themes/index.php
author Dan Fuhry <dan@enanocms.org>
Tue, 12 Jul 2011 22:21:08 -0400
changeset 1348 2e635e51deb0
parent 312 6c7060d36a23
permissions -rw-r--r--
SECURITY: CSRF protection in Private Messaging, which is a really broken feature and should get the TinyMCE treatment. *sigh* Reported by Secunia.

<?php

$title = 'Access denied';
require('../includes/common.php');
header('HTTP/1.1 403 Forbidden');

$template->header();
echo '<p>The administrator has flagged the page "' . htmlspecialchars($_SERVER['REQUEST_URI']) . '" so that it cannot be accessed from the web. Perhaps this is because this is a cache or includes directory and only needs to be accessed by scripts.</p><p>HTTP error: 403 Forbidden</p>';
$template->footer();