\drupal_access_denied
function
Delivers an "access denied" error to the browser.

Delivers an "access denied" error to the browser.

Page callback functions wanting to report an "access denied" message should return MENU_ACCESS_DENIED instead of calling drupal_access_denied(). However, functions that are invoked in contexts where that return value might not bubble up to menu_execute_active_handler() should call drupal_access_denied().

Comments

hermes_costell’s picture

When calling this from THEME_preprocess_page it appears that it's necessary to add in:

module_invoke_all('exit');
exit();

Taken from this comment about the D6 version: http://api.drupal.org/comment/43643#comment-43643

ehsankhfr’s picture

Thank you, really useful!

chasingmaxwell’s picture

For anyone else stumbling upon this, drupal_exit() is what you want here.

marysmech’s picture

Thank you very much. I stucked in recursion using drupal_access_denied. Your solution solved problem.

thecraighammond’s picture

For some reason when I'm trying to check some parameters and show an access denied from the hook_init() and then using exit; (or drupal_exit) I seem to be loosing some JS.

...
if (is_object($term) && ($term -> vid == $tag -> vid || $term -> vid == $type -> vid)) {
if (!user_is_logged_in()) {
drupal_access_denied();
module_invoke_all('exit');
drupal_exit();
}
...

Nicolaj’s picture

Perhaps obvious, but if drupal_access_denied() is called from hook_page_alter() drupal goes into an infinite loop. In my case I need to check an access condition that is not part of the menu system. I didn't find any great solution, other than redirecting to a custom access denied page or silently failing by redirecting to front.