diff options
| author | Wojciech Polak <polak@gnu.org> | 2010-05-18 18:04:48 +0200 |
|---|---|---|
| committer | Wojciech Polak <polak@gnu.org> | 2010-05-18 18:04:48 +0200 |
| commit | 47ffedeaf46293c3f62ce9b65df057022969874b (patch) | |
| tree | 86d2eae516416c3941a16007fd0d418c4e320096 | |
| parent | 0059e38b33d80e4bdb4fcf004d4c67c44055e347 (diff) | |
| download | cheetah-47ffedeaf46293c3f62ce9b65df057022969874b.tar.gz cheetah-47ffedeaf46293c3f62ce9b65df057022969874b.tar.bz2 | |
Prevent CSRF in a recently added linked-accounts.
| -rw-r--r-- | frontend/linked-accounts.php | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/frontend/linked-accounts.php b/frontend/linked-accounts.php index 4e94ea9..53981f6 100644 --- a/frontend/linked-accounts.php +++ b/frontend/linked-accounts.php @@ -33,3 +33,3 @@ $message = ''; -postvars ('link,unlink'); +postvars ('sid,link,unlink'); $link = trim (strip_tags ($link)); @@ -81,2 +81,3 @@ else if ($link == 'facebook') { + checkCSRF ($sid); try { @@ -100,2 +101,3 @@ else if ($unlink == 'facebook') { + checkCSRF ($sid); $db->query ("UPDATE user SET fbUID=0 WHERE id='".$session->id."'"); @@ -104,2 +106,3 @@ else if (!empty ($link)) { + checkCSRF ($sid); $process_url = 'http://'.$CONF['site'].'/linked-accounts'; @@ -135,2 +138,3 @@ else if (!empty ($link)) else if (!empty ($unlink)) { + checkCSRF ($sid); $db->query ("DELETE FROM openid WHERE userid='".$session->id. @@ -211,2 +215,3 @@ $db->query ("SELECT * FROM openid WHERE userid='".$session->id."' ORDER BY ident <div id="add-openid" class="hidden"> + <input type="hidden" name="sid" value="<?php echo session_id(); ?>" /> <input type="hidden" id="unlink" name="unlink" disabled="disabled" /> |