Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-14 08:54:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix: protection faille CSRF !!!

Browse Source
This commit is contained in:
Regis Houssin
2009-05-15 12:59:39 +00:00
parent d73aac6e4e
commit 1ea80f4f57
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/admin/const.php
View File

@@ -30,10 +30,6 @@ require_once(DOL_DOCUMENT_ROOT."/lib/admin.lib.php");
$langs->load("admin");
//Todo: protection faille CSRF !!!
if (! empty($_SERVER['HTTP_REFERER']) && !eregi(DOL_MAIN_URL_ROOT, $_SERVER['HTTP_REFERER']))
accessforbidden();
if (!$user->admin)
accessforbidden();