aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/functions_download.php
diff options
context:
space:
mode:
authorJoas Schilling <nickvergessen@gmx.de>2014-02-10 12:17:28 +0100
committerJoas Schilling <nickvergessen@gmx.de>2014-02-10 12:56:45 +0100
commitee1c055b7048e55aed91b3ec56cca01e9fc485d3 (patch)
tree0671e447d8da16c6e57017a9cbb1190ad1b52262 /phpBB/includes/functions_download.php
parentc36b1c16f97deffdf9f1278fba88f835451bb66e (diff)
downloadforums-ee1c055b7048e55aed91b3ec56cca01e9fc485d3.tar
forums-ee1c055b7048e55aed91b3ec56cca01e9fc485d3.tar.gz
forums-ee1c055b7048e55aed91b3ec56cca01e9fc485d3.tar.bz2
forums-ee1c055b7048e55aed91b3ec56cca01e9fc485d3.tar.xz
forums-ee1c055b7048e55aed91b3ec56cca01e9fc485d3.zip
[ticket/12171] Send correct status 403 when forbidden and 404 when not found
PHPBB3-12171
Diffstat (limited to 'phpBB/includes/functions_download.php')
-rw-r--r--phpBB/includes/functions_download.php10
1 files changed, 7 insertions, 3 deletions
diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index e17fe9de61..c895f7b54b 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -640,10 +640,14 @@ function phpbb_download_handle_forum_auth($db, $auth, $topic_id)
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
- if ($row && ($row['topic_visibility'] == ITEM_APPROVED || $auth->acl_get('m_approve', $row['forum_id']))
- && $auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']))
+ if ($row && $row['topic_visibility'] != ITEM_APPROVED && !$auth->acl_get('m_approve', $row['forum_id']))
{
- if ($row && $row['forum_password'])
+ send_status_line(404, 'Not Found');
+ trigger_error('ERROR_NO_ATTACHMENT');
+ }
+ else if ($row && $auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']))
+ {
+ if ($row['forum_password'])
{
// Do something else ... ?
login_forum_box($row);
generated by cgit v1.2.1 (git 2.21.0) at 2024-09-23 21:18:14 +0000