mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-10-04 19:51:39 +02:00
Code Issues Releases Wiki Activity

session_ids to forms and other items

Browse Source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@3167 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
2002-12-03 17:44:02 +00:00
parent 48685db071
commit 1bae35bb04
8 changed files with 88 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
phpBB/includes/usercp_sendpasswd.php
View File

@@ -29,6 +29,11 @@ if ( !defined('IN_PHPBB') )
if ( isset($HTTP_POST_VARS['submit']) )
{
if (!isset($HTTP_POST_VARS['sid']) || $HTTP_POST_VARS['sid'] != $userdata['session_id'])
{
message_die(ERROR, 'Invalid_session');
}
$username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags($HTTP_POST_VARS['username'])) : '';
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : '';
@@ -127,6 +132,7 @@ $template->assign_vars(array(
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'],
'S_HIDDEN_FIELDS' => '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />',
'S_PROFILE_ACTION' => append_sid("profile.$phpEx?mode=sendpassword"))
);