[ticket/10961] Send HTTP 403 when applicable

PHPBB3-10961
2025-07-30 21:40:43 +02:00 · 2016-05-29 12:42:57 +02:00
parent dff950162c
commit 4b6c2c8cde
26 changed files with 98 additions and 0 deletions
--- a/phpBB/includes/mcp/mcp_logs.php
+++ b/phpBB/includes/mcp/mcp_logs.php
@@ -83,6 +83,7 @@ class mcp_logs

 				if (!in_array($forum_id, $forum_list))
 				{
+					send_status_line(403, 'Forbidden');
 					trigger_error('NOT_AUTHORISED');
 				}

@@ -101,6 +102,7 @@ class mcp_logs

 				if (!in_array($forum_id, $forum_list))
 				{
+					send_status_line(403, 'Forbidden');
 					trigger_error('NOT_AUTHORISED');
 				}

--- a/phpBB/includes/mcp/mcp_queue.php
+++ b/phpBB/includes/mcp/mcp_queue.php
@@ -622,6 +622,7 @@ class mcp_queue

 		if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
 		{
+			send_status_line(403, 'Forbidden');
 			trigger_error('NOT_AUTHORISED');
 		}

@@ -877,6 +878,7 @@ class mcp_queue

 		if (!phpbb_check_ids($topic_id_list, TOPICS_TABLE, 'topic_id', array('m_approve')))
 		{
+			send_status_line(403, 'Forbidden');
 			trigger_error('NOT_AUTHORISED');
 		}

@@ -1074,6 +1076,7 @@ class mcp_queue

 		if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
 		{
+			send_status_line(403, 'Forbidden');
 			trigger_error('NOT_AUTHORISED');
 		}

--- a/phpBB/includes/mcp/mcp_reports.php
+++ b/phpBB/includes/mcp/mcp_reports.php
@@ -542,6 +542,7 @@ function close_report($report_id_list, $mode, $action, $pm = false)
 	{
 		if (!$auth->acl_getf_global('m_report'))
 		{
+			send_status_line(403, 'Forbidden');
 			trigger_error('NOT_AUTHORISED');
 		}
 	}
@@ -549,6 +550,7 @@ function close_report($report_id_list, $mode, $action, $pm = false)
 	{
 		if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_report')))
 		{
+			send_status_line(403, 'Forbidden');
 			trigger_error('NOT_AUTHORISED');
 		}
 	}