Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

#620 - Added http status codes to various events

  • Loading branch information...
commit 543eaa00a4a9101cfa34f86f3660b36cfc0d1772 1 parent 700b11c
Jan Dorsman authored April 13, 2012
2  admin_bans.php
@@ -15,7 +15,7 @@
15 15
 
16 16
 
17 17
 if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] != '1' || $pun_user['g_mod_ban_users'] == '0'))
18  
-	message($lang_common['No permission']);
  18
+	message($lang_common['No permission'], false, '403 Forbidden');
19 19
 
20 20
 // Load the admin_bans.php language file
21 21
 require PUN_ROOT.'lang/'.$admin_language.'/admin_bans.php';
2  admin_categories.php
@@ -15,7 +15,7 @@
15 15
 
16 16
 
17 17
 if ($pun_user['g_id'] != PUN_ADMIN)
18  
-	message($lang_common['No permission']);
  18
+	message($lang_common['No permission'], false, '403 Forbidden');
19 19
 
20 20
 // Load the admin_categories.php language file
21 21
 require PUN_ROOT.'lang/'.$admin_language.'/admin_categories.php';
2  admin_censoring.php
@@ -15,7 +15,7 @@
15 15
 
16 16
 
17 17
 if ($pun_user['g_id'] != PUN_ADMIN)
18  
-	message($lang_common['No permission']);
  18
+	message($lang_common['No permission'], false, '403 Forbidden');
19 19
 
20 20
 // Load the admin_censoring.php language file
21 21
 require PUN_ROOT.'lang/'.$admin_language.'/admin_censoring.php';
2  admin_forums.php
@@ -15,7 +15,7 @@
15 15
 
16 16
 
17 17
 if ($pun_user['g_id'] != PUN_ADMIN)
18  
-	message($lang_common['No permission']);
  18
+	message($lang_common['No permission'], false, '403 Forbidden');
19 19
 
20 20
 // Load the admin_forums.php language file
21 21
 require PUN_ROOT.'lang/'.$admin_language.'/admin_forums.php';
2  admin_groups.php
@@ -15,7 +15,7 @@
15 15
 
16 16
 
17 17
 if ($pun_user['g_id'] != PUN_ADMIN)
18  
-	message($lang_common['No permission']);
  18
+	message($lang_common['No permission'], false, '403 Forbidden');
19 19
 
20 20
 // Load the admin_censoring.php language file
21 21
 require PUN_ROOT.'lang/'.$admin_language.'/admin_groups.php';
2  admin_index.php
@@ -15,7 +15,7 @@
15 15
 
16 16
 
17 17
 if (!$pun_user['is_admmod'])
18  
-	message($lang_common['No permission']);
  18
+	message($lang_common['No permission'], false, '403 Forbidden');
19 19
 
20 20
 // Load the admin_index.php language file
21 21
 require PUN_ROOT.'lang/'.$admin_language.'/admin_index.php';
4  admin_loader.php
@@ -15,7 +15,7 @@
15 15
 
16 16
 
17 17
 if (!$pun_user['is_admmod'])
18  
-	message($lang_common['No permission']);
  18
+	message($lang_common['No permission'], false, '403 Forbidden');
19 19
 
20 20
 // The plugin to load should be supplied via GET
21 21
 $plugin = isset($_GET['plugin']) ? $_GET['plugin'] : '';
@@ -25,7 +25,7 @@
25 25
 // AP_ == Admins only, AMP_ == admins and moderators
26 26
 $prefix = substr($plugin, 0, strpos($plugin, '_'));
27 27
 if ($pun_user['g_moderator'] == '1' && $prefix == 'AP')
28  
-	message($lang_common['No permission']);
  28
+	message($lang_common['No permission'], false, '403 Forbidden');
29 29
 
30 30
 // Make sure the file actually exists
31 31
 if (!file_exists(PUN_ROOT.'plugins/'.$plugin))
2  admin_maintenance.php
@@ -17,7 +17,7 @@
17 17
 
18 18
 
19 19
 if ($pun_user['g_id'] != PUN_ADMIN)
20  
-	message($lang_common['No permission']);
  20
+	message($lang_common['No permission'], false, '403 Forbidden');
21 21
 
22 22
 // Load the admin_maintenance.php language file
23 23
 require PUN_ROOT.'lang/'.$admin_language.'/admin_maintenance.php';
2  admin_options.php
@@ -15,7 +15,7 @@
15 15
 
16 16
 
17 17
 if ($pun_user['g_id'] != PUN_ADMIN)
18  
-	message($lang_common['No permission']);
  18
+	message($lang_common['No permission'], false, '403 Forbidden');
19 19
 
20 20
 // Load the admin_options.php language file
21 21
 require PUN_ROOT.'lang/'.$admin_language.'/admin_options.php';
2  admin_permissions.php
@@ -15,7 +15,7 @@
15 15
 
16 16
 
17 17
 if ($pun_user['g_id'] != PUN_ADMIN)
18  
-	message($lang_common['No permission']);
  18
+	message($lang_common['No permission'], false, '403 Forbidden');
19 19
 
20 20
 // Load the admin_permissions.php language file
21 21
 require PUN_ROOT.'lang/'.$admin_language.'/admin_permissions.php';
2  admin_ranks.php
@@ -15,7 +15,7 @@
15 15
 
16 16
 
17 17
 if ($pun_user['g_id'] != PUN_ADMIN)
18  
-	message($lang_common['No permission']);
  18
+	message($lang_common['No permission'], false, '403 Forbidden');
19 19
 
20 20
 // Load the admin_ranks.php language file
21 21
 require PUN_ROOT.'lang/'.$admin_language.'/admin_ranks.php';
2  admin_reports.php
@@ -15,7 +15,7 @@
15 15
 
16 16
 
17 17
 if (!$pun_user['is_admmod'])
18  
-	message($lang_common['No permission']);
  18
+	message($lang_common['No permission'], false, '403 Forbidden');
19 19
 
20 20
 // Load the admin_reports.php language file
21 21
 require PUN_ROOT.'lang/'.$admin_language.'/admin_reports.php';
8  admin_users.php
@@ -15,7 +15,7 @@
15 15
 
16 16
 
17 17
 if (!$pun_user['is_admmod'])
18  
-	message($lang_common['No permission']);
  18
+	message($lang_common['No permission'], false, '403 Forbidden');
19 19
 
20 20
 // Load the admin_users.php language file
21 21
 require PUN_ROOT.'lang/'.$admin_language.'/admin_users.php';
@@ -257,7 +257,7 @@
257 257
 else if (isset($_POST['move_users']) || isset($_POST['move_users_comply']))
258 258
 {
259 259
 	if ($pun_user['g_id'] > PUN_ADMIN)
260  
-		message($lang_common['No permission']);
  260
+		message($lang_common['No permission'], false, '403 Forbidden');
261 261
 
262 262
 	confirm_referrer('admin_users.php');
263 263
 
@@ -383,7 +383,7 @@
383 383
 else if (isset($_POST['delete_users']) || isset($_POST['delete_users_comply']))
384 384
 {
385 385
 	if ($pun_user['g_id'] > PUN_ADMIN)
386  
-		message($lang_common['No permission']);
  386
+		message($lang_common['No permission'], false, '403 Forbidden');
387 387
 
388 388
 	confirm_referrer('admin_users.php');
389 389
 
@@ -532,7 +532,7 @@
532 532
 else if (isset($_POST['ban_users']) || isset($_POST['ban_users_comply']))
533 533
 {
534 534
 	if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] != '1' || $pun_user['g_mod_ban_users'] == '0'))
535  
-		message($lang_common['No permission']);
  535
+		message($lang_common['No permission'], false, '403 Forbidden');
536 536
 
537 537
 	confirm_referrer('admin_users.php');
538 538
 
8  delete.php
@@ -11,17 +11,17 @@
11 11
 
12 12
 
13 13
 if ($pun_user['g_read_board'] == '0')
14  
-	message($lang_common['No view']);
  14
+	message($lang_common['No view'], false, '403 Forbidden');
15 15
 
16 16
 
17 17
 $id = isset($_GET['id']) ? intval($_GET['id']) : 0;
18 18
 if ($id < 1)
19  
-	message($lang_common['Bad request']);
  19
+	message($lang_common['Bad request'], false, '404 Not Found');
20 20
 
21 21
 // Fetch some info about the post, the topic and the forum
22 22
 $result = $db->query('SELECT f.id AS fid, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, t.id AS tid, t.subject, t.first_post_id, t.closed, p.posted, p.poster, p.poster_id, p.message, p.hide_smilies FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
23 23
 if (!$db->num_rows($result))
24  
-	message($lang_common['Bad request']);
  24
+	message($lang_common['Bad request'], false, '404 Not Found');
25 25
 
26 26
 $cur_post = $db->fetch_assoc($result);
27 27
 
@@ -40,7 +40,7 @@
40 40
 	$cur_post['poster_id'] != $pun_user['id'] ||
41 41
 	$cur_post['closed'] == '1') &&
42 42
 	!$is_admmod)
43  
-	message($lang_common['No permission']);
  43
+	message($lang_common['No permission'], false, '403 Forbidden');
44 44
 
45 45
 // Load the delete.php language file
46 46
 require PUN_ROOT.'lang/'.$pun_user['language'].'/delete.php';
8  edit.php
@@ -11,17 +11,17 @@
11 11
 
12 12
 
13 13
 if ($pun_user['g_read_board'] == '0')
14  
-	message($lang_common['No view']);
  14
+	message($lang_common['No view'], false, '403 Forbidden');
15 15
 
16 16
 
17 17
 $id = isset($_GET['id']) ? intval($_GET['id']) : 0;
18 18
 if ($id < 1)
19  
-	message($lang_common['Bad request']);
  19
+	message($lang_common['Bad request'], false, '404 Not Found');
20 20
 
21 21
 // Fetch some info about the post, the topic and the forum
22 22
 $result = $db->query('SELECT f.id AS fid, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, t.id AS tid, t.subject, t.posted, t.first_post_id, t.sticky, t.closed, p.poster, p.poster_id, p.message, p.hide_smilies FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
23 23
 if (!$db->num_rows($result))
24  
-	message($lang_common['Bad request']);
  24
+	message($lang_common['Bad request'], false, '404 Not Found');
25 25
 
26 26
 $cur_post = $db->fetch_assoc($result);
27 27
 
@@ -42,7 +42,7 @@
42 42
 	$cur_post['poster_id'] != $pun_user['id'] ||
43 43
 	$cur_post['closed'] == '1') &&
44 44
 	!$is_admmod)
45  
-	message($lang_common['No permission']);
  45
+	message($lang_common['No permission'], false, '403 Forbidden');
46 46
 
47 47
 // Load the post.php/edit.php language file
48 48
 require PUN_ROOT.'lang/'.$pun_user['language'].'/post.php';
2  help.php
@@ -14,7 +14,7 @@
14 14
 
15 15
 
16 16
 if ($pun_user['g_read_board'] == '0')
17  
-	message($lang_common['No view']);
  17
+	message($lang_common['No view'], false, '403 Forbidden');
18 18
 
19 19
 
20 20
 // Load the help.php language file
7  include/functions.php
@@ -923,10 +923,15 @@ function paginate($num_pages, $cur_page, $link)
923 923
 //
924 924
 // Display a message
925 925
 //
926  
-function message($message, $no_back_link = false)
  926
+function message($message, $no_back_link = false, $http_status = null)
927 927
 {
928 928
 	global $db, $lang_common, $pun_config, $pun_start, $tpl_main, $pun_user;
929 929
 
  930
+	// Did we receive a custom header?
  931
+	if(!is_null($http_status)) {
  932
+		header('HTTP/1.1 ' . $http_status);
  933
+	}
  934
+
930 935
 	if (!defined('PUN_HEADER'))
931 936
 	{
932 937
 		$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Info']);
2  index.php
@@ -11,7 +11,7 @@
11 11
 
12 12
 
13 13
 if ($pun_user['g_read_board'] == '0')
14  
-	message($lang_common['No view']);
  14
+	message($lang_common['No view'], false, '403 Forbidden');
15 15
 
16 16
 
17 17
 // Load the index.php language file
6  misc.php
@@ -49,7 +49,7 @@
49 49
 else if ($action == 'markread')
50 50
 {
51 51
 	if ($pun_user['is_guest'])
52  
-		message($lang_common['No permission']);
  52
+		message($lang_common['No permission'], false, '403 Forbidden');
53 53
 
54 54
 	$db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user last visit data', __FILE__, __LINE__, $db->error());
55 55
 
@@ -64,7 +64,7 @@
64 64
 else if ($action == 'markforumread')
65 65
 {
66 66
 	if ($pun_user['is_guest'])
67  
-		message($lang_common['No permission']);
  67
+		message($lang_common['No permission'], false, '403 Forbidden');
68 68
 
69 69
 	$fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
70 70
 	if ($fid < 1)
@@ -81,7 +81,7 @@
81 81
 else if (isset($_GET['email']))
82 82
 {
83 83
 	if ($pun_user['is_guest'] || $pun_user['g_send_email'] == '0')
84  
-		message($lang_common['No permission']);
  84
+		message($lang_common['No permission'], false, '403 Forbidden');
85 85
 
86 86
 	$recipient_id = intval($_GET['email']);
87 87
 	if ($recipient_id < 2)
14  moderate.php
@@ -15,7 +15,7 @@
15 15
 if (isset($_GET['get_host']))
16 16
 {
17 17
 	if (!$pun_user['is_admmod'])
18  
-		message($lang_common['No permission']);
  18
+		message($lang_common['No permission'], false, '403 Forbidden');
19 19
 
20 20
 	// Is get_host an IP address or a post ID?
21 21
 	if (@preg_match('%^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$%', $_GET['get_host']) || @preg_match('%^((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))$%', $_GET['get_host']))
@@ -28,7 +28,7 @@
28 28
 
29 29
 		$result = $db->query('SELECT poster_ip FROM '.$db->prefix.'posts WHERE id='.$get_host) or error('Unable to fetch post IP address', __FILE__, __LINE__, $db->error());
30 30
 		if (!$db->num_rows($result))
31  
-			message($lang_common['Bad request']);
  31
+			message($lang_common['Bad request'], false, '404 Not Found');
32 32
 
33 33
 		$ip = $db->result($result);
34 34
 	}
@@ -43,7 +43,7 @@
43 43
 // All other functions require moderator/admin access
44 44
 $fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
45 45
 if ($fid < 1)
46  
-	message($lang_common['Bad request']);
  46
+	message($lang_common['Bad request'], false, '404 Not Found');
47 47
 
48 48
 $result = $db->query('SELECT moderators FROM '.$db->prefix.'forums WHERE id='.$fid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
49 49
 
@@ -51,7 +51,7 @@
51 51
 $mods_array = ($moderators != '') ? unserialize($moderators) : array();
52 52
 
53 53
 if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] == '0' || !array_key_exists($pun_user['username'], $mods_array)))
54  
-	message($lang_common['No permission']);
  54
+	message($lang_common['No permission'], false, '403 Forbidden');
55 55
 
56 56
 // Get topic/forum tracking data
57 57
 if (!$pun_user['is_guest'])
@@ -66,12 +66,12 @@
66 66
 {
67 67
 	$tid = intval($_GET['tid']);
68 68
 	if ($tid < 1)
69  
-		message($lang_common['Bad request']);
  69
+		message($lang_common['Bad request'], false, '404 Not Found');
70 70
 
71 71
 	// Fetch some info about the topic
72 72
 	$result = $db->query('SELECT t.subject, t.num_replies, t.first_post_id, f.id AS forum_id, forum_name FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$fid.' AND t.id='.$tid.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
73 73
 	if (!$db->num_rows($result))
74  
-		message($lang_common['Bad request']);
  74
+		message($lang_common['Bad request'], false, '404 Not Found');
75 75
 
76 76
 	$cur_topic = $db->fetch_assoc($result);
77 77
 
@@ -794,7 +794,7 @@
794 794
 // Fetch some info about the forum
795 795
 $result = $db->query('SELECT f.forum_name, f.redirect_url, f.num_topics, f.sort_by FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$fid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
796 796
 if (!$db->num_rows($result))
797  
-	message($lang_common['Bad request']);
  797
+	message($lang_common['Bad request'], false, '404 Not Found');
798 798
 
799 799
 $cur_forum = $db->fetch_assoc($result);
800 800
 
12  post.php
@@ -11,13 +11,13 @@
11 11
 
12 12
 
13 13
 if ($pun_user['g_read_board'] == '0')
14  
-	message($lang_common['No view']);
  14
+	message($lang_common['No view'], false, '403 Forbidden');
15 15
 
16 16
 
17 17
 $tid = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
18 18
 $fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
19 19
 if ($tid < 1 && $fid < 1 || $tid > 0 && $fid > 0)
20  
-	message($lang_common['Bad request']);
  20
+	message($lang_common['Bad request'], false, '404 Not Found');
21 21
 
22 22
 // Fetch some info about the topic and/or the forum
23 23
 if ($tid)
@@ -26,7 +26,7 @@
26 26
 	$result = $db->query('SELECT f.id, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$fid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
27 27
 
28 28
 if (!$db->num_rows($result))
29  
-	message($lang_common['Bad request']);
  29
+	message($lang_common['Bad request'], false, '404 Not Found');
30 30
 
31 31
 $cur_posting = $db->fetch_assoc($result);
32 32
 $is_subscribed = $tid && $cur_posting['is_subscribed'];
@@ -47,7 +47,7 @@
47 47
 	($fid && (($cur_posting['post_topics'] == '' && $pun_user['g_post_topics'] == '0') || $cur_posting['post_topics'] == '0')) ||
48 48
 	(isset($cur_posting['closed']) && $cur_posting['closed'] == '1')) &&
49 49
 	!$is_admmod)
50  
-	message($lang_common['No permission']);
  50
+	message($lang_common['No permission'], false, '403 Forbidden');
51 51
 
52 52
 // Load the post.php language file
53 53
 require PUN_ROOT.'lang/'.$pun_user['language'].'/post.php';
@@ -439,11 +439,11 @@
439 439
 	{
440 440
 		$qid = intval($_GET['qid']);
441 441
 		if ($qid < 1)
442  
-			message($lang_common['Bad request']);
  442
+			message($lang_common['Bad request'], false, '404 Not Found');
443 443
 
444 444
 		$result = $db->query('SELECT poster, message FROM '.$db->prefix.'posts WHERE id='.$qid.' AND topic_id='.$tid) or error('Unable to fetch quote info', __FILE__, __LINE__, $db->error());
445 445
 		if (!$db->num_rows($result))
446  
-			message($lang_common['Bad request']);
  446
+			message($lang_common['Bad request'], false, '404 Not Found');
447 447
 
448 448
 		list($q_poster, $q_message) = $db->fetch_row($result);
449 449
 
42  profile.php
@@ -18,14 +18,14 @@
18 18
 $section = isset($_GET['section']) ? $_GET['section'] : null;
19 19
 $id = isset($_GET['id']) ? intval($_GET['id']) : 0;
20 20
 if ($id < 2)
21  
-	message($lang_common['Bad request']);
  21
+	message($lang_common['Bad request'], false, '404 Not Found');
22 22
 
23 23
 if ($action != 'change_pass' || !isset($_GET['key']))
24 24
 {
25 25
 	if ($pun_user['g_read_board'] == '0')
26  
-		message($lang_common['No view']);
  26
+		message($lang_common['No view'], false, '403 Forbidden');
27 27
 	else if ($pun_user['g_view_users'] == '0' && ($pun_user['is_guest'] || $pun_user['id'] != $id))
28  
-		message($lang_common['No permission']);
  28
+		message($lang_common['No permission'], false, '403 Forbidden');
29 29
 }
30 30
 
31 31
 // Load the profile.php/register.php language file
@@ -65,17 +65,17 @@
65 65
 	if ($pun_user['id'] != $id)
66 66
 	{
67 67
 		if (!$pun_user['is_admmod']) // A regular user trying to change another users password?
68  
-			message($lang_common['No permission']);
  68
+			message($lang_common['No permission'], false, '403 Forbidden');
69 69
 		else if ($pun_user['g_moderator'] == '1') // A moderator trying to change a users password?
70 70
 		{
71 71
 			$result = $db->query('SELECT u.group_id, g.g_moderator FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON (g.g_id=u.group_id) WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
72 72
 			if (!$db->num_rows($result))
73  
-				message($lang_common['Bad request']);
  73
+				message($lang_common['Bad request'], false, '404 Not Found');
74 74
 
75 75
 			list($group_id, $is_moderator) = $db->fetch_row($result);
76 76
 
77 77
 			if ($pun_user['g_mod_edit_users'] == '0' || $pun_user['g_mod_change_passwords'] == '0' || $group_id == PUN_ADMIN || $is_moderator == '1')
78  
-				message($lang_common['No permission']);
  78
+				message($lang_common['No permission'], false, '403 Forbidden');
79 79
 		}
80 80
 	}
81 81
 
@@ -161,17 +161,17 @@
161 161
 	if ($pun_user['id'] != $id)
162 162
 	{
163 163
 		if (!$pun_user['is_admmod']) // A regular user trying to change another users email?
164  
-			message($lang_common['No permission']);
  164
+			message($lang_common['No permission'], false, '403 Forbidden');
165 165
 		else if ($pun_user['g_moderator'] == '1') // A moderator trying to change a users email?
166 166
 		{
167 167
 			$result = $db->query('SELECT u.group_id, g.g_moderator FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON (g.g_id=u.group_id) WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
168 168
 			if (!$db->num_rows($result))
169  
-				message($lang_common['Bad request']);
  169
+				message($lang_common['Bad request'], false, '404 Not Found');
170 170
 
171 171
 			list($group_id, $is_moderator) = $db->fetch_row($result);
172 172
 
173 173
 			if ($pun_user['g_mod_edit_users'] == '0' || $group_id == PUN_ADMIN || $is_moderator == '1')
174  
-				message($lang_common['No permission']);
  174
+				message($lang_common['No permission'], false, '403 Forbidden');
175 175
 		}
176 176
 	}
177 177
 
@@ -316,7 +316,7 @@
316 316
 		message($lang_profile['Avatars disabled']);
317 317
 
318 318
 	if ($pun_user['id'] != $id && !$pun_user['is_admmod'])
319  
-		message($lang_common['No permission']);
  319
+		message($lang_common['No permission'], false, '403 Forbidden');
320 320
 
321 321
 	if (isset($_POST['form_sent']))
322 322
 	{
@@ -439,7 +439,7 @@
439 439
 else if ($action == 'delete_avatar')
440 440
 {
441 441
 	if ($pun_user['id'] != $id && !$pun_user['is_admmod'])
442  
-		message($lang_common['No permission']);
  442
+		message($lang_common['No permission'], false, '403 Forbidden');
443 443
 
444 444
 	confirm_referrer('profile.php');
445 445
 
@@ -452,7 +452,7 @@
452 452
 else if (isset($_POST['update_group_membership']))
453 453
 {
454 454
 	if ($pun_user['g_id'] > PUN_ADMIN)
455  
-		message($lang_common['No permission']);
  455
+		message($lang_common['No permission'], false, '403 Forbidden');
456 456
 
457 457
 	confirm_referrer('profile.php');
458 458
 
@@ -496,7 +496,7 @@
496 496
 else if (isset($_POST['update_forums']))
497 497
 {
498 498
 	if ($pun_user['g_id'] > PUN_ADMIN)
499  
-		message($lang_common['No permission']);
  499
+		message($lang_common['No permission'], false, '403 Forbidden');
500 500
 
501 501
 	confirm_referrer('profile.php');
502 502
 
@@ -537,7 +537,7 @@
537 537
 else if (isset($_POST['ban']))
538 538
 {
539 539
 	if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] != '1' || $pun_user['g_mod_ban_users'] == '0'))
540  
-		message($lang_common['No permission']);
  540
+		message($lang_common['No permission'], false, '403 Forbidden');
541 541
 
542 542
 	// Get the username of the user we are banning
543 543
 	$result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch username', __FILE__, __LINE__, $db->error());
@@ -558,7 +558,7 @@
558 558
 else if (isset($_POST['delete_user']) || isset($_POST['delete_user_comply']))
559 559
 {
560 560
 	if ($pun_user['g_id'] > PUN_ADMIN)
561  
-		message($lang_common['No permission']);
  561
+		message($lang_common['No permission'], false, '403 Forbidden');
562 562
 
563 563
 	confirm_referrer('profile.php');
564 564
 
@@ -679,7 +679,7 @@
679 679
 	// Fetch the user group of the user we are editing
680 680
 	$result = $db->query('SELECT u.username, u.group_id, g.g_moderator FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON (g.g_id=u.group_id) WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
681 681
 	if (!$db->num_rows($result))
682  
-		message($lang_common['Bad request']);
  682
+		message($lang_common['Bad request'], false, '404 Not Found');
683 683
 
684 684
 	list($old_username, $group_id, $is_moderator) = $db->fetch_row($result);
685 685
 
@@ -689,7 +689,7 @@
689 689
 		($pun_user['g_mod_edit_users'] == '0' ||													// mods aren't allowed to edit users
690 690
 		$group_id == PUN_ADMIN ||																	// or the user is an admin
691 691
 		$is_moderator))))																			// or the user is another mod
692  
-		message($lang_common['No permission']);
  692
+		message($lang_common['No permission'], false, '403 Forbidden');
693 693
 
694 694
 	if ($pun_user['is_admmod'])
695 695
 		confirm_referrer('profile.php');
@@ -714,7 +714,7 @@
714 714
 				$languages = forum_list_langs();
715 715
 				$form['language'] = pun_trim($_POST['form']['language']);
716 716
 				if (!in_array($form['language'], $languages))
717  
-					message($lang_common['Bad request']);
  717
+					message($lang_common['Bad request'], false, '404 Not Found');
718 718
 			}
719 719
 
720 720
 			if ($pun_user['is_admmod'])
@@ -884,7 +884,7 @@
884 884
 				$styles = forum_list_styles();
885 885
 				$form['style'] = pun_trim($_POST['form']['style']);
886 886
 				if (!in_array($form['style'], $styles))
887  
-					message($lang_common['Bad request']);
  887
+					message($lang_common['Bad request'], false, '404 Not Found');
888 888
 			}
889 889
 
890 890
 			break;
@@ -981,7 +981,7 @@
981 981
 
982 982
 $result = $db->query('SELECT u.username, u.email, u.title, u.realname, u.url, u.jabber, u.icq, u.msn, u.aim, u.yahoo, u.location, u.signature, u.disp_topics, u.disp_posts, u.email_setting, u.notify_with_post, u.auto_notify, u.show_smilies, u.show_img, u.show_img_sig, u.show_avatars, u.show_sig, u.timezone, u.dst, u.language, u.style, u.num_posts, u.last_post, u.registered, u.registration_ip, u.admin_note, u.date_format, u.time_format, u.last_visit, g.g_id, g.g_user_title, g.g_moderator FROM '.$db->prefix.'users AS u LEFT JOIN '.$db->prefix.'groups AS g ON g.g_id=u.group_id WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
983 983
 if (!$db->num_rows($result))
984  
-	message($lang_common['Bad request']);
  984
+	message($lang_common['Bad request'], false, '404 Not Found');
985 985
 
986 986
 $user = $db->fetch_assoc($result);
987 987
 
@@ -1674,7 +1674,7 @@
1674 1674
 	else if ($section == 'admin')
1675 1675
 	{
1676 1676
 		if (!$pun_user['is_admmod'] || ($pun_user['g_moderator'] == '1' && $pun_user['g_mod_ban_users'] == '0'))
1677  
-			message($lang_common['Bad request']);
  1677
+			message($lang_common['Bad request'], false, '403 Forbidden');
1678 1678
 
1679 1679
 		$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section admin']);
1680 1680
 		define('PUN_ACTIVE_PAGE', 'profile');
14  search.php
@@ -18,9 +18,9 @@
18 18
 
19 19
 
20 20
 if ($pun_user['g_read_board'] == '0')
21  
-	message($lang_common['No view']);
  21
+	message($lang_common['No view'], false, '403 Forbidden');
22 22
 else if ($pun_user['g_search'] == '0')
23  
-	message($lang_search['No search permission']);
  23
+	message($lang_search['No search permission'], false, '403 Forbidden');
24 24
 
25 25
 require PUN_ROOT.'include/search_idx.php';
26 26
 
@@ -44,7 +44,7 @@
44 44
 	{
45 45
 		$search_id = intval($_GET['search_id']);
46 46
 		if ($search_id < 1)
47  
-			message($lang_common['Bad request']);
  47
+			message($lang_common['Bad request'], false, '404 Not Found');
48 48
 	}
49 49
 	// If it's a regular search (keywords and/or author)
50 50
 	else if ($action == 'search')
@@ -73,11 +73,11 @@
73 73
 	{
74 74
 		$user_id = (isset($_GET['user_id'])) ? intval($_GET['user_id']) : $pun_user['id'];
75 75
 		if ($user_id < 2)
76  
-			message($lang_common['Bad request']);
  76
+			message($lang_common['Bad request'], false, '404 Not Found');
77 77
 
78 78
 		// Subscribed topics can only be viewed by admins, moderators and the users themselves
79 79
 		if ($action == 'show_subscriptions' && !$pun_user['is_admmod'] && $user_id != $pun_user['id'])
80  
-			message($lang_common['No permission']);
  80
+			message($lang_common['No permission'], false, '403 Forbidden');
81 81
 	}
82 82
 	else if ($action == 'show_recent')
83 83
 		$interval = isset($_GET['value']) ? intval($_GET['value']) : 86400;
@@ -323,7 +323,7 @@
323 323
 			if ($action == 'show_new')
324 324
 			{
325 325
 				if ($pun_user['is_guest'])
326  
-					message($lang_common['No permission']);
  326
+					message($lang_common['No permission'], false, '403 Forbidden');
327 327
 
328 328
 				$result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.last_post>'.$pun_user['last_visit'].' AND t.moved_to IS NULL'.(isset($_GET['fid']) ? ' AND t.forum_id='.intval($_GET['fid']) : '').' ORDER BY t.last_post DESC') or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error());
329 329
 				$num_hits = $db->num_rows($result);
@@ -517,7 +517,7 @@
517 517
 				if ($db->num_rows($result))
518 518
 					$subscriber_name = $db->result($result);
519 519
 				else
520  
-					message($lang_common['Bad request']);
  520
+					message($lang_common['Bad request'], false, '404 Not Found');
521 521
 
522 522
 				$crumbs_text['search_type'] = '<a href="search.php?action=show_subscriptions&amp;user_id='.$subscriber_id.'">'.sprintf($lang_search['Quick search show_subscriptions'], pun_htmlspecialchars($subscriber_name)).'</a>';
523 523
 			}
4  userlist.php
@@ -11,9 +11,9 @@
11 11
 
12 12
 
13 13
 if ($pun_user['g_read_board'] == '0')
14  
-	message($lang_common['No view']);
  14
+	message($lang_common['No view'], false, '403 Forbidden');
15 15
 else if ($pun_user['g_view_users'] == '0')
16  
-	message($lang_common['No permission']);
  16
+	message($lang_common['No permission'], false, '403 Forbidden');
17 17
 
18 18
 // Load the userlist.php language file
19 19
 require PUN_ROOT.'lang/'.$pun_user['language'].'/userlist.php';
6  viewforum.php
@@ -11,12 +11,12 @@
11 11
 
12 12
 
13 13
 if ($pun_user['g_read_board'] == '0')
14  
-	message($lang_common['No view']);
  14
+	message($lang_common['No view'], false, '403 Forbidden');
15 15
 
16 16
 
17 17
 $id = isset($_GET['id']) ? intval($_GET['id']) : 0;
18 18
 if ($id < 1)
19  
-	message($lang_common['Bad request']);
  19
+	message($lang_common['Bad request'], false, '404 Not Found');
20 20
 
21 21
 // Load the viewforum.php language file
22 22
 require PUN_ROOT.'lang/'.$pun_user['language'].'/forum.php';
@@ -28,7 +28,7 @@
28 28
 	$result = $db->query('SELECT f.forum_name, f.redirect_url, f.moderators, f.num_topics, f.sort_by, fp.post_topics, 0 AS is_subscribed FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$id) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
29 29
 
30 30
 if (!$db->num_rows($result))
31  
-	message($lang_common['Bad request']);
  31
+	message($lang_common['Bad request'], false, '404 Not Found');
32 32
 
33 33
 $cur_forum = $db->fetch_assoc($result);
34 34
 
8  viewtopic.php
@@ -11,14 +11,14 @@
11 11
 
12 12
 
13 13
 if ($pun_user['g_read_board'] == '0')
14  
-	message($lang_common['No view']);
  14
+	message($lang_common['No view'], false, '403 Forbidden');
15 15
 
16 16
 
17 17
 $action = isset($_GET['action']) ? $_GET['action'] : null;
18 18
 $id = isset($_GET['id']) ? intval($_GET['id']) : 0;
19 19
 $pid = isset($_GET['pid']) ? intval($_GET['pid']) : 0;
20 20
 if ($id < 1 && $pid < 1)
21  
-	message($lang_common['Bad request']);
  21
+	message($lang_common['Bad request'], false, '404 Not Found');
22 22
 
23 23
 // Load the viewtopic.php language file
24 24
 require PUN_ROOT.'lang/'.$pun_user['language'].'/topic.php';
@@ -29,7 +29,7 @@
29 29
 {
30 30
 	$result = $db->query('SELECT topic_id, posted FROM '.$db->prefix.'posts WHERE id='.$pid) or error('Unable to fetch topic ID', __FILE__, __LINE__, $db->error());
31 31
 	if (!$db->num_rows($result))
32  
-		message($lang_common['Bad request']);
  32
+		message($lang_common['Bad request'], false, '404 Not Found');
33 33
 
34 34
 	list($id, $posted) = $db->fetch_row($result);
35 35
 
@@ -85,7 +85,7 @@
85 85
 	$result = $db->query('SELECT t.subject, t.closed, t.num_replies, t.sticky, t.first_post_id, f.id AS forum_id, f.forum_name, f.moderators, fp.post_replies, 0 AS is_subscribed FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
86 86
 
87 87
 if (!$db->num_rows($result))
88  
-	message($lang_common['Bad request']);
  88
+	message($lang_common['Bad request'], false, '404 Not Found');
89 89
 
90 90
 $cur_topic = $db->fetch_assoc($result);
91 91
 

0 notes on commit 543eaa0

Please sign in to comment.
Something went wrong with that request. Please try again.