correction faille CSRF

2019-01-05 22:31:59 +01:00 · 2019-01-05 22:31:59 +01:00 · f93df1e243
commit f93df1e243
parent 547693709e
1 changed files with 2 additions and 1 deletions
--- a/core/module/page/page.php
+++ b/core/module/page/page.php
@ -93,7 +93,8 @@ class page extends common {
 			]);
 		}
 		// Jeton incorrect
-		elseif($_GET['csrf'] !== $_SESSION['csrf']) {
+		elseif(isset ($_GET['csrf']) AND
+			$_GET['csrf'] !== $_SESSION['csrf']) {
 			// Valeurs en sortie
 			$this->addOutput([
 				'redirect' => helper::baseUrl() . 'page/edit/' . $url[0],