From 092ebd16ba4ee135f89995cfaf1f60a6c0cabbc0 Mon Sep 17 00:00:00 2001
From: YuFei Zhu <phil@mohc.net>
Date: Mon, 30 Apr 2012 17:14:44 +0100
Subject: [PATCH] added auth token for delete offline messages check for csrf

---
 src/messenger/webim/libs/common.php     | 2 +-
 src/messenger/webim/operator/canned.php | 2 ++
 src/messenger/webim/view/canned.php     | 4 ++--
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/messenger/webim/libs/common.php b/src/messenger/webim/libs/common.php
index f91fde5e..f6cc16e5 100644
--- a/src/messenger/webim/libs/common.php
+++ b/src/messenger/webim/libs/common.php
@@ -702,7 +702,7 @@ function csrfchecktoken(){
 
       die("CSRF failure");
     }
-  } else if($_GET['act'] == 'del' && $_GET['csrf_token'] != $_SESSION['csrf_token']){
+  } else if(($_GET['act'] == 'del' || $_GET['act'] == 'delete') && $_GET['csrf_token'] != $_SESSION['csrf_token']){
       
     die("CSRF failure");
   }
diff --git a/src/messenger/webim/operator/canned.php b/src/messenger/webim/operator/canned.php
index 9d9f7886..d326f032 100644
--- a/src/messenger/webim/operator/canned.php
+++ b/src/messenger/webim/operator/canned.php
@@ -25,6 +25,8 @@ require_once('../libs/settings.php');
 require_once('../libs/groups.php');
 require_once('../libs/pagination.php');
 
+csrfchecktoken();
+
 $operator = check_login();
 loadsettings();
 
diff --git a/src/messenger/webim/view/canned.php b/src/messenger/webim/view/canned.php
index 3863aac8..6caee93b 100644
--- a/src/messenger/webim/view/canned.php
+++ b/src/messenger/webim/view/canned.php
@@ -91,7 +91,7 @@ if( $page['pagination.items'] ) {
 		<td>
 			<a href="<?php echo $webimroot ?>/operator/cannededit.php?key=<?php echo $localstr['id'] ?>" target="_blank" 
 				onclick="this.newWindow = window.open('<?php echo $webimroot ?>/operator/cannededit.php?key=<?php echo $localstr['id'] ?>', '', 'toolbar=0,scrollbars=1,location=0,status=1,menubar=0,width=640,height=480,resizable=1');this.newWindow.focus();this.newWindow.opener=window;return false;"><?php echo getlocal("canned.actions.edit") ?></a>, 
-			<a href="<?php echo $webimroot ?>/operator/canned.php?act=delete&amp;key=<?php echo $localstr['id'] ?>&amp;lang=<?php echo form_value("lang") ?>&amp;group=<?php echo form_value("group")?>"><?php echo getlocal("canned.actions.del") ?></a>
+			<a href="<?php echo $webimroot ?>/operator/canned.php?act=delete&amp;key=<?php echo $localstr['id'] ?>&amp;lang=<?php echo form_value("lang") ?>&amp;group=<?php echo form_value("group")?><?php print_csrf_token_in_url() ?>"><?php echo getlocal("canned.actions.del") ?></a>
 		</td>
 	</tr>
 <?php
@@ -120,4 +120,4 @@ if( $page['pagination.items'] ) {
 } /* content */
 
 require_once('inc_main.php');
-?>
\ No newline at end of file
+?>