mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-12 19:54:12 +02:00
Code Issues Releases Wiki Activity

[ticket/10961] Send HTTP 403 when applicable

Browse Source 
PHPBB3-10961
This commit is contained in:
Jakub Senko
2016-05-29 12:42:57 +02:00
parent dff950162c
commit 4b6c2c8cde
26 changed files with 98 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
phpBB/includes/acp/acp_main.php
View File

@@ -118,6 +118,7 @@ class acp_main
case 'online':
if (!$auth->acl_get('a_board'))
{
send_status_line(403, 'Forbidden');
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
@@ -134,6 +135,7 @@ class acp_main
case 'stats':
if (!$auth->acl_get('a_board'))
{
send_status_line(403, 'Forbidden');
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
@@ -189,6 +191,7 @@ class acp_main
case 'user':
if (!$auth->acl_get('a_board'))
{
send_status_line(403, 'Forbidden');
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
@@ -256,6 +259,7 @@ class acp_main
case 'date':
if (!$auth->acl_get('a_board'))
{
send_status_line(403, 'Forbidden');
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
@@ -372,6 +376,7 @@ class acp_main
case 'purge_sessions':
if ((int) $user->data['user_type'] !== USER_FOUNDER)
{
send_status_line(403, 'Forbidden');
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}