mirror/php-monstra
1
0
Fork 0
mirror of https://github.com/monstra-cms/monstra.git synced 2025-08-02 19:27:52 +02:00
Code Issues Releases Wiki Activity

User security fix

Browse Source 
Fix to resolve #405 by adding a check that compares POST id with SESSION
id for none admin edits
This commit is contained in:
Mightyhaggis
2016-03-27 19:25:54 +01:00
parent 4980a54b0c
commit 2e2a22ee5a
1 changed files with 25 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
plugins/box/users/users.plugin.php
View File

@@ -229,6 +229,9 @@ class Users extends Frontend
// Check csrf // Check csrf
if (Security::check(Request::post('csrf'))) { if (Security::check(Request::post('csrf'))) {
// Check for POST data manipulation
if( ((int) Session::get('user_id') == (int) Request::post('user_id')) or (in_array(Session::get('user_role'), array('admin'))) ) {
if (Security::safeName(Request::post('login')) != '') { if (Security::safeName(Request::post('login')) != '') {
if (Users::$users->update(Request::post('user_id'), if (Users::$users->update(Request::post('user_id'),
array('login' => Security::safeName(Request::post('login')), array('login' => Security::safeName(Request::post('login')),
@@ -249,6 +252,8 @@ class Users extends Frontend
} }
} else { } } else { }
} else { die('Monstra says: This is not your profile...'); }
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
} }