[geeklog-cvs] geeklog: The security token is only needed once in this form
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Sun Sep 27 16:09:05 EDT 2009
details: http://project.geeklog.net/cgi-bin/hgweb.cgi/rev/db4c6eb6e843
changeset: 7341:db4c6eb6e843
user: Dirk Haun <dirk at haun-online.de>
date: Sun Sep 27 21:26:06 2009 +0200
description:
The security token is only needed once in this form
diffstat:
system/lib-admin.php | 9 +++++++--
1 files changed, 7 insertions(+), 2 deletions(-)
diffs (26 lines):
diff -r 2f3460d4a1d3 -r db4c6eb6e843 system/lib-admin.php
--- a/system/lib-admin.php Sun Sep 27 21:15:19 2009 +0200
+++ b/system/lib-admin.php Sun Sep 27 21:26:06 2009 +0200
@@ -1038,6 +1038,8 @@
{
global $_CONF, $LANG_ADMIN, $LANG32;
+ static $added_token;
+
$retval = '';
switch($fieldname) {
@@ -1084,8 +1086,11 @@
$retval = '<input type="checkbox" name="enabledplugins['
. $A['pi_name'] . ']" onclick="submit()" value="1"'
. $switch . XHTML . '>';
- $retval .= '<input type="hidden" name="' . CSRF_TOKEN . '" '
- . 'value="' . $token . '"' . XHTML . '>';
+ if (! isset($added_token)) {
+ $retval .= '<input type="hidden" name="' . CSRF_TOKEN . '" '
+ . 'value="' . $token . '"' . XHTML . '>';
+ $added_token = true;
+ }
}
break;
default:
More information about the geeklog-cvs
mailing list