Menu
▾
▴
[xoops-svn] SF.net SVN: xoops-svn:[10342] XoopsCore/branches/2.6.x/2.6.0/htdocs/modules /maintenance/admin
|
From: <tr...@us...> - 2012-12-09 21:20:38
|
Revision: 10342
http://sourceforge.net/p/xoops/svn/10342
Author: trabis
Date: 2012-12-09 21:20:35 +0000 (Sun, 09 Dec 2012)
Log Message:
-----------
Fixing security issue in maintenance module
Modified Paths:
--------------
XoopsCore/branches/2.6.x/2.6.0/htdocs/modules/maintenance/admin/center.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/modules/maintenance/admin/dump.php
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/modules/maintenance/admin/center.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/modules/maintenance/admin/center.php 2012-12-09 20:52:09 UTC (rev 10341)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/modules/maintenance/admin/center.php 2012-12-09 21:20:35 UTC (rev 10342)
@@ -47,6 +47,10 @@
break;
case 'maintenance_save':
+ // Check security
+ if (!$xoops->security()->check()) {
+ $xoops->redirect('center.php', 3, implode('<br />', $xoops->security()->getErrors()));
+ }
$admin_page->addItemButton(_AM_MAINTENANCE_CENTER_RETURN, 'center.php', 'application-view-detail');
$admin_page->renderButton();
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/modules/maintenance/admin/dump.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/modules/maintenance/admin/dump.php 2012-12-09 20:52:09 UTC (rev 10341)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/modules/maintenance/admin/dump.php 2012-12-09 21:20:35 UTC (rev 10342)
@@ -65,6 +65,10 @@
break;
case 'dump_save':
+ // Check security
+ if (!$xoops->security()->check()) {
+ $xoops->redirect('dump.php', 3, implode('<br />', $xoops->security()->getErrors()));
+ }
$admin_page->addItemButton(_AM_MAINTENANCE_DUMP_LIST, 'dump.php', 'application-view-detail');
$admin_page->addItemButton(_AM_MAINTENANCE_DUMP_FORM, 'dump.php?op=dump', 'cd');
$admin_page->renderButton();
|
