mc717990 wrote: Well, it's more change the where statement to this:
t.forum_id = f.forum_id
AND f.auth_view = " . AUTH_ALL . " AND f.auth_read = 0
AND p.poster_id = u.user_id
AND pt.post_id = p.post_id
AND p.topic_id = t.topic_id
There's probably a more "correct" method, but f.auth_read is the one that limits access to reading a forum. I think auth_view is limiting access to whether they can see the forum exists.
good observation. that came from the original code, but I probably should've caught it. I'll add that to the list of things to change.