Merge pull request #49 from phpbb/ticket/security/244

[security/244] Add form token check to plupload
author: Marc Alexander <admin@m-a-styles.de> 2019-08-25 18:22:53 +0200
committer: Marc Alexander <admin@m-a-styles.de> 2019-08-25 18:22:53 +0200
commit: 31aeac574517add62a4312c3ec490a1e70f5ebd9 (patch)
tree: 85585b34dbb0d5f56d338a616689866017855f1c /phpBB/includes/ucp
parent: 525c940385ef8efb57fb812a8317833d7790e30a (diff)
parent: 59f489c01f63d76ae879b2e25b8fad1b5a82a3dc (diff)
download: forums-31aeac574517add62a4312c3ec490a1e70f5ebd9.tar
forums-31aeac574517add62a4312c3ec490a1e70f5ebd9.tar.gz
forums-31aeac574517add62a4312c3ec490a1e70f5ebd9.tar.bz2
forums-31aeac574517add62a4312c3ec490a1e70f5ebd9.tar.xz
forums-31aeac574517add62a4312c3ec490a1e70f5ebd9.zip
1 files changed, 5 insertions, 2 deletions
diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php
index cb45112b01..06baa279a5 100644
--- a/phpBB/includes/ucp/ucp_pm_compose.php
+++ b/phpBB/includes/ucp/ucp_pm_compose.php
@@ -26,7 +26,7 @@ if (!defined('IN_PHPBB'))
 function compose_pm($id, $mode, $action, $user_folders = array())
 {
 	global $template, $db, $auth, $user, $cache;
-	global $phpbb_root_path, $phpEx, $config;
+	global $phpbb_root_path, $phpEx, $config, $language;
 	global $request, $phpbb_dispatcher, $phpbb_container;
 
 	// Damn php and globals - i know, this is horrible
@@ -799,7 +799,10 @@ function compose_pm($id, $mode, $action, $user_folders = array())
 		extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_modify_parse_before', compact($vars)));
 
 		// Parse Attachments - before checksum is calculated
-		$message_parser->parse_attachments('fileupload', $action, 0, $submit, $preview, $refresh, true);
+		if ($message_parser->check_attachment_form_token($language, $request, 'ucp_pm_compose'))
+		{
+			$message_parser->parse_attachments('fileupload', $action, 0, $submit, $preview, $refresh, true);
+		}
 
 		if (count($message_parser->warn_msg) && !($remove_u || $remove_g || $add_to || $add_bcc))
 		{
author	Marc Alexander <admin@m-a-styles.de>	2019-08-25 18:22:53 +0200
committer	Marc Alexander <admin@m-a-styles.de>	2019-08-25 18:22:53 +0200
commit	31aeac574517add62a4312c3ec490a1e70f5ebd9 (patch)
tree	85585b34dbb0d5f56d338a616689866017855f1c /phpBB/includes/ucp
parent	525c940385ef8efb57fb812a8317833d7790e30a (diff)
parent	59f489c01f63d76ae879b2e25b8fad1b5a82a3dc (diff)
download	forums-31aeac574517add62a4312c3ec490a1e70f5ebd9.tar forums-31aeac574517add62a4312c3ec490a1e70f5ebd9.tar.gz forums-31aeac574517add62a4312c3ec490a1e70f5ebd9.tar.bz2 forums-31aeac574517add62a4312c3ec490a1e70f5ebd9.tar.xz forums-31aeac574517add62a4312c3ec490a1e70f5ebd9.zip