Mibew/i18n
1
0
Fork 0
mirror of https://github.com/Mibew/i18n.git synced 2025-11-01 01:36:57 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix multiple CSRF vulnerabilities

Browse Source
This commit is contained in:
Fedor A. Fetisov 2013-09-06 14:32:25 +04:00 committed by webadmin
parent 9aef0fb2d4
commit 03265a1fb0
9 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/messenger/webim/operator/ban.php
View File

@ -21,6 +21,8 @@ require_once('../libs/operator.php');
require_once('../libs/pagination.php');
$operator = check_login();
csrfchecktoken();
$page = array('banId' => '');
$page['saved'] = false;
$page['thread'] = '';

2
src/messenger/webim/operator/blocked.php
View File

@ -21,6 +21,8 @@ require_once('../libs/operator.php');
require_once('../libs/pagination.php');
$operator = check_login();
csrfchecktoken();
$page = array();
$errors = array();

1
src/messenger/webim/operator/groupmembers.php
View File

@ -20,6 +20,7 @@ require_once('../libs/operator.php');
require_once('../libs/groups.php');
$operator = check_login();
csrfchecktoken();
function get_group_members($groupid)
{

1
src/messenger/webim/operator/groups.php
View File

@ -19,6 +19,7 @@ require_once('../libs/common.php');
require_once('../libs/operator.php');
$operator = check_login();
csrfchecktoken();
if (isset($_GET['act']) && $_GET['act'] == 'del') {

1
src/messenger/webim/operator/opgroups.php
View File

@ -20,6 +20,7 @@ require_once('../libs/operator.php');
require_once('../libs/operator_settings.php');
$operator = check_login();
csrfchecktoken();
function update_operator_groups($operatorid, $newvalue)
{

1
src/messenger/webim/view/ban.php
View File

@ -42,6 +42,7 @@ require_once('inc_errors.php');
<?php } ?>
<form name="banForm" method="post" action="<?php echo $webimroot ?>/operator/ban.php">
<?php print_csrf_token_input() ?>
<input type="hidden" name="banId" value="<?php echo htmlspecialchars($page['banId']) ?>"/>
<?php if( $page['threadid'] ) { ?>
<input type="hidden" name="threadid" value="<?php echo htmlspecialchars($page['threadid']) ?>"/>

2
src/messenger/webim/view/blocked_visitors.php
View File

@ -81,7 +81,7 @@ if( $page['pagination.items'] ) {
?>
</td>
<td>
<a class="removelink" id="i<?php echo htmlspecialchars($b['banid']) ?>" href="<?php echo $webimroot ?>/operator/blocked.php?act=del&amp;id=<?php echo urlencode($b['banid']) ?>">
<a class="removelink" id="i<?php echo htmlspecialchars($b['banid']) ?>" href="<?php echo $webimroot ?>/operator/blocked.php?act=del&amp;id=<?php echo urlencode($b['banid']) ?><?php print_csrf_token_in_url() ?>">
remove
</a>
</td>

1
src/messenger/webim/view/group.php
View File

@ -40,6 +40,7 @@ require_once('inc_errors.php');
<?php } ?>
<form name="groupForm" method="post" action="<?php echo $webimroot ?>/operator/group.php">
<?php print_csrf_token_input() ?>
<input type="hidden" name="gid" value="<?php echo htmlspecialchars($page['grid']) ?>"/>
<div>
<?php print_tabbar(); ?>

2
src/messenger/webim/view/groups.php
View File

@ -91,7 +91,7 @@ if(count($page['groups']) > 0) {
</td>
<?php if($page['canmodify']) { ?>
<td>
<a href="<?php echo $webimroot ?>/operator/groups.php?act=del&amp;gid=<?php echo urlencode($grp['groupid']) ?>" id="i<?php echo htmlspecialchars($grp['groupid']) ?>" class="removelink">
<a href="<?php echo $webimroot ?>/operator/groups.php?act=del&amp;gid=<?php echo urlencode($grp['groupid']) ?><?php print_csrf_token_in_url() ?>" id="i<?php echo htmlspecialchars($grp['groupid']) ?>" class="removelink">
remove
</a>
</td>