[geeklog-cvs] Geeklog-1.x/system lib-admin.php,1.131,1.132
Dirk Haun
dhaun at qs1489.pair.com
Sun May 18 12:58:53 EDT 2008
- Previous message (by thread): [geeklog-cvs] Geeklog-1.x/plugins/polls/templates/admin polleditor.thtml, 1.12, 1.13
- Next message (by thread): [geeklog-cvs] Geeklog-1.x/public_html/admin mail.php, 1.35, 1.36 plugins.php, 1.81, 1.82 topic.php, 1.79, 1.80 trackback.php, 1.51, 1.52
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /cvsroot/geeklog/Geeklog-1.x/system
In directory qs1489.pair.com:/tmp/cvs-serv27308/system
Modified Files:
lib-admin.php
Log Message:
More CSRF protection
Index: lib-admin.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/system/lib-admin.php,v
retrieving revision 1.131
retrieving revision 1.132
diff -C2 -d -r1.131 -r1.132
*** lib-admin.php 18 May 2008 08:19:35 -0000 1.131
--- lib-admin.php 18 May 2008 16:58:51 -0000 1.132
***************
*** 1029,1035 ****
}
! function ADMIN_getListField_trackback($fieldname, $fieldvalue, $A, $icon_arr)
{
global $_CONF, $LANG_TRB;
$retval = '';
--- 1029,1036 ----
}
! function ADMIN_getListField_trackback($fieldname, $fieldvalue, $A, $icon_arr, $token)
{
global $_CONF, $LANG_TRB;
+
$retval = '';
***************
*** 1060,1063 ****
--- 1061,1066 ----
$retval = "<input type=\"checkbox\" name=\"changedservices[]\" "
. "onclick=\"submit()\" value=\"{$A['pid']}\"$switch" . XHTML . ">";
+ $retval .= "<input type=\"hidden\" name=\"" . CSRF_TOKEN
+ . "\" value=\"{$token}\"" . XHTML . ">";
break;
default:
- Previous message (by thread): [geeklog-cvs] Geeklog-1.x/plugins/polls/templates/admin polleditor.thtml, 1.12, 1.13
- Next message (by thread): [geeklog-cvs] Geeklog-1.x/public_html/admin mail.php, 1.35, 1.36 plugins.php, 1.81, 1.82 topic.php, 1.79, 1.80 trackback.php, 1.51, 1.52
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the geeklog-cvs
mailing list