includes/index.php
author Dan Fuhry <dan@enanocms.org>
Tue, 12 Jul 2011 22:13:37 -0400
changeset 343 7e6537fd4730
parent 253 6c7060d36a23
permissions -rw-r--r--
SECURITY: Fixed several XSS vulns reported by Secunia, mostly in Private Messaging. Also backported CSRF protection API from 1.1.x, and protected Private Messaging and logout functions.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     1
<?php
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     2
253
6c7060d36a23 Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents: 1
diff changeset
     3
$title = 'Access denied';
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     4
require('../includes/common.php');
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     5
header('HTTP/1.1 403 Forbidden');
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     6
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     7
$template->header();
253
6c7060d36a23 Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents: 1
diff changeset
     8
echo '<p>The administrator has flagged the page "' . htmlspecialchars($_SERVER['REQUEST_URI']) . '" so that it cannot be accessed from the web. Perhaps this is because this is a cache or includes directory and only needs to be accessed by scripts.</p><p>HTTP error: 403 Forbidden</p>';
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     9
$template->footer();
253
6c7060d36a23 Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents: 1
diff changeset
    10