From 7b9f7527015c9760770dbdcba9fb03a3ebe11109 Mon Sep 17 00:00:00 2001
From: Awilum <awilum@msn.com>
Date: Wed, 3 Oct 2012 15:17:38 +0300
Subject: [PATCH] Blocks Plugin: csrf vulnerability resolved

---
 plugins/box/blocks/blocks.admin.php             | 12 +++++++++---
 plugins/box/blocks/views/backend/index.view.php |  2 +-
 2 files changed, 10 insertions(+), 4 deletions(-)
 mode change 100644 => 100755 plugins/box/blocks/blocks.admin.php
 mode change 100644 => 100755 plugins/box/blocks/views/backend/index.view.php

diff --git a/plugins/box/blocks/blocks.admin.php b/plugins/box/blocks/blocks.admin.php
old mode 100644
new mode 100755
index 2640de8..683c6f1
--- a/plugins/box/blocks/blocks.admin.php
+++ b/plugins/box/blocks/blocks.admin.php
@@ -117,9 +117,15 @@
                                 ->display();
                     break;
                     case "delete_block":
-                        File::delete($blocks_path.Request::get('filename').'.block.html');
-                        Notification::set('success', __('Block <i>:name</i> deleted', 'blocks', array(':name' => File::name(Request::get('filename')))));
-                        Request::redirect('index.php?id=blocks');
+
+                        if (Security::check(Request::get('token'))) { 
+
+                            File::delete($blocks_path.Request::get('filename').'.block.html');
+                            Notification::set('success', __('Block <i>:name</i> deleted', 'blocks', array(':name' => File::name(Request::get('filename')))));
+                            Request::redirect('index.php?id=blocks');
+
+                        } else { die('csrf detected!'); }                        
+                        
                     break;
                 }
             } else {
diff --git a/plugins/box/blocks/views/backend/index.view.php b/plugins/box/blocks/views/backend/index.view.php
old mode 100644
new mode 100755
index d91fece..3e7895b
--- a/plugins/box/blocks/views/backend/index.view.php
+++ b/plugins/box/blocks/views/backend/index.view.php
@@ -23,7 +23,7 @@
         <td>            
             <?php echo Html::anchor(__('Edit', 'blocks'), 'index.php?id=blocks&action=edit_block&filename='.basename($block, '.block.html'), array('class' => 'btn btn-actions')); ?>
             <?php echo Html::anchor(__('Delete', 'blocks'),
-                      'index.php?id=blocks&action=delete_block&filename='.basename($block, '.block.html'),
+                      'index.php?id=blocks&action=delete_block&filename='.basename($block, '.block.html').'&token='.Security::token(),
                        array('class' => 'btn btn-actions', 'onclick' => "return confirmDelete('".__('Delete block: :block', 'blocks', array(':block' => basename($block, '.block.html')))."')"));
             ?>
         </td>