mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-02 14:57:37 +02:00
Code Issues Releases Wiki Activity

[ticket/security-249] Do not handle avatar submit on invalid token

Browse Source 
SECURITY-249
This commit is contained in:
Marc Alexander
2019-11-11 20:35:09 +01:00
parent 7d90f84306
commit 6320da67e4
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
phpBB/includes/ucp/ucp_groups.php
View File

@@ -534,7 +534,12 @@ class ucp_groups
'teampage' => $group_row['group_teampage'], 'teampage' => $group_row['group_teampage'],
); );
if ($config['allow_avatar']) if (!check_form_key('ucp_groups'))
{
$error[] = $user->lang['FORM_INVALID'];
}
if (!count($error) && $config['allow_avatar'])
{ {
// Handle avatar // Handle avatar
$driver_name = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', '')); $driver_name = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', ''));
@@ -556,11 +561,6 @@ class ucp_groups
$error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error)); $error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error));
} }
if (!check_form_key('ucp_groups'))
{
$error[] = $user->lang['FORM_INVALID'];
}
// Validate submitted colour value // Validate submitted colour value
if ($colour_error = validate_data($submit_ary, array('colour' => array('hex_colour', true)))) if ($colour_error = validate_data($submit_ary, array('colour' => array('hex_colour', true))))
{ {