From: Andreas K. <la...@us...> - 2002-04-26 18:45:55
|
Update of /cvsroot/pn-modules/PN_phpBB_14/html/includes/search In directory usw-pr-cvs1:/tmp/cvs-serv18671/PN_phpBB_14/html/includes/search Modified Files: phpBB_14.php Log Message: added auth-check for category Index: phpBB_14.php =================================================================== RCS file: /cvsroot/pn-modules/PN_phpBB_14/html/includes/search/phpBB_14.php,v retrieving revision 1.12 retrieving revision 1.13 diff -C2 -d -r1.12 -r1.13 *** phpBB_14.php 24 Apr 2002 10:39:11 -0000 1.12 --- phpBB_14.php 26 Apr 2002 18:45:52 -0000 1.13 *************** *** 144,150 **** WHERE "; - // search no private forums - $query .= "f.forum_type=0 AND\n"; - // words foreach($w as $word) --- 144,147 ---- *************** *** 165,174 **** // get post_text and match up forums/topics/posts ! $query .= '('; $query .= "(pt.post_text LIKE '$word' OR t.topic_title LIKE '$word') \n"; $query .= "AND p.post_id=pt.post_id \n"; $query .= "AND p.topic_id=t.topic_id \n"; ! $query .= "AND p.forum_id=f.forum_id"; ! $query .= ')'; $flag = true; --- 162,172 ---- // get post_text and match up forums/topics/posts ! //$query .= '('; $query .= "(pt.post_text LIKE '$word' OR t.topic_title LIKE '$word') \n"; $query .= "AND p.post_id=pt.post_id \n"; $query .= "AND p.topic_id=t.topic_id \n"; ! $query .= "AND p.forum_id=f.forum_id\n"; ! $query .= "AND c.cat_id=f.cat_id\n"; ! //$query .= ')'; $flag = true; *************** *** 275,279 **** $forum_name = stripslashes($row['forum_name']); $cat_title = stripslashes($row['cat_title']); ! if (pnSecAuthAction(0, 'phpBB_14::Forum', "$forum_name::", ACCESS_READ) && pnSecAuthAction(0, 'phpBB_14::Category', "$cat_title::", ACCESS_READ)) { echo "<li><a class=\"pn-normal\" href=\"modules.php?op=modload&name=phpBB_14&file=index&action=viewtopic&topic=$row[topic_id]&$row[post_id]\">" .$row['topic_title']."</a> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=phpBB_14&file=index&action=viewtopic&topic=" --- 273,277 ---- $forum_name = stripslashes($row['forum_name']); $cat_title = stripslashes($row['cat_title']); ! if (pnSecAuthAction(0, 'phpBB_14::Forum', "$forum_name::", ACCESS_READ) && pnSecAuthAction(0, 'phpBB_14::Category', "$cat_title::", ACCESS_READ)) { echo "<li><a class=\"pn-normal\" href=\"modules.php?op=modload&name=phpBB_14&file=index&action=viewtopic&topic=$row[topic_id]&$row[post_id]\">" .$row['topic_title']."</a> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=phpBB_14&file=index&action=viewtopic&topic=" |