mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 14:00:31 +02:00
Code Issues Releases Wiki Activity

[ticket/12171] Send correct status 403 when forbidden and 404 when not found

Browse Source 
PHPBB3-12171
This commit is contained in:
Joas Schilling
2014-02-10 12:17:28 +01:00
parent c36b1c16f9
commit ee1c055b70
2 changed files with 11 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
phpBB/download/file.php
View File

@@ -257,7 +257,7 @@ else if ($download_id)
if (!$post_row || ($post_row['post_visibility'] != ITEM_APPROVED && !$auth->acl_get('m_approve', $post_row['forum_id'])))
{
// Attachment of a soft deleted post and the user is not allowed to see the post
send_status_line(403, 'Forbidden');
send_status_line(404, 'Not Found');
trigger_error('ERROR_NO_ATTACHMENT');
}
}
@@ -271,7 +271,7 @@ else if ($download_id)
$extensions = array();
if (!extension_allowed($row['forum_id'], $attachment['extension'], $extensions))
{
send_status_line(404, 'Forbidden');
send_status_line(403, 'Forbidden');
trigger_error(sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension']));
}
}
@@ -454,12 +454,12 @@ else
{
// None of the attachments had a valid extension
$disallowed_extension = implode($user->lang['COMMA_SEPARATOR'], $disallowed_extension);
send_status_line(404, 'Forbidden');
send_status_line(403, 'Forbidden');
trigger_error($user->lang('EXTENSION_DISABLED_AFTER_POSTING', $disallowed_extension));
}
else if (!$files_added)
{
send_status_line(403, 'Forbidden');
send_status_line(404, 'Not Found');
trigger_error('ERROR_NO_ATTACHMENT');
}