Only allow authenticated users to view photos.
This commit is contained in:
parent
aa04c5ee04
commit
6d07a47132
@ -10,6 +10,10 @@ class ViewPhoto extends HTMLController
|
||||
{
|
||||
public function __construct()
|
||||
{
|
||||
// Ensure we're logged in at this point.
|
||||
if (!Registry::get('user')->isLoggedIn())
|
||||
throw new NotAllowedException();
|
||||
|
||||
$photo = Asset::fromSlug($_GET['slug']);
|
||||
if (empty($photo))
|
||||
throw new NotFoundException();
|
||||
|
Loading…
Reference in New Issue
Block a user