PsychoticNinja/Stikked
1
0
Fork 0
mirror of https://github.com/claudehohl/Stikked.git synced 2025-04-25 20:41:20 -05:00
Code Issues Projects Releases Wiki Activity

Merge pull request #439 from Th3R3p0/CSRF-Fix

Browse Source 
fixed CSRF issue
This commit is contained in:
Claude 2017-08-28 15:08:14 +02:00 committed by GitHub
commit 085de303e0
6 changed files with 49 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
htdocs/themes/bootstrap/views/defaults/paste_form.php
View File

@ -125,6 +125,14 @@
<i class="icon-pencil icon-white"></i>
<?php echo lang('paste_create'); ?>
</button>
<?php
if ($this->config->item('csrf_protection') === TRUE)
{
if(isset($_COOKIE[$this->config->item('csrf_cookie_name')])) {
echo '<input type="hidden" name="'.$this->config->item('csrf_token_name').'" value="'.html_escape($_COOKIE[$this->config->item('csrf_cookie_name')]).'" style="display:none;" />'."\n";
}
}
?>
</div>
</form>
</div>

8
htdocs/themes/cleanwhite/views/defaults/paste_form.php
View File

@ -133,5 +133,13 @@
<div><button type="submit" value="submit" name="submit"><?php echo lang('paste_create'); ?></button></div>
<div class="spacer"></div>
<?php
if ($this->config->item('csrf_protection') === TRUE)
{
if(isset($_COOKIE[$this->config->item('csrf_cookie_name')])) {
echo '<input type="hidden" name="'.$this->config->item('csrf_token_name').'" value="'.html_escape($_COOKIE[$this->config->item('csrf_cookie_name')]).'" style="display:none;" />'."\n";
}
}
?>
</form>
</div>

9
htdocs/themes/default/views/defaults/paste_form.php
View File

@ -131,6 +131,15 @@
?>
<div class="clear"><button type="submit" value="submit" name="submit"><?php echo lang('paste_create'); ?></button></div>
<?php
if ($this->config->item('csrf_protection') === TRUE)
{
if(isset($_COOKIE[$this->config->item('csrf_cookie_name')])) {
echo '<input type="hidden" name="'.$this->config->item('csrf_token_name').'" value="'.html_escape($_COOKIE[$this->config->item('csrf_cookie_name')]).'" style="display:none;" />'."\n";
}
}
?>
<div class="spacer"></div>
</form>
</div>

8
htdocs/themes/geocities/views/defaults/paste_form.php
View File

@ -132,6 +132,14 @@
<?php echo lang('paste_create'); ?>
</button>
</div>
<?php
if ($this->config->item('csrf_protection') === TRUE)
{
if(isset($_COOKIE[$this->config->item('csrf_cookie_name')])) {
echo '<input type="hidden" name="'.$this->config->item('csrf_token_name').'" value="'.html_escape($_COOKIE[$this->config->item('csrf_cookie_name')]).'" style="display:none;" />'."\n";
}
}
?>
</form>
</div>
</div>

8
htdocs/themes/i386/views/defaults/paste_form.php
View File

@ -134,6 +134,14 @@
<i class="icon-pencil icon-white"></i>
<?php echo lang('paste_create'); ?>
</button>
<?php
if ($this->config->item('csrf_protection') === TRUE)
{
if(isset($_COOKIE[$this->config->item('csrf_cookie_name')])) {
echo '<input type="hidden" name="'.$this->config->item('csrf_token_name').'" value="'.html_escape($_COOKIE[$this->config->item('csrf_cookie_name')]).'" style="display:none;" />'."\n";
}
}
?>
</div>
</form>
</div>

8
htdocs/themes/stikkedizr/views/defaults/paste_form.php
View File

@ -134,6 +134,14 @@
<?php echo lang('paste_create'); ?>
</button>
</div>
<?php
if ($this->config->item('csrf_protection') === TRUE)
{
if(isset($_COOKIE[$this->config->item('csrf_cookie_name')])) {
echo '<input type="hidden" name="'.$this->config->item('csrf_token_name').'" value="'.html_escape($_COOKIE[$this->config->item('csrf_cookie_name')]).'" style="display:none;" />'."\n";
}
}
?>
</form>
</div>
</div>