mirror/php-monstra
1
0
Fork 0
mirror of https://github.com/monstra-cms/monstra.git synced 2025-08-01 10:50:37 +02:00
Code Issues Releases Wiki Activity

CSRF detection text - updated #84

Browse Source
This commit is contained in:
Awilum
2013-01-09 22:27:01 +02:00
parent adac7ea7a3
commit 5db04d5007
10 changed files with 43 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
plugins/box/users/users.admin.php
View File

@@ -44,7 +44,7 @@ class UsersAdmin extends Backend
Option::update('users_frontend_registration', $users_frontend_registration);
Request::redirect('index.php?id=users');
} else { die('csrf detected!'); }
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
}
// Check for get actions
@@ -90,7 +90,7 @@ class UsersAdmin extends Backend
Request::redirect('index.php?id=users');
}
} else { die('csrf detected!'); }
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
}
// Display view
@@ -142,7 +142,7 @@ class UsersAdmin extends Backend
}
} else { }
} else { die('csrf detected!'); }
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
}
@@ -156,7 +156,7 @@ class UsersAdmin extends Backend
Request::redirect('index.php?id=users&action=edit&user_id='.Request::post('user_id'));
}
} else { die('csrf detected!'); }
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
}
if ( ((int) Session::get('user_id') == (int) Request::get('user_id')) or (in_array(Session::get('user_role'), array('admin')) && count($user) != 0) ) {
@@ -194,7 +194,7 @@ class UsersAdmin extends Backend
Notification::set('success', __('User <i>:user</i> have been deleted.', 'users', array(':user' => $user['login'])));
Request::redirect('index.php?id=users');
} else { die('csrf detected!'); }
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
}

8
plugins/box/users/users.plugin.php
View File

@@ -153,7 +153,7 @@ class Users extends Frontend
Request::redirect(Option::get('siteurl').'users/'.Users::$users->lastId());
}
} else { die('csrf detected!'); }
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
}
// Display view
@@ -239,7 +239,7 @@ class Users extends Frontend
}
} else { }
} else { die('csrf detected!'); }
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
}
@@ -345,7 +345,7 @@ class Users extends Frontend
}
} else { die('csrf detected!'); }
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
}
@@ -391,7 +391,7 @@ class Users extends Frontend
Notification::setNow('error', __('Wrong <b>username</b> or <b>password</b>', 'users'));
}
} else { die('csrf detected!'); }
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
}