[ticket/10961] Send HTTP 403 when applicable

PHPBB3-10961
author: Jakub Senko <jakubsenko@gmail.com> 2016-05-29 12:42:57 +0200
committer: Jakub Senko <jakubsenko@gmail.com> 2016-09-01 08:48:37 +0200
commit: 4b6c2c8cde0b87d32f8df8af87239580ddc340c4 (patch)
tree: 22b13f4776b5111624efedcc73d1b3dc0877117a /phpBB/includes/mcp
parent: dff950162cd4d79d5e199e833e46a98d381397dc (diff)
download: forums-4b6c2c8cde0b87d32f8df8af87239580ddc340c4.tar
forums-4b6c2c8cde0b87d32f8df8af87239580ddc340c4.tar.gz
forums-4b6c2c8cde0b87d32f8df8af87239580ddc340c4.tar.bz2
forums-4b6c2c8cde0b87d32f8df8af87239580ddc340c4.tar.xz
forums-4b6c2c8cde0b87d32f8df8af87239580ddc340c4.zip
3 files changed, 7 insertions, 0 deletions
diff --git a/phpBB/includes/mcp/mcp_logs.php b/phpBB/includes/mcp/mcp_logs.php
index fca0412321..c34c915a40 100644
--- a/phpBB/includes/mcp/mcp_logs.php
+++ b/phpBB/includes/mcp/mcp_logs.php
@@ -83,6 +83,7 @@ class mcp_logs
 
 				if (!in_array($forum_id, $forum_list))
 				{
+					send_status_line(403, 'Forbidden');
 					trigger_error('NOT_AUTHORISED');
 				}
 
@@ -101,6 +102,7 @@ class mcp_logs
 
 				if (!in_array($forum_id, $forum_list))
 				{
+					send_status_line(403, 'Forbidden');
 					trigger_error('NOT_AUTHORISED');
 				}
 
diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php
index 1ccced7a2f..9060cc1098 100644
--- a/phpBB/includes/mcp/mcp_queue.php
+++ b/phpBB/includes/mcp/mcp_queue.php
@@ -622,6 +622,7 @@ class mcp_queue
 
 		if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
 		{
+			send_status_line(403, 'Forbidden');
 			trigger_error('NOT_AUTHORISED');
 		}
 
@@ -877,6 +878,7 @@ class mcp_queue
 
 		if (!phpbb_check_ids($topic_id_list, TOPICS_TABLE, 'topic_id', array('m_approve')))
 		{
+			send_status_line(403, 'Forbidden');
 			trigger_error('NOT_AUTHORISED');
 		}
 
@@ -1074,6 +1076,7 @@ class mcp_queue
 
 		if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
 		{
+			send_status_line(403, 'Forbidden');
 			trigger_error('NOT_AUTHORISED');
 		}
 
diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php
index 3809ea2616..1462acf110 100644
--- a/phpBB/includes/mcp/mcp_reports.php
+++ b/phpBB/includes/mcp/mcp_reports.php
@@ -542,6 +542,7 @@ function close_report($report_id_list, $mode, $action, $pm = false)
 	{
 		if (!$auth->acl_getf_global('m_report'))
 		{
+			send_status_line(403, 'Forbidden');
 			trigger_error('NOT_AUTHORISED');
 		}
 	}
@@ -549,6 +550,7 @@ function close_report($report_id_list, $mode, $action, $pm = false)
 	{
 		if (!phpbb_check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_report')))
 		{
+			send_status_line(403, 'Forbidden');
 			trigger_error('NOT_AUTHORISED');
 		}
 	}
author	Jakub Senko <jakubsenko@gmail.com>	2016-05-29 12:42:57 +0200
committer	Jakub Senko <jakubsenko@gmail.com>	2016-09-01 08:48:37 +0200
commit	4b6c2c8cde0b87d32f8df8af87239580ddc340c4 (patch)
tree	22b13f4776b5111624efedcc73d1b3dc0877117a /phpBB/includes/mcp
parent	dff950162cd4d79d5e199e833e46a98d381397dc (diff)
download	forums-4b6c2c8cde0b87d32f8df8af87239580ddc340c4.tar forums-4b6c2c8cde0b87d32f8df8af87239580ddc340c4.tar.gz forums-4b6c2c8cde0b87d32f8df8af87239580ddc340c4.tar.bz2 forums-4b6c2c8cde0b87d32f8df8af87239580ddc340c4.tar.xz forums-4b6c2c8cde0b87d32f8df8af87239580ddc340c4.zip