Index: httpauth.module =================================================================== --- httpauth.module (.../vanilla/modules/httpauth/httpauth.module) (revision 1510) +++ httpauth.module (.../extended/modules/httpauth/httpauth.module) (revision 1516) @@ -64,7 +64,8 @@ } // Do what drupal_access_denied() would've done if we wouldn't've been called. - menu_set_active_item(''); + print httpauth_access_denied(); + exit(); } /** @@ -74,7 +75,17 @@ $form['httpauth_status'] = array('#type' => 'checkbox', '#title' => t('Enable HTTP authentication.'), '#default_value' => variable_get('httpauth_status', FALSE), '#description' => t('Note: when you enable HTTP authentication, !the-setting will be modified. When you disable it again, the setting will be restored.', array('!the-setting' => l(t('the 403 (access denied) page setting'), 'admin/settings/error-reporting')))); $form['httpauth_pages'] = array('#type' => 'textarea', '#title' => t('Promote HTTP authentication on pages'), '#default_value' => variable_get('httpauth_pages', ''), '#description' => t('On which pages to promote HTTP authentication, if an anonymous user stumbles upon an access denied page. Enter one page per line as a Drupal path. The * character is a wildcard.')); - + + // Pulled straight out of the error reporting form + $form['httpauth_site_403'] = array( + '#type' => 'textfield', + '#title' => t('Default 403 (access denied) page'), + '#default_value' => variable_get('httpauth_site_403', ''), + '#size' => 40, + '#description' => t('This page is displayed when the requested document is denied to the current user. If unsure, specify nothing.'), + '#field_prefix' => url(NULL, NULL, NULL, TRUE) . (variable_get('clean_url', 0) ? '' : '?q=') + ); + $form = system_settings_form($form); $form['#submit'] = array($form['#base'] .'_submit' => array(), 'httpauth_settings_form_submit' => array()); @@ -202,3 +213,39 @@ return explode(':', base64_decode($credentials)); } } + +/** + * Rip-off of the function that does the access denied in Drupal itself + */ +function httpauth_access_denied() { + global $_menu; + drupal_set_header('HTTP/1.1 403 Forbidden'); + watchdog('access denied', check_plain($_GET['q']), WATCHDOG_WARNING); + + // Keep old path for reference + if (!isset($_REQUEST['destination'])) { + $_REQUEST['destination'] = $_GET['q']; + } + + $path = drupal_get_normal_path(variable_get('httpauth_site_403', '')); + if ($path && $path != $_GET['q']) { + // Shouldn't need to do this because set_active_item should do it by default + // Clear the menu array so we can rebuild with the new path url + unset($_menu['items']); + + menu_set_active_item($path); + $return = menu_execute_active_handler(); + } + else { + // Redirect to a non-existent menu item to make possible tabs disappear. + menu_set_active_item(''); + } + + if (empty($return) || $return == MENU_NOT_FOUND || $return == MENU_ACCESS_DENIED) { + drupal_set_title(t('Access denied')); + menu_set_active_item(''); + $return = t('You are not authorized to access this page.'); + } + print theme('page', $return); +} +