diff options
Diffstat (limited to 'include/picture_comment.inc.php')
-rw-r--r-- | include/picture_comment.inc.php | 29 |
1 files changed, 18 insertions, 11 deletions
diff --git a/include/picture_comment.inc.php b/include/picture_comment.inc.php index ad2878fcb..106a6d211 100644 --- a/include/picture_comment.inc.php +++ b/include/picture_comment.inc.php @@ -30,8 +30,26 @@ * */ +// the picture is commentable if it belongs at least to one category which +// is commentable +$page['show_comments'] = false; +foreach ($related_categories as $category) +{ + if ($category['commentable'] == 'true') + { + $page['show_comments'] = true; + } +} + if ( isset( $_POST['content'] ) and !empty($_POST['content']) ) { + if (!$page['show_comments']) + { + header('HTTP/1.1 403 Forbidden'); + header('Status: 403 Forbidden'); + die('Hacking attempt!'); + } + $register_comment = true; $author = !empty($_POST['author'])?$_POST['author']:$lang['guest']; // if a guest try to use the name of an already existing user, he must be @@ -108,17 +126,6 @@ if ( isset( $_POST['content'] ) and !empty($_POST['content']) ) } } -// the picture is commentable if it belongs at least to one category which -// is commentable -$page['show_comments'] = false; -foreach ($related_categories as $category) -{ - if ($category['commentable'] == 'true') - { - $page['show_comments'] = true; - } -} - if ($page['show_comments']) { // number of comment for this picture |