ZwiiCMS-Team/ZwiiCMS
ZwiiCMS-Team
/
ZwiiCMS
3
3
Fork 2
Code Releases 146 Activity

Csrf Theme reset

This commit is contained in:
Fred Tempez 2023-06-20 20:15:55 +02:00
parent adf0ac8f80
commit f262b661e9
1 changed files with 25 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
core/module/theme/theme.php
View File

@ -811,16 +811,9 @@ class theme extends common
*/ */
public function reset() public function reset()
{ {
// $url prend l'adresse sans le token
$url = explode('&', $this->getUrl(2));
if (
isset($_GET['csrf'])
and $_GET['csrf'] === $_SESSION['csrf']
) {
// Réinitialisation // Réinitialisation
$redirect = ''; $redirect = '';
switch ($url[0]) { switch ($this->getUrl(2)) {
case 'admin': case 'admin':
$this->initData('admin', self::$i18nUI); $this->initData('admin', self::$i18nUI);
$redirect = helper::baseUrl() . 'theme/admin'; $redirect = helper::baseUrl() . 'theme/admin';
@ -843,12 +836,7 @@ class theme extends common
'redirect' => $redirect, 'redirect' => $redirect,
'state' => true 'state' => true
]); ]);
} else {
// Valeurs en sortie
$this->addOutput([
'notification' => helper::translate('Jeton incorrect')
]);
}
} }