Contremesure faille CRSF

4 years ago · 3824c1c6f2
parent f620319c83
commit 3824c1c6f2
1 changed files with 0 additions and 8 deletions
--- a/core/module/user/user.php
+++ b/core/module/user/user.php
@ -160,19 +160,11 @@ class user extends common {
 				'notification' => 'Jeton invalide'
 			]);
 		}
-<<<<<<< HEAD
-		elseif ($this->getUrl(4) !== $_SESSION['csrf']) {
-			// Valeurs en sortie
-			$this->addOutput([
-				'redirect' => helper::baseUrl() . 'user',
-				'notification' => 'Suppression non autorisée'
-=======
 		if ($this->getUrl(4) !== $_SESSION['csrf']) {
 			// Valeurs en sortie
 			$this->addOutput([
 				'redirect' => helper::baseUrl() . 'user',
 				'notification' => 'Action  non autorisée'
->>>>>>> master_v8
 			]);
 		}		
 		// Accès autorisé