From 143decc3bba9a7c883b9cba9370c36ca67b0a111 Mon Sep 17 00:00:00 2001 From: Antoine Le Gonidec Date: Tue, 30 Jul 2024 12:22:59 +0200 Subject: [PATCH] Restrict statistics access to admins and moderators --- BoardIndex.template.php | 7 +++++++ Stats.template.php | 10 ++++++++++ Who.template.php | 10 ++++++++++ 3 files changed, 27 insertions(+) diff --git a/BoardIndex.template.php b/BoardIndex.template.php index 122d586..93a5e4b 100644 --- a/BoardIndex.template.php +++ b/BoardIndex.template.php @@ -323,6 +323,13 @@ function template_info_center() if (empty($context['info_center'])) return; + // Do not display the info center if the user is not a moderator or an admin. + if ( + ! $context['user']['is_admin'] && + ! $context['user']['is_mod'] + ) + return; + // Here's where the "Info Center" starts... echo '
diff --git a/Stats.template.php b/Stats.template.php index c9b23f2..1d3e64f 100644 --- a/Stats.template.php +++ b/Stats.template.php @@ -17,6 +17,16 @@ function template_main() { global $context, $settings, $txt, $scripturl, $modSettings; + // Only admins and moderators are allowed to see the forum statistics. + if ( + ! $context['user']['is_admin'] && + ! $context['user']['is_mod'] + ) { + echo ' +

Vous n’êtes pas autorisé à accéder aux statistiques du forum.

'; + return; + } + echo '
diff --git a/Who.template.php b/Who.template.php index 8a179a1..377f9d2 100644 --- a/Who.template.php +++ b/Who.template.php @@ -17,6 +17,16 @@ function template_main() { global $context, $settings, $scripturl, $txt; + // Only admins and moderators are allowed to see the list of online members. + if ( + ! $context['user']['is_admin'] && + ! $context['user']['is_mod'] + ) { + echo ' +

Vous n’êtes pas autorisé à accéder à la liste des membres actuellement en ligne.

'; + return; + } + // Display the table header and linktree. echo '