Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

#620 - Added http status codes to various events

  • Loading branch information...
commit 543eaa00a4a9101cfa34f86f3660b36cfc0d1772 1 parent 700b11c
Jan Dorsman oldskool authored
2  admin_bans.php
View
@@ -15,7 +15,7 @@
if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] != '1' || $pun_user['g_mod_ban_users'] == '0'))
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the admin_bans.php language file
require PUN_ROOT.'lang/'.$admin_language.'/admin_bans.php';
2  admin_categories.php
View
@@ -15,7 +15,7 @@
if ($pun_user['g_id'] != PUN_ADMIN)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the admin_categories.php language file
require PUN_ROOT.'lang/'.$admin_language.'/admin_categories.php';
2  admin_censoring.php
View
@@ -15,7 +15,7 @@
if ($pun_user['g_id'] != PUN_ADMIN)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the admin_censoring.php language file
require PUN_ROOT.'lang/'.$admin_language.'/admin_censoring.php';
2  admin_forums.php
View
@@ -15,7 +15,7 @@
if ($pun_user['g_id'] != PUN_ADMIN)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the admin_forums.php language file
require PUN_ROOT.'lang/'.$admin_language.'/admin_forums.php';
2  admin_groups.php
View
@@ -15,7 +15,7 @@
if ($pun_user['g_id'] != PUN_ADMIN)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the admin_censoring.php language file
require PUN_ROOT.'lang/'.$admin_language.'/admin_groups.php';
2  admin_index.php
View
@@ -15,7 +15,7 @@
if (!$pun_user['is_admmod'])
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the admin_index.php language file
require PUN_ROOT.'lang/'.$admin_language.'/admin_index.php';
4 admin_loader.php
View
@@ -15,7 +15,7 @@
if (!$pun_user['is_admmod'])
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// The plugin to load should be supplied via GET
$plugin = isset($_GET['plugin']) ? $_GET['plugin'] : '';
@@ -25,7 +25,7 @@
// AP_ == Admins only, AMP_ == admins and moderators
$prefix = substr($plugin, 0, strpos($plugin, '_'));
if ($pun_user['g_moderator'] == '1' && $prefix == 'AP')
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Make sure the file actually exists
if (!file_exists(PUN_ROOT.'plugins/'.$plugin))
2  admin_maintenance.php
View
@@ -17,7 +17,7 @@
if ($pun_user['g_id'] != PUN_ADMIN)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the admin_maintenance.php language file
require PUN_ROOT.'lang/'.$admin_language.'/admin_maintenance.php';
2  admin_options.php
View
@@ -15,7 +15,7 @@
if ($pun_user['g_id'] != PUN_ADMIN)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the admin_options.php language file
require PUN_ROOT.'lang/'.$admin_language.'/admin_options.php';
2  admin_permissions.php
View
@@ -15,7 +15,7 @@
if ($pun_user['g_id'] != PUN_ADMIN)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the admin_permissions.php language file
require PUN_ROOT.'lang/'.$admin_language.'/admin_permissions.php';
2  admin_ranks.php
View
@@ -15,7 +15,7 @@
if ($pun_user['g_id'] != PUN_ADMIN)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the admin_ranks.php language file
require PUN_ROOT.'lang/'.$admin_language.'/admin_ranks.php';
2  admin_reports.php
View
@@ -15,7 +15,7 @@
if (!$pun_user['is_admmod'])
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the admin_reports.php language file
require PUN_ROOT.'lang/'.$admin_language.'/admin_reports.php';
8 admin_users.php
View
@@ -15,7 +15,7 @@
if (!$pun_user['is_admmod'])
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the admin_users.php language file
require PUN_ROOT.'lang/'.$admin_language.'/admin_users.php';
@@ -257,7 +257,7 @@
else if (isset($_POST['move_users']) || isset($_POST['move_users_comply']))
{
if ($pun_user['g_id'] > PUN_ADMIN)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
confirm_referrer('admin_users.php');
@@ -383,7 +383,7 @@
else if (isset($_POST['delete_users']) || isset($_POST['delete_users_comply']))
{
if ($pun_user['g_id'] > PUN_ADMIN)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
confirm_referrer('admin_users.php');
@@ -532,7 +532,7 @@
else if (isset($_POST['ban_users']) || isset($_POST['ban_users_comply']))
{
if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] != '1' || $pun_user['g_mod_ban_users'] == '0'))
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
confirm_referrer('admin_users.php');
8 delete.php
View
@@ -11,17 +11,17 @@
if ($pun_user['g_read_board'] == '0')
- message($lang_common['No view']);
+ message($lang_common['No view'], false, '403 Forbidden');
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
if ($id < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Fetch some info about the post, the topic and the forum
$result = $db->query('SELECT f.id AS fid, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, t.id AS tid, t.subject, t.first_post_id, t.closed, p.posted, p.poster, p.poster_id, p.message, p.hide_smilies FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$cur_post = $db->fetch_assoc($result);
@@ -40,7 +40,7 @@
$cur_post['poster_id'] != $pun_user['id'] ||
$cur_post['closed'] == '1') &&
!$is_admmod)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the delete.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/delete.php';
8 edit.php
View
@@ -11,17 +11,17 @@
if ($pun_user['g_read_board'] == '0')
- message($lang_common['No view']);
+ message($lang_common['No view'], false, '403 Forbidden');
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
if ($id < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Fetch some info about the post, the topic and the forum
$result = $db->query('SELECT f.id AS fid, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, t.id AS tid, t.subject, t.posted, t.first_post_id, t.sticky, t.closed, p.poster, p.poster_id, p.message, p.hide_smilies FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$cur_post = $db->fetch_assoc($result);
@@ -42,7 +42,7 @@
$cur_post['poster_id'] != $pun_user['id'] ||
$cur_post['closed'] == '1') &&
!$is_admmod)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the post.php/edit.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/post.php';
2  help.php
View
@@ -14,7 +14,7 @@
if ($pun_user['g_read_board'] == '0')
- message($lang_common['No view']);
+ message($lang_common['No view'], false, '403 Forbidden');
// Load the help.php language file
7 include/functions.php
View
@@ -923,10 +923,15 @@ function paginate($num_pages, $cur_page, $link)
//
// Display a message
//
-function message($message, $no_back_link = false)
+function message($message, $no_back_link = false, $http_status = null)
{
global $db, $lang_common, $pun_config, $pun_start, $tpl_main, $pun_user;
+ // Did we receive a custom header?
+ if(!is_null($http_status)) {
+ header('HTTP/1.1 ' . $http_status);
+ }
+
if (!defined('PUN_HEADER'))
{
$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Info']);
2  index.php
View
@@ -11,7 +11,7 @@
if ($pun_user['g_read_board'] == '0')
- message($lang_common['No view']);
+ message($lang_common['No view'], false, '403 Forbidden');
// Load the index.php language file
6 misc.php
View
@@ -49,7 +49,7 @@
else if ($action == 'markread')
{
if ($pun_user['is_guest'])
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
$db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user last visit data', __FILE__, __LINE__, $db->error());
@@ -64,7 +64,7 @@
else if ($action == 'markforumread')
{
if ($pun_user['is_guest'])
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
$fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
if ($fid < 1)
@@ -81,7 +81,7 @@
else if (isset($_GET['email']))
{
if ($pun_user['is_guest'] || $pun_user['g_send_email'] == '0')
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
$recipient_id = intval($_GET['email']);
if ($recipient_id < 2)
14 moderate.php
View
@@ -15,7 +15,7 @@
if (isset($_GET['get_host']))
{
if (!$pun_user['is_admmod'])
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Is get_host an IP address or a post ID?
if (@preg_match('%^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$%', $_GET['get_host']) || @preg_match('%^((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))$%', $_GET['get_host']))
@@ -28,7 +28,7 @@
$result = $db->query('SELECT poster_ip FROM '.$db->prefix.'posts WHERE id='.$get_host) or error('Unable to fetch post IP address', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$ip = $db->result($result);
}
@@ -43,7 +43,7 @@
// All other functions require moderator/admin access
$fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
if ($fid < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$result = $db->query('SELECT moderators FROM '.$db->prefix.'forums WHERE id='.$fid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
@@ -51,7 +51,7 @@
$mods_array = ($moderators != '') ? unserialize($moderators) : array();
if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] == '0' || !array_key_exists($pun_user['username'], $mods_array)))
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Get topic/forum tracking data
if (!$pun_user['is_guest'])
@@ -66,12 +66,12 @@
{
$tid = intval($_GET['tid']);
if ($tid < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Fetch some info about the topic
$result = $db->query('SELECT t.subject, t.num_replies, t.first_post_id, f.id AS forum_id, forum_name FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$fid.' AND t.id='.$tid.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$cur_topic = $db->fetch_assoc($result);
@@ -794,7 +794,7 @@
// Fetch some info about the forum
$result = $db->query('SELECT f.forum_name, f.redirect_url, f.num_topics, f.sort_by FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$fid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$cur_forum = $db->fetch_assoc($result);
12 post.php
View
@@ -11,13 +11,13 @@
if ($pun_user['g_read_board'] == '0')
- message($lang_common['No view']);
+ message($lang_common['No view'], false, '403 Forbidden');
$tid = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
$fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
if ($tid < 1 && $fid < 1 || $tid > 0 && $fid > 0)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Fetch some info about the topic and/or the forum
if ($tid)
@@ -26,7 +26,7 @@
$result = $db->query('SELECT f.id, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$fid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$cur_posting = $db->fetch_assoc($result);
$is_subscribed = $tid && $cur_posting['is_subscribed'];
@@ -47,7 +47,7 @@
($fid && (($cur_posting['post_topics'] == '' && $pun_user['g_post_topics'] == '0') || $cur_posting['post_topics'] == '0')) ||
(isset($cur_posting['closed']) && $cur_posting['closed'] == '1')) &&
!$is_admmod)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the post.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/post.php';
@@ -439,11 +439,11 @@
{
$qid = intval($_GET['qid']);
if ($qid < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$result = $db->query('SELECT poster, message FROM '.$db->prefix.'posts WHERE id='.$qid.' AND topic_id='.$tid) or error('Unable to fetch quote info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
list($q_poster, $q_message) = $db->fetch_row($result);
42 profile.php
View
@@ -18,14 +18,14 @@
$section = isset($_GET['section']) ? $_GET['section'] : null;
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
if ($id < 2)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
if ($action != 'change_pass' || !isset($_GET['key']))
{
if ($pun_user['g_read_board'] == '0')
- message($lang_common['No view']);
+ message($lang_common['No view'], false, '403 Forbidden');
else if ($pun_user['g_view_users'] == '0' && ($pun_user['is_guest'] || $pun_user['id'] != $id))
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
}
// Load the profile.php/register.php language file
@@ -65,17 +65,17 @@
if ($pun_user['id'] != $id)
{
if (!$pun_user['is_admmod']) // A regular user trying to change another users password?
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
else if ($pun_user['g_moderator'] == '1') // A moderator trying to change a users password?
{
$result = $db->query('SELECT u.group_id, g.g_moderator FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON (g.g_id=u.group_id) WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
list($group_id, $is_moderator) = $db->fetch_row($result);
if ($pun_user['g_mod_edit_users'] == '0' || $pun_user['g_mod_change_passwords'] == '0' || $group_id == PUN_ADMIN || $is_moderator == '1')
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
}
}
@@ -161,17 +161,17 @@
if ($pun_user['id'] != $id)
{
if (!$pun_user['is_admmod']) // A regular user trying to change another users email?
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
else if ($pun_user['g_moderator'] == '1') // A moderator trying to change a users email?
{
$result = $db->query('SELECT u.group_id, g.g_moderator FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON (g.g_id=u.group_id) WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
list($group_id, $is_moderator) = $db->fetch_row($result);
if ($pun_user['g_mod_edit_users'] == '0' || $group_id == PUN_ADMIN || $is_moderator == '1')
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
}
}
@@ -316,7 +316,7 @@
message($lang_profile['Avatars disabled']);
if ($pun_user['id'] != $id && !$pun_user['is_admmod'])
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
if (isset($_POST['form_sent']))
{
@@ -439,7 +439,7 @@
else if ($action == 'delete_avatar')
{
if ($pun_user['id'] != $id && !$pun_user['is_admmod'])
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
confirm_referrer('profile.php');
@@ -452,7 +452,7 @@
else if (isset($_POST['update_group_membership']))
{
if ($pun_user['g_id'] > PUN_ADMIN)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
confirm_referrer('profile.php');
@@ -496,7 +496,7 @@
else if (isset($_POST['update_forums']))
{
if ($pun_user['g_id'] > PUN_ADMIN)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
confirm_referrer('profile.php');
@@ -537,7 +537,7 @@
else if (isset($_POST['ban']))
{
if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] != '1' || $pun_user['g_mod_ban_users'] == '0'))
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Get the username of the user we are banning
$result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch username', __FILE__, __LINE__, $db->error());
@@ -558,7 +558,7 @@
else if (isset($_POST['delete_user']) || isset($_POST['delete_user_comply']))
{
if ($pun_user['g_id'] > PUN_ADMIN)
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
confirm_referrer('profile.php');
@@ -679,7 +679,7 @@
// Fetch the user group of the user we are editing
$result = $db->query('SELECT u.username, u.group_id, g.g_moderator FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON (g.g_id=u.group_id) WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
list($old_username, $group_id, $is_moderator) = $db->fetch_row($result);
@@ -689,7 +689,7 @@
($pun_user['g_mod_edit_users'] == '0' || // mods aren't allowed to edit users
$group_id == PUN_ADMIN || // or the user is an admin
$is_moderator)))) // or the user is another mod
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
if ($pun_user['is_admmod'])
confirm_referrer('profile.php');
@@ -714,7 +714,7 @@
$languages = forum_list_langs();
$form['language'] = pun_trim($_POST['form']['language']);
if (!in_array($form['language'], $languages))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
}
if ($pun_user['is_admmod'])
@@ -884,7 +884,7 @@
$styles = forum_list_styles();
$form['style'] = pun_trim($_POST['form']['style']);
if (!in_array($form['style'], $styles))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
}
break;
@@ -981,7 +981,7 @@
$result = $db->query('SELECT u.username, u.email, u.title, u.realname, u.url, u.jabber, u.icq, u.msn, u.aim, u.yahoo, u.location, u.signature, u.disp_topics, u.disp_posts, u.email_setting, u.notify_with_post, u.auto_notify, u.show_smilies, u.show_img, u.show_img_sig, u.show_avatars, u.show_sig, u.timezone, u.dst, u.language, u.style, u.num_posts, u.last_post, u.registered, u.registration_ip, u.admin_note, u.date_format, u.time_format, u.last_visit, g.g_id, g.g_user_title, g.g_moderator FROM '.$db->prefix.'users AS u LEFT JOIN '.$db->prefix.'groups AS g ON g.g_id=u.group_id WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$user = $db->fetch_assoc($result);
@@ -1674,7 +1674,7 @@
else if ($section == 'admin')
{
if (!$pun_user['is_admmod'] || ($pun_user['g_moderator'] == '1' && $pun_user['g_mod_ban_users'] == '0'))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '403 Forbidden');
$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section admin']);
define('PUN_ACTIVE_PAGE', 'profile');
14 search.php
View
@@ -18,9 +18,9 @@
if ($pun_user['g_read_board'] == '0')
- message($lang_common['No view']);
+ message($lang_common['No view'], false, '403 Forbidden');
else if ($pun_user['g_search'] == '0')
- message($lang_search['No search permission']);
+ message($lang_search['No search permission'], false, '403 Forbidden');
require PUN_ROOT.'include/search_idx.php';
@@ -44,7 +44,7 @@
{
$search_id = intval($_GET['search_id']);
if ($search_id < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
}
// If it's a regular search (keywords and/or author)
else if ($action == 'search')
@@ -73,11 +73,11 @@
{
$user_id = (isset($_GET['user_id'])) ? intval($_GET['user_id']) : $pun_user['id'];
if ($user_id < 2)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Subscribed topics can only be viewed by admins, moderators and the users themselves
if ($action == 'show_subscriptions' && !$pun_user['is_admmod'] && $user_id != $pun_user['id'])
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
}
else if ($action == 'show_recent')
$interval = isset($_GET['value']) ? intval($_GET['value']) : 86400;
@@ -323,7 +323,7 @@
if ($action == 'show_new')
{
if ($pun_user['is_guest'])
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
$result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.last_post>'.$pun_user['last_visit'].' AND t.moved_to IS NULL'.(isset($_GET['fid']) ? ' AND t.forum_id='.intval($_GET['fid']) : '').' ORDER BY t.last_post DESC') or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error());
$num_hits = $db->num_rows($result);
@@ -517,7 +517,7 @@
if ($db->num_rows($result))
$subscriber_name = $db->result($result);
else
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$crumbs_text['search_type'] = '<a href="search.php?action=show_subscriptions&amp;user_id='.$subscriber_id.'">'.sprintf($lang_search['Quick search show_subscriptions'], pun_htmlspecialchars($subscriber_name)).'</a>';
}
4 userlist.php
View
@@ -11,9 +11,9 @@
if ($pun_user['g_read_board'] == '0')
- message($lang_common['No view']);
+ message($lang_common['No view'], false, '403 Forbidden');
else if ($pun_user['g_view_users'] == '0')
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Load the userlist.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/userlist.php';
6 viewforum.php
View
@@ -11,12 +11,12 @@
if ($pun_user['g_read_board'] == '0')
- message($lang_common['No view']);
+ message($lang_common['No view'], false, '403 Forbidden');
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
if ($id < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Load the viewforum.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/forum.php';
@@ -28,7 +28,7 @@
$result = $db->query('SELECT f.forum_name, f.redirect_url, f.moderators, f.num_topics, f.sort_by, fp.post_topics, 0 AS is_subscribed FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$id) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$cur_forum = $db->fetch_assoc($result);
8 viewtopic.php
View
@@ -11,14 +11,14 @@
if ($pun_user['g_read_board'] == '0')
- message($lang_common['No view']);
+ message($lang_common['No view'], false, '403 Forbidden');
$action = isset($_GET['action']) ? $_GET['action'] : null;
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
$pid = isset($_GET['pid']) ? intval($_GET['pid']) : 0;
if ($id < 1 && $pid < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Load the viewtopic.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/topic.php';
@@ -29,7 +29,7 @@
{
$result = $db->query('SELECT topic_id, posted FROM '.$db->prefix.'posts WHERE id='.$pid) or error('Unable to fetch topic ID', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
list($id, $posted) = $db->fetch_row($result);
@@ -85,7 +85,7 @@
$result = $db->query('SELECT t.subject, t.closed, t.num_replies, t.sticky, t.first_post_id, f.id AS forum_id, f.forum_name, f.moderators, fp.post_replies, 0 AS is_subscribed FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$cur_topic = $db->fetch_assoc($result);
Please sign in to comment.
Something went wrong with that request. Please try again.