forked from ZwiiCMS-Team/ZwiiCMS
correction faille CSRF
This commit is contained in:
parent
547693709e
commit
f93df1e243
@ -93,7 +93,8 @@ class page extends common {
|
||||
]);
|
||||
}
|
||||
// Jeton incorrect
|
||||
elseif($_GET['csrf'] !== $_SESSION['csrf']) {
|
||||
elseif(isset ($_GET['csrf']) AND
|
||||
$_GET['csrf'] !== $_SESSION['csrf']) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . 'page/edit/' . $url[0],
|
||||
|
Loading…
Reference in New Issue
Block a user