From b56696d6511311f3e5fd1c7dea63e963605e356e Mon Sep 17 00:00:00 2001 From: fredtempez Date: Sat, 5 Jan 2019 22:36:16 +0100 Subject: [PATCH] correctif faille CSRF --- core/module/page/page.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/core/module/page/page.php b/core/module/page/page.php index d224065e..17edaa8a 100755 --- a/core/module/page/page.php +++ b/core/module/page/page.php @@ -95,7 +95,8 @@ class page extends common { ]); } // Jeton incorrect - elseif($_GET['csrf'] !== $_SESSION['csrf']) { + elseif(!isset ($_GET['csrf']) AND + $_GET['csrf'] !== $_SESSION['csrf']) { // Valeurs en sortie $this->addOutput([ 'redirect' => helper::baseUrl() . 'page/edit/' . $url[0],