aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/message_parser.php
diff options
context:
space:
mode:
author3D-I <480857+3D-I@users.noreply.github.com>2019-10-28 21:11:42 +0100
committer3D-I <480857+3D-I@users.noreply.github.com>2019-10-28 21:11:42 +0100
commitd136a8a9078b02433f4be08420486ad05c8129bd (patch)
tree4d3c720253ed2edef075bec7152a0ce66db16e10 /phpBB/includes/message_parser.php
parent41728f2258c409480b9c3d4c1753b6eb1b47c677 (diff)
parente95e387188b050c163edcce3141c957d259810c9 (diff)
downloadforums-d136a8a9078b02433f4be08420486ad05c8129bd.tar
forums-d136a8a9078b02433f4be08420486ad05c8129bd.tar.gz
forums-d136a8a9078b02433f4be08420486ad05c8129bd.tar.bz2
forums-d136a8a9078b02433f4be08420486ad05c8129bd.tar.xz
forums-d136a8a9078b02433f4be08420486ad05c8129bd.zip
Merge branch '3.2.x' into ticket/16153
Diffstat (limited to 'phpBB/includes/message_parser.php')
-rw-r--r--phpBB/includes/message_parser.php29
1 files changed, 29 insertions, 0 deletions
diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php
index 0b79cca864..e1c28223dc 100644
--- a/phpBB/includes/message_parser.php
+++ b/phpBB/includes/message_parser.php
@@ -1525,6 +1525,35 @@ class parse_message extends bbcode_firstpass
}
/**
+ * Check attachment form token depending on submit type
+ *
+ * @param \phpbb\language\language $language Language
+ * @param \phpbb\request\request_interface $request Request
+ * @param string $form_name Form name for checking form key
+ *
+ * @return bool True if form token is not needed or valid, false if needed and invalid
+ */
+ function check_attachment_form_token(\phpbb\language\language $language, \phpbb\request\request_interface $request, $form_name)
+ {
+ $add_file = $request->is_set_post('add_file');
+ $delete_file = $request->is_set_post('delete_file');
+
+ if (($add_file || $delete_file) && !check_form_key($form_name))
+ {
+ $this->warn_msg[] = $language->lang('FORM_INVALID');
+
+ if ($request->is_ajax() && $this->plupload)
+ {
+ $this->plupload->emit_error(-400, 'FORM_INVALID');
+ }
+
+ return false;
+ }
+
+ return true;
+ }
+
+ /**
* Parse Attachments
*/
function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false)