diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2019-12-24 15:27:43 +0100 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2020-01-03 17:21:35 +0100 |
| commit | e7a6ed20e8ea073d7bf14890c766b17de444cf79 (patch) | |
| tree | ff4f735c2a6b59e76c5d32127cfd9b4cbd9c228b /phpBB/includes | |
| parent | 502407a1ddd7a78799ff177e486f4ab85e0abf30 (diff) | |
| download | forums-e7a6ed20e8ea073d7bf14890c766b17de444cf79.tar forums-e7a6ed20e8ea073d7bf14890c766b17de444cf79.tar.gz forums-e7a6ed20e8ea073d7bf14890c766b17de444cf79.tar.bz2 forums-e7a6ed20e8ea073d7bf14890c766b17de444cf79.tar.xz forums-e7a6ed20e8ea073d7bf14890c766b17de444cf79.zip | |
[ticket/security-251] Check form token when moving PM to folder
SECURITY-251
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/ucp/ucp_pm.php | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/phpBB/includes/ucp/ucp_pm.php b/phpBB/includes/ucp/ucp_pm.php index 4d02620e89..3f982c8dd0 100644 --- a/phpBB/includes/ucp/ucp_pm.php +++ b/phpBB/includes/ucp/ucp_pm.php @@ -193,6 +193,8 @@ class ucp_pm trigger_error('NO_AUTH_READ_HOLD_MESSAGE'); } + add_form_key('ucp_pm_view'); + // First Handle Mark actions and moving messages $submit_mark = (isset($_POST['submit_mark'])) ? true : false; $move_pm = (isset($_POST['move_pm'])) ? true : false; @@ -210,6 +212,11 @@ class ucp_pm // Move PM if ($move_pm) { + if (!check_form_key('ucp_pm_view')) + { + trigger_error('FORM_INVALID'); + } + $move_msg_ids = (isset($_POST['marked_msg_id'])) ? $request->variable('marked_msg_id', array(0)) : array(); $cur_folder_id = $request->variable('cur_folder_id', PRIVMSGS_NO_BOX); |