diff options
| author | Oliver Schramm <oliver.schramm97@gmail.com> | 2015-06-08 16:43:10 +0200 |
|---|---|---|
| committer | Oliver Schramm <oliver.schramm97@gmail.com> | 2015-06-08 17:01:52 +0200 |
| commit | 2c6369c5d90134b761ffd1da86401deff571f636 (patch) | |
| tree | 5be3b5ed002393498d8ccdc421f29c2d947d3545 | |
| parent | fedd0ae7f35156cb5f929fc8067080a6ea153476 (diff) | |
| download | forums-2c6369c5d90134b761ffd1da86401deff571f636.tar forums-2c6369c5d90134b761ffd1da86401deff571f636.tar.gz forums-2c6369c5d90134b761ffd1da86401deff571f636.tar.bz2 forums-2c6369c5d90134b761ffd1da86401deff571f636.tar.xz forums-2c6369c5d90134b761ffd1da86401deff571f636.zip | |
[ticket/13833] Prevent flooding if type=submit doesn't exist
PHPBB3-13833
| -rw-r--r-- | phpBB/includes/ucp/ucp_pm_compose.php | 2 | ||||
| -rw-r--r-- | phpBB/posting.php | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index d7509a1072..69f6ce9f7d 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -57,7 +57,6 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $address_list = array(); } - $submit = (isset($_POST['post'])) ? true : false; $preview = (isset($_POST['preview'])) ? true : false; $save = (isset($_POST['save'])) ? true : false; $load = (isset($_POST['load'])) ? true : false; @@ -71,6 +70,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $remove_u || $remove_g || $add_to || $add_bcc; + $submit = isset($_POST['post']) && !$refresh && !$preview; $action = ($delete && !$preview && !$refresh && $submit) ? 'delete' : $action; $select_single = ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? false : true; diff --git a/phpBB/posting.php b/phpBB/posting.php index 964b0f1f8b..13de8d5fd2 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -32,7 +32,6 @@ $forum_id = request_var('f', 0); $draft_id = request_var('d', 0); $lastclick = request_var('lastclick', 0); -$submit = (isset($_POST['post'])) ? true : false; $preview = (isset($_POST['preview'])) ? true : false; $save = (isset($_POST['save'])) ? true : false; $load = (isset($_POST['load'])) ? true : false; @@ -40,6 +39,7 @@ $delete = (isset($_POST['delete'])) ? true : false; $cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false; $refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['full_editor']) || isset($_POST['cancel_unglobalise']) || $save || $load) ? true : false; +$submit = isset($_POST['post']) && !$refresh && !$preview; $mode = ($delete && !$preview && !$refresh && $submit) ? 'delete' : request_var('mode', ''); $error = $post_data = array(); |