gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-03-12 00:45:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

Browse Source
This commit is contained in:
Uwe Steinmann 2021-01-26 13:31:02 +01:00
commit 599786bcb0
2 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG
View File

@ -193,6 +193,8 @@
- fix potential clickjacking attack with manipulated email address of a user
- loading more items on ViewFolder page obeys sort order
- fix possible csrf attacks due to missing form token
- show an error msg on the documents detail page if the checksum of version
mismatch
--------------------------------------------------------------------------------
Changes in version 5.1.21

5
views/bootstrap/class.ViewDocument.php
View File

@ -621,6 +621,11 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
exit;
}
$checksum = SeedDMS_Core_File::checksum($dms->contentDir, $latestContent->getPath());
if($checksum != $latestContent->getChecksum()) {
$this->errorMsg(getMLText('wrong_checksum'));
}
$txt = $this->callHook('preLatestVersionTab', $latestContent);
if(is_string($txt))
echo $txt;