diff options
author | Marc Alexander <admin@m-a-styles.de> | 2019-12-06 07:20:30 +0100 |
---|---|---|
committer | Marc Alexander <admin@m-a-styles.de> | 2019-12-06 07:20:30 +0100 |
commit | 1f00e160ab69b2a709793abc1829cc6e91e07b93 (patch) | |
tree | 8a6bf7dfa8752e1a628910afdc274fd6390fa3d3 /phpBB | |
parent | 41918b8afa031806b36dd20b6ee44a915033b8df (diff) | |
parent | c7ed162a0627a0cfcf000631f236fbb7f6722ba3 (diff) | |
download | forums-1f00e160ab69b2a709793abc1829cc6e91e07b93.tar forums-1f00e160ab69b2a709793abc1829cc6e91e07b93.tar.gz forums-1f00e160ab69b2a709793abc1829cc6e91e07b93.tar.bz2 forums-1f00e160ab69b2a709793abc1829cc6e91e07b93.tar.xz forums-1f00e160ab69b2a709793abc1829cc6e91e07b93.zip |
Merge pull request #5737 from marc1706/ticket/16211
[ticket/16211] Prevent skipping COPPA via URL parameter
Diffstat (limited to 'phpBB')
-rw-r--r-- | phpBB/includes/ucp/ucp_register.php | 15 | ||||
-rw-r--r-- | phpBB/styles/prosilver/template/ucp_agreement.html | 3 |
2 files changed, 11 insertions, 7 deletions
diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 54e418d58c..03ac63b12b 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -39,7 +39,8 @@ class ucp_register trigger_error('UCP_REGISTER_DISABLE'); } - $coppa = $request->is_set('coppa') ? (int) $request->variable('coppa', false) : false; + $coppa = $request->is_set('coppa_yes') ? 1 : ($request->is_set('coppa_no') ? 0 : false); + $coppa = $request->is_set('coppa') ? $request->variable('coppa', 0) : $coppa; $agreed = $request->variable('agreed', false); $submit = $request->is_set_post('submit'); $change_lang = $request->variable('change_lang', ''); @@ -50,6 +51,11 @@ class ucp_register $agreed = false; } + if ($coppa !== false && !check_form_key('ucp_register')) + { + $coppa = false; + } + /** * Add UCP register data before they are assigned to the template or submitted * @@ -166,11 +172,8 @@ class ucp_register $template_vars = array( 'S_LANG_OPTIONS' => (count($lang_row) > 1) ? language_select($user_lang) : '', - 'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday), - 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday), - - 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=0'), - 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=1'), + 'L_COPPA_NO' => $user->lang('UCP_COPPA_BEFORE', $coppa_birthday), + 'L_COPPA_YES' => $user->lang('UCP_COPPA_ON_AFTER', $coppa_birthday), 'S_SHOW_COPPA' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), diff --git a/phpBB/styles/prosilver/template/ucp_agreement.html b/phpBB/styles/prosilver/template/ucp_agreement.html index d4fef9f0a5..7959925d30 100644 --- a/phpBB/styles/prosilver/template/ucp_agreement.html +++ b/phpBB/styles/prosilver/template/ucp_agreement.html @@ -43,7 +43,8 @@ <div class="inner"> <fieldset class="submit-buttons"> <!-- IF S_SHOW_COPPA --> - <strong><a href="{U_COPPA_NO}" class="button1">{L_COPPA_NO}</a></strong> <a href="{U_COPPA_YES}" class="button2">{L_COPPA_YES}</a> + <input type="submit" name="coppa_no" id="coppa_no" value="{{ L_COPPA_NO }}" class="button1" /> + <input type="submit" name="coppa_yes" id="coppa_yes" value="{{ L_COPPA_YES }}" class="button2" /> <!-- ELSE --> <input type="submit" name="agreed" id="agreed" value="{L_AGREE}" class="button1" /> <input type="submit" name="not_agreed" value="{L_NOT_AGREE}" class="button2" /> |