From f6541b7858bd58307c4038a5fe8cbb603c60b2b7 Mon Sep 17 00:00:00 2001 From: Awilum Date: Wed, 3 Oct 2012 14:48:27 +0300 Subject: [PATCH] Snippets Plugin: csrf vulnerability resolved --- plugins/box/snippets/snippets.admin.php | 12 +++++++++--- plugins/box/snippets/views/backend/index.view.php | 2 +- 2 files changed, 10 insertions(+), 4 deletions(-) mode change 100644 => 100755 plugins/box/snippets/snippets.admin.php mode change 100644 => 100755 plugins/box/snippets/views/backend/index.view.php diff --git a/plugins/box/snippets/snippets.admin.php b/plugins/box/snippets/snippets.admin.php old mode 100644 new mode 100755 index cac05a8..eb65067 --- a/plugins/box/snippets/snippets.admin.php +++ b/plugins/box/snippets/snippets.admin.php @@ -114,9 +114,15 @@ ->display(); break; case "delete_snippet": - File::delete($snippets_path.Request::get('filename').'.snippet.php'); - Notification::set('success', __('Snippet :name deleted', 'snippets', array(':name' => File::name(Request::get('filename'))))); - Request::redirect('index.php?id=snippets'); + + if (Security::check(Request::get('token'))) { + + File::delete($snippets_path.Request::get('filename').'.snippet.php'); + Notification::set('success', __('Snippet :name deleted', 'snippets', array(':name' => File::name(Request::get('filename'))))); + Request::redirect('index.php?id=snippets'); + + } else { die('csrf detected!'); } + break; } } else { diff --git a/plugins/box/snippets/views/backend/index.view.php b/plugins/box/snippets/views/backend/index.view.php old mode 100644 new mode 100755 index c5da2be..eb7936c --- a/plugins/box/snippets/views/backend/index.view.php +++ b/plugins/box/snippets/views/backend/index.view.php @@ -23,7 +23,7 @@ 'btn btn-actions')); ?> 'btn btn-actions', 'onclick' => "return confirmDelete('".__('Delete snippet: :snippet', 'snippets', array(':snippet' => basename($snippet, '.snippet.php')))."')")); ?>