prevent logged out users from access settings

app/Controllers/Settings/AccountController.php

@@ -245,7 +245,6 @@ class AccountController extends Controller
         ];
 
         if (session_check() && $rank && $mode) {
-            // Check if user has this rank
             if (!CurrentSession::$user->hasRanks([$rank])) {
                 return $this->json(['error' => "You aren't a part of this rank!"]);
             }

app/Controllers/Settings/Controller.php

@@ -6,6 +6,7 @@
 
 namespace Sakura\Controllers\Settings;
 
+use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
 use Sakura\Controllers\Controller as BaseController;
 use Sakura\CurrentSession;
 use Sakura\Template;
@@ -22,6 +23,10 @@ class Controller extends BaseController
      */
     public function __construct()
     {
+        if (!CurrentSession::$user->activated) {
+            throw new HttpMethodNotAllowedException;
+        }
+
         Template::vars(['navigation' => $this->navigation()]);
     }