aboutsummaryrefslogtreecommitdiffstats
path: root/include/picture_comment.inc.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/picture_comment.inc.php')
-rw-r--r--include/picture_comment.inc.php29
1 files changed, 18 insertions, 11 deletions
diff --git a/include/picture_comment.inc.php b/include/picture_comment.inc.php
index ad2878fcb..106a6d211 100644
--- a/include/picture_comment.inc.php
+++ b/include/picture_comment.inc.php
@@ -30,8 +30,26 @@
*
*/
+// the picture is commentable if it belongs at least to one category which
+// is commentable
+$page['show_comments'] = false;
+foreach ($related_categories as $category)
+{
+ if ($category['commentable'] == 'true')
+ {
+ $page['show_comments'] = true;
+ }
+}
+
if ( isset( $_POST['content'] ) and !empty($_POST['content']) )
{
+ if (!$page['show_comments'])
+ {
+ header('HTTP/1.1 403 Forbidden');
+ header('Status: 403 Forbidden');
+ die('Hacking attempt!');
+ }
+
$register_comment = true;
$author = !empty($_POST['author'])?$_POST['author']:$lang['guest'];
// if a guest try to use the name of an already existing user, he must be
@@ -108,17 +126,6 @@ if ( isset( $_POST['content'] ) and !empty($_POST['content']) )
}
}
-// the picture is commentable if it belongs at least to one category which
-// is commentable
-$page['show_comments'] = false;
-foreach ($related_categories as $category)
-{
- if ($category['commentable'] == 'true')
- {
- $page['show_comments'] = true;
- }
-}
-
if ($page['show_comments'])
{
// number of comment for this picture