lapervenche/ZwiiCMS
1
0
Fork 0
forked from ZwiiCMS-Team/ZwiiCMS
Code Issues Pull Requests Projects Releases Activity

Correction faille CSRF

Browse Source
This commit is contained in:
fredtempez 2019-01-05 23:02:28 +01:00
parent b56696d651
commit 30e06ef2e2
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
core/module/page/page.php
View File

@ -95,8 +95,14 @@ class page extends common {
]);
}
// Jeton incorrect
elseif(!isset ($_GET['csrf']) AND
$_GET['csrf'] !== $_SESSION['csrf']) {
elseif(!isset($_GET['csrf'])) {
// Valeurs en sortie
$this->addOutput([
'redirect' => helper::baseUrl() . 'page/edit/' . $url[0],
'notification' => 'Jeton invalide'
]);
}
elseif ($_GET['csrf'] !== $_SESSION['csrf']) {
// Valeurs en sortie
$this->addOutput([
'redirect' => helper::baseUrl() . 'page/edit/' . $url[0],