From 77e08d7b19becbb5829b4b32138c7fe5127d23ea Mon Sep 17 00:00:00 2001
From: Dietrich Moerman <dietrich.moerman@gmail.com>
Date: Fri, 14 Oct 2011 12:59:32 +0200
Subject: [PATCH] Fixed potential spammer status not taken into account in RSS
 feeds (closes #103).

---
 Changelog.txt |  1 +
 rss.php       | 15 +++++++++------
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/Changelog.txt b/Changelog.txt
index 7d3828f..261929c 100644
--- a/Changelog.txt
+++ b/Changelog.txt
@@ -8,6 +8,7 @@ UseBB 1.0.14 Changelog
 - Added Google Analytics tracking code support (#93).
 - Added re-sync statistics ACP module (#90).
 - Added Stop Forum Spam API request ACP module (#91).
+- Fixed potential spammer status not taken into account in RSS feeds (#103).
 - Automatically close other sessions for same user (#95).
 - Breadcrumbs are now made with array -- can use different subsets in templates (#92).
 - Allow global template variable to be unescaped through js_ prefix (for JS snippets).
diff --git a/rss.php b/rss.php
index 27d8981..b6bffef 100644
--- a/rss.php
+++ b/rss.php
@@ -153,7 +153,7 @@ function usebb_check_rss_access() {
 	if ( $functions->auth($forumdata['auth'], 'read', $_GET['forum']) ) {
 		
 		$can_read = true;
-		$add_to_query = array("p.content", "p.enable_bbcode", "p.enable_smilies", "p.enable_html");
+		$add_to_query = array("p.content", "p.enable_bbcode", "p.enable_smilies", "p.enable_html", "m.level AS poster_level", "m.active");
 		
 	} else {
 		
@@ -169,10 +169,11 @@ function usebb_check_rss_access() {
 	while ( $topicdata = $db->fetch_result($result) ) {
 		
 		$link = $functions->get_config('board_url').$functions->make_url('topic.php', array('id' => $topicdata['id']), true, false);
+		$can_post_links = $can_read && $functions->antispam_can_post_links($topicdata);
 		
 		$template->parse('topic', 'rss', array(
 			'title' => unhtml($functions->replace_badwords(stripslashes($topicdata['topic_title'])), true),
-			'description' => $can_read ? $functions->markup($functions->replace_badwords(stripslashes($topicdata['content'])), $topicdata['enable_bbcode'], $topicdata['enable_smilies'], $topicdata['enable_html'], true) : '',
+			'description' => $can_read ? $functions->markup($functions->replace_badwords(stripslashes($topicdata['content'])), $topicdata['enable_bbcode'], $topicdata['enable_smilies'], $topicdata['enable_html'], true, $can_post_links) : '',
 			// <author> was renamed to <dc:creator> in the default template to keep validity.
 			'author' => unhtml(stripslashes( ( !empty($topicdata['poster_id']) ) ? $topicdata['displayed_name'] : $topicdata['poster_guest']), true),
 			'link' => $link,
@@ -237,7 +238,7 @@ function usebb_check_rss_access() {
 	// Get the posts
 	//
 	
-	$result = $db->query("SELECT p.id, p.poster_id, p.poster_guest, p.content, p.post_time, p.enable_bbcode, p.enable_smilies, p.enable_html, m.displayed_name FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."members m ON p.poster_id = m.id WHERE p.topic_id = ".$_GET['topic']." ORDER BY p.post_time DESC LIMIT ".$functions->get_config('rss_items_count'));
+	$result = $db->query("SELECT p.id, p.poster_id, p.poster_guest, p.content, p.post_time, p.enable_bbcode, p.enable_smilies, p.enable_html, m.displayed_name, m.level AS poster_level, m.active FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."members m ON p.poster_id = m.id WHERE p.topic_id = ".$_GET['topic']." ORDER BY p.post_time DESC LIMIT ".$functions->get_config('rss_items_count'));
 	
 	while ( $postdata = $db->fetch_result($result) ) {
 		
@@ -245,10 +246,11 @@ function usebb_check_rss_access() {
 		$title = ( ( $postdata['id'] != $topicdata['first_post_id'] ) ? $lang['Re'].' ' : '' ) . $title;
 
 		$link = $functions->get_config('board_url').$functions->make_url('topic.php', array('post' => $postdata['id']), true, false).'#post'.$postdata['id'];
+		$can_post_links = $functions->antispam_can_post_links($postdata);
 		
 		$template->parse('topic', 'rss', array(
 			'title' => $title,
-			'description' => $functions->markup($functions->replace_badwords(stripslashes($postdata['content'])), $postdata['enable_bbcode'], $postdata['enable_smilies'], $postdata['enable_html'], true),
+			'description' => $functions->markup($functions->replace_badwords(stripslashes($postdata['content'])), $postdata['enable_bbcode'], $postdata['enable_smilies'], $postdata['enable_html'], true, $can_post_links),
 			// <author> was renamed to <dc:creator> in the default template to keep validity.
 			'author' => unhtml(stripslashes( ( !empty($postdata['poster_id']) ) ? $postdata['displayed_name'] : $postdata['poster_guest']), true),
 			'link' => $link,
@@ -320,7 +322,7 @@ function usebb_check_rss_access() {
 	
 	$template->parse('header', 'rss', $header_vars, true);
 	
-	$result = $db->query("SELECT p.id AS post_id, p.topic_id, t.forum_id, t.topic_title, t.count_replies, p.content, p.enable_bbcode, p.enable_smilies, p.enable_html, p.poster_id, m.displayed_name AS last_poster_name, p.poster_guest AS last_poster_guest, p.post_time FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."members m ON p.poster_id = m.id, ".TABLE_PREFIX."topics t WHERE t.forum_id IN(".join(', ', $forum_ids).") AND t.id = p.topic_id ORDER BY p.post_time DESC LIMIT ".$functions->get_config('rss_items_count'));
+	$result = $db->query("SELECT p.id AS post_id, p.topic_id, t.forum_id, t.topic_title, t.count_replies, p.content, p.enable_bbcode, p.enable_smilies, p.enable_html, p.poster_id, m.displayed_name AS last_poster_name, m.level AS poster_level, m.active, p.poster_guest AS last_poster_guest, p.post_time FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."members m ON p.poster_id = m.id, ".TABLE_PREFIX."topics t WHERE t.forum_id IN(".join(', ', $forum_ids).") AND t.id = p.topic_id ORDER BY p.post_time DESC LIMIT ".$functions->get_config('rss_items_count'));
 			
 	$reply_counts = array();
 	
@@ -336,13 +338,14 @@ function usebb_check_rss_access() {
 			$title = $lang['Re'].' '.$title;
 		
 		$link = $functions->get_config('board_url').$functions->make_url('topic.php', array('post' => $topicdata['post_id']), true, false).'#post'.$topicdata['post_id'];
+		$can_post_links = $functions->antispam_can_post_links($topicdata);
 		
 		//
 		// Parse the topic template
 		//
 		$template->parse('topic', 'rss', array(
 			'title' => $title,
-			'description' => $functions->markup($functions->replace_badwords(stripslashes($topicdata['content'])), $topicdata['enable_bbcode'], $topicdata['enable_smilies'], $topicdata['enable_html'], true),
+			'description' => $functions->markup($functions->replace_badwords(stripslashes($topicdata['content'])), $topicdata['enable_bbcode'], $topicdata['enable_smilies'], $topicdata['enable_html'], true, $can_post_links),
 			// <author> was renamed to <dc:creator> in the default template to keep validity.
 			'author' => unhtml(stripslashes( ( !empty($topicdata['poster_id']) ) ? $topicdata['last_poster_name'] : $topicdata['last_poster_guest']), true),
 			'link' => $link,