From 392609cab82b4a78caebfb4f5f1c99b5fa2c514a Mon Sep 17 00:00:00 2001
From: Trevor Slocum <trevor@rocketnine.space>
Date: Tue, 13 Apr 2021 22:44:03 -0700
Subject: [PATCH] Do not allow banned users to access imgboard.php

Resolves #201.
---
 imgboard.php | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/imgboard.php b/imgboard.php
index d83b9e1..3cce9af 100644
--- a/imgboard.php
+++ b/imgboard.php
@@ -254,6 +254,12 @@ foreach ($includes as $include) {
 	require $include;
 }
 
+list($account, $loggedin, $isadmin) = manageCheckLogIn(false);
+
+if (!$loggedin) {
+	checkBanned();
+}
+
 $redirect = true;
 // Check if the request is to make a post
 if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name']) || isset($_POST['email']) || isset($_POST['subject']) || isset($_POST['message']) || isset($_POST['file']) || isset($_POST['embed']) || isset($_POST['password']))) {
@@ -261,15 +267,13 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
 		fancyDie(__('Posting is currently disabled.<br>Please try again in a few moments.'));
 	}
 
-	list($account, $loggedin, $isadmin) = manageCheckLogIn(false);
-
-	$rawpost = isRawPost();
-	$rawposttext = '';
 	if (!$loggedin) {
 		checkCAPTCHA(TINYIB_CAPTCHA);
-		checkBanned();
 		checkFlood();
 	}
+	
+	$rawpost = isRawPost();
+	$rawposttext = '';
 	if (!$rawpost) {
 		checkMessageSize();
 	}