h3>1.ii. Changes since 3.0.6</h3> <ul> <li>[Fix] Allow ban reason and length to be selected and copied in ACP and subsilver2 MCP. (Bug #51095)</li> diff --git a/phpBB/feed.php b/phpBB/feed.php index 1832efbc61..a42aa42a7f 100644 --- a/phpBB/feed.php +++ b/phpBB/feed.php @@ -522,7 +522,7 @@ class phpbb_feed_base if (!isset($forum_ids)) { - $forum_ids = array_keys($auth->acl_getf('f_read')); + $forum_ids = array_keys($auth->acl_getf('f_read', true)); } return $forum_ids; |