SECURITY FIX: acl check in _getRecents added

ACLs weren't checked in the new getRecent function. Recent Changes and
the RSS/ATOM feeds displayed all changes regardless of user permissions.

darcs-hash:20050925095612-7ad00-5885e6616a4214eb99662eac08267b0a6f527625.gz

inc/common.php

@@ -621,6 +621,9 @@ function _handleRecent($line,$incdel,$ns,$subNS){
   // exclude subnamespaces
   if ((!$subNS) && (getNS($id) != $ns)) return false;
 
+  // check ACL
+  if (auth_quickaclcheck($id) < AUTH_READ) return false;
+
   // check existance
   if(!@file_exists(wikiFN($id))){
     if(!$incdel){