git.cweiske.de / phorkie.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f9ade08)
FIX: Removed forbidden page, added to secure.php
authorJustin J. Novack <jnovack@gmail.com>
Mon, 17 Sep 2012 19:20:48 +0000 (15:20 -0400)
committerJustin J. Novack <jnovack@gmail.com>
Mon, 17 Sep 2012 19:20:48 +0000 (15:20 -0400)
README.rst patch | blob | history
www/.htaccess patch | blob | history
www/forbidden.php [deleted file] patch | blob | history
www/secure.php patch | blob | history

diff --git a/README.rst b/README.rst
index 56bef951efa6c46a0bcf4013c4775dbb43f102fb..0b40b395047bd5a8f965980cc020a36944c54f30 100644 (file)
--- a/README.rst
+++ b/README.rst
@@ -194,8 +194,6 @@ URLs
   Login page for protecting site
 ``/auth``
   Authentication callback url
-``/forbidden``
-  Access denied page
 ``/user``
   Edit logged-in user information
 
@@ -239,6 +237,5 @@ If you use nginx, place the following lines into your ``server`` block:
 
     rewrite ^/login$ /login.php;
     rewrite ^/auth$ /auth.php;
-    rewrite ^/forbidden$ /forbidden.php;
     rewrite ^/user$ /user.php;
   }
diff --git a/www/.htaccess b/www/.htaccess
index 4c52627c5f369a025ae0d7a78d63453299c9d636..f6c37201a36740e3b3e5bc832235722efa4248a0 100644 (file)
--- a/www/.htaccess
+++ b/www/.htaccess
@@ -23,5 +23,4 @@ RewriteRule ^search/([0-9]+)$ /search.php?page=$1
 
 RewriteRule ^auth$ /auth.php
 RewriteRule ^login$ /login.php
-RewriteRule ^forbidden$ /forbidden.php
 RewriteRule ^user$ /user.php
diff --git a/www/forbidden.php b/www/forbidden.php
deleted file mode 100644 (file)
index 3646b0a..0000000
--- a/www/forbidden.php
+++ /dev/null
@@ -1,15 +0,0 @@
-<?php
-/**
- * Access Denied page
- */
-namespace phorkie;
-require_once 'www-header.php';
-
-$db = new Database();
-render(
-    'forbidden',
-    array(
-        'recents'     => $db->getSearch()->listAll(0, 5, 'crdate', 'desc'),
-    )
-);
-?>
diff --git a/www/secure.php b/www/secure.php
index 4b81d5963d08f7812a965d10282151c00cb5829c..e61408701f6be5be3496eddde69c76f4aaeb5281 100644 (file)
--- a/www/secure.php
+++ b/www/secure.php
@@ -12,8 +12,14 @@ if (!isset($_SESSION['identity'])) {
 if ($GLOBALS['phorkie']['auth']['secure'] > 0 &&
     $GLOBALS['phorkie']['auth']['userlist']) {
     if (!in_array($_SESSION['identity'], $GLOBALS['phorkie']['users'])) {
-        $redirect = 'http://' . $_SERVER['HTTP_HOST'] . "/forbidden";
-        header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
+        header('HTTP/1.1 403 Forbidden');
+        $db = new Database();
+        render(
+            'forbidden',
+            array(
+                'recents'     => $db->getSearch()->listAll(0, 5, 'crdate', 'desc'),
+            )
+        );
         exit;
     }
 }
Self-hosted pastebin software written in PHP. Pastes are editable, may have multiple files and are stored in git repositories.