mirror of
https://git.code.sf.net/p/seeddms/code
synced 2025-05-12 04:31:32 +00:00
fix possible CSRF attack by setting document name
This commit is contained in:
Uwe Steinmann
parent
dfb6061b41
commit
ab546099f1
|
|
@ -614,7 +614,8 @@ switch($command) {
|
||||||
break; /* }}} */
|
break; /* }}} */
|
||||||
|
|
||||||
case 'setdocumentname': /* {{{ */
|
case 'setdocumentname': /* {{{ */
|
||||||
if(1||$user) {
|
if($user) {
|
||||||
|
if(checkFormKey('setdocumentname')) {
|
||||||
$document = $dms->getDocument($_REQUEST['id']);
|
$document = $dms->getDocument($_REQUEST['id']);
|
||||||
if($document) {
|
if($document) {
|
||||||
if ($document->getAccessMode($user) >= M_READWRITE) {
|
if ($document->getAccessMode($user) >= M_READWRITE) {
|
||||||
|
|
@ -638,6 +639,10 @@ switch($command) {
|
||||||
header('Content-Type: application/json');
|
header('Content-Type: application/json');
|
||||||
echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_doc_id'), 'data'=>''));
|
echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_doc_id'), 'data'=>''));
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
header('Content-Type: application/json');
|
||||||
|
echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_request_token'), 'data'=>''));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
break; /* }}} */
|
break; /* }}} */
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -2307,7 +2307,7 @@ $(function() {
|
||||||
if(!empty($this->params['settings']->_inlineEditing)) {
|
if(!empty($this->params['settings']->_inlineEditing)) {
|
||||||
echo "<span class=\"editable\" contenteditable=\"true\"";
|
echo "<span class=\"editable\" contenteditable=\"true\"";
|
||||||
if($object->isType('document'))
|
if($object->isType('document'))
|
||||||
echo " data-document=\"".$object->getId()."\"";
|
echo " data-document=\"".$object->getId()."\" data-formtoken=\"".createFormKey('setdocumentname')."\"";
|
||||||
echo ">".$text;
|
echo ">".$text;
|
||||||
echo "</span>\n";
|
echo "</span>\n";
|
||||||
} else
|
} else
|
||||||
|
|
|
||||||
|
|
@ -2348,7 +2348,7 @@ $(function() {
|
||||||
if(!empty($this->params['settings']->_inlineEditing)) {
|
if(!empty($this->params['settings']->_inlineEditing)) {
|
||||||
echo "<span class=\"editable\" contenteditable=\"true\"";
|
echo "<span class=\"editable\" contenteditable=\"true\"";
|
||||||
if($object->isType('document'))
|
if($object->isType('document'))
|
||||||
echo " data-document=\"".$object->getId()."\"";
|
echo " data-document=\"".$object->getId()."\" data-formtoken=\"".createFormKey('setdocumentname')."\"";
|
||||||
echo ">".$text;
|
echo ">".$text;
|
||||||
echo "</span>\n";
|
echo "</span>\n";
|
||||||
} else
|
} else
|
||||||
|
|
|
||||||
|
|
@ -617,9 +617,8 @@ $(document).ready( function() {
|
||||||
|
|
||||||
$("body").on("blur", "span.editable", function(e) { /* {{{ */
|
$("body").on("blur", "span.editable", function(e) { /* {{{ */
|
||||||
console.log($(this).data('document'));
|
console.log($(this).data('document'));
|
||||||
console.log('Hallo'+$(this).text());
|
|
||||||
e.preventDefault();
|
e.preventDefault();
|
||||||
$.post( "../op/op.Ajax.php", { command: "setdocumentname", id: $(this).data('document'), name: $(this).text() })
|
$.post( "../op/op.Ajax.php", { command: "setdocumentname", id: $(this).data('document'), formtoken: $(this).data('formtoken'), name: $(this).text() })
|
||||||
.done(function( data ) {
|
.done(function( data ) {
|
||||||
noty({
|
noty({
|
||||||
text: data.message,
|
text: data.message,
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user