diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2014-10-23 01:38:12 +0200 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@gmx.de> | 2014-10-23 01:38:12 +0200 |
| commit | e4c8e4905c327b73252667f09500b3248c55e86c (patch) | |
| tree | ef92f4a0f08214e1e774f1ba8e88764c787067b7 /phpBB/includes | |
| parent | 6a0727acdcf8c30b9fdf5df838ab3decc0b1a228 (diff) | |
| parent | 4d30633cd4dfa8ad8438fc63c7cefe3c66e5ad46 (diff) | |
| download | forums-e4c8e4905c327b73252667f09500b3248c55e86c.tar forums-e4c8e4905c327b73252667f09500b3248c55e86c.tar.gz forums-e4c8e4905c327b73252667f09500b3248c55e86c.tar.bz2 forums-e4c8e4905c327b73252667f09500b3248c55e86c.tar.xz forums-e4c8e4905c327b73252667f09500b3248c55e86c.zip | |
Merge pull request #3 from phpbb/ticket/security-161
[ticket/security-161] Add form token to styles management form.
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/acp/acp_styles.php | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index 42c67a88b5..af3fd7937c 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -70,11 +70,6 @@ class acp_styles $action = $this->request->variable('action', ''); $post_actions = array('install', 'activate', 'deactivate', 'uninstall'); - if ($action && in_array($action, $post_actions) && !check_link_hash($request->variable('hash', ''), $action)) - { - trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); - } - foreach ($post_actions as $key) { if ($this->request->is_set_post($key)) @@ -83,6 +78,18 @@ class acp_styles } } + // The uninstall action uses confirm_box() to verify the validity of the request, + // so there is no need to check for a valid token here. + if (in_array($action, $post_actions) && $action != 'uninstall') + { + $is_valid_request = check_link_hash($request->variable('hash', ''), $action) || check_form_key('styles_management'); + + if (!$is_valid_request) + { + trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); + } + } + if ($action != '') { $this->s_hidden_fields['action'] = $action; @@ -122,6 +129,8 @@ class acp_styles */ protected function frontend() { + add_form_key('styles_management'); + // Check mode switch ($this->mode) { |