deny access to the posting page for bots...

git-svn-id: file:///svn/phpbb/trunk@7804 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-28 06:08:52 +00:00 · 2007-06-27 16:02:41 +00:00 · 2007-06-27 16:02:41 +00:00 · d57a16ad69
commit d57a16ad69
parent 190f35c456
2 changed files with 8 additions and 2 deletions
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@ -187,9 +187,11 @@ p a {
 	<ul class="menu">
 		<li>[Fix] Re-allow searching within the memberlist</li>
 		<li>[Fix] Force prune related values to integers during conversions</li>
-		<li>[Fix] Updater now detects successfully merged files having conflicts and user chose to merge with modifications [Bug #12685]</li>
-		<li>[Fix] Updater is no longer listing missing language entries and styles if these had been removed [Bug #12655]</li>
+		<li>[Fix] Updater now detects successfully merged files having conflicts and user chose to merge with modifications (Bug #12685)</li>
+		<li>[Fix] Updater is no longer listing missing language entries and styles if these had been removed (Bug #12655)</li>
 		<li>[Fix] Correct approval of posts in global announcements (Bug #12699)</li>
+		<li>[Sec] Do not allow setup spiders/robots to post, even if permissions are given. We see no reason why this should be possible. (Thanks to Frank Rizzo for convincing us regarding this)</li>
+
 	</ul>

 	</div>
--- a/phpBB/posting.php
+++ b/phpBB/posting.php
@ -164,6 +164,10 @@ if ($post_data['forum_password'])
 }

 // Check permissions
+if ($user->data['is_bot'])
+{
+	redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
+}

 // Is the user able to read within this forum?
 if (!$auth->acl_get('f_read', $forum_id))