Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-01-06 17:13:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix add del* action into list of sensitive actions

Browse Source
This commit is contained in:
Laurent Destailleur
2021-09-19 14:41:46 +02:00
parent 663fe098f9
commit 5c8fb38426
72 changed files with 143 additions and 145 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
htdocs/main.inc.php
View File

@@ -466,15 +466,13 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->gl
'activate', 'add', 'addrights', 'addtimespent',
'doprev', 'donext', 'dvprev', 'dvnext',
'install',
'reopen',
'setpricelevel', 'set_paid',
'update'
'reopen'
);
$sensitiveget = false;
if (in_array(GETPOST('action', 'aZ09'), $arrayofactiontoforcetokencheck)) {
$sensitiveget = true;
}
if (preg_match('/^(classify|close|confirm_|delete|disable|enable|remove_|setremise)/', GETPOST('action', 'aZ09'))) {
if (preg_match('/^(classify|close|confirm|del|disable|enable|remove|set|update)/', GETPOST('action', 'aZ09'))) {
$sensitiveget = true;
}