mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 05:50:42 +02:00
Code Issues Releases Wiki Activity

[ticket/10961] Send HTTP 403 when applicable

Browse Source 
PHPBB3-10961
This commit is contained in:
Jakub Senko
2016-05-29 12:42:57 +02:00
parent dff950162c
commit 4b6c2c8cde
26 changed files with 98 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
phpBB/phpbb/feed/topic.php
View File

@@ -66,6 +66,14 @@ class topic extends post_base
// Make sure topic is either approved or user authed
if ($this->topic_data['topic_visibility'] != ITEM_APPROVED && !$this->auth->acl_get('m_approve', $this->forum_id))
{
if ($this->user->data['user_id'] != ANONYMOUS)
{
send_status_line(403, 'Forbidden');
}
else
{
send_status_line(401, 'Unauthorized');
}
throw new unauthorized_topic_exception($this->topic_id);
}
@@ -78,6 +86,14 @@ class topic extends post_base
// Make sure we can read this forum
if (!$this->auth->acl_get('f_read', $this->forum_id))
{
if ($this->user->data['user_id'] != ANONYMOUS)
{
send_status_line(403, 'Forbidden');
}
else
{
send_status_line(401, 'Unauthorized');
}
throw new unauthorized_forum_exception($this->forum_id);
}
@@ -88,6 +104,14 @@ class topic extends post_base
if (isset($forum_ids_passworded[$this->forum_id]))
{
if ($this->user->data['user_id'] != ANONYMOUS)
{
send_status_line(403, 'Forbidden');
}
else
{
send_status_line(401, 'Unauthorized');
}
throw new unauthorized_forum_exception($this->forum_id);
}