PsychoticNinja/Stikked
1
0
Fork 0
mirror of https://github.com/claudehohl/Stikked.git synced 2025-04-26 13:01:08 -05:00
Code Issues Projects Releases Wiki Activity

fixed CSRF issue as mentioned in https://github.com/claudehohl/Stikked/issues/435

Browse Source
This commit is contained in:
Th3R3p0 2017-08-23 18:30:19 -04:00
parent bd34454758
commit 335cebd4fd
6 changed files with 49 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
htdocs/themes/bootstrap/views/defaults/paste_form.php
View File

@ -125,6 +125,14 @@
<i class="icon-pencil icon-white"></i>
<?php echo lang('paste_create'); ?>
</button>
<?php
if ($this->config->item('csrf_protection') === TRUE)
{
if(isset($_COOKIE[$this->config->item('csrf_cookie_name')])) {
echo '<input type="hidden" name="'.$this->config->item('csrf_token_name').'" value="'.html_escape($_COOKIE[$this->config->item('csrf_cookie_name')]).'" style="display:none;" />'."\n";
}
}
?>
</div>
</form>
</div>

8
htdocs/themes/cleanwhite/views/defaults/paste_form.php
View File

@ -133,5 +133,13 @@
<div><button type="submit" value="submit" name="submit"><?php echo lang('paste_create'); ?></button></div>
<div class="spacer"></div>
<?php
if ($this->config->item('csrf_protection') === TRUE)
{
if(isset($_COOKIE[$this->config->item('csrf_cookie_name')])) {
echo '<input type="hidden" name="'.$this->config->item('csrf_token_name').'" value="'.html_escape($_COOKIE[$this->config->item('csrf_cookie_name')]).'" style="display:none;" />'."\n";
}
}
?>
</form>
</div>

9
htdocs/themes/default/views/defaults/paste_form.php
View File

@ -131,6 +131,15 @@
?>
<div class="clear"><button type="submit" value="submit" name="submit"><?php echo lang('paste_create'); ?></button></div>
<?php
if ($this->config->item('csrf_protection') === TRUE)
{
if(isset($_COOKIE[$this->config->item('csrf_cookie_name')])) {
echo '<input type="hidden" name="'.$this->config->item('csrf_token_name').'" value="'.html_escape($_COOKIE[$this->config->item('csrf_cookie_name')]).'" style="display:none;" />'."\n";
}
}
?>
<div class="spacer"></div>
</form>
</div>

8
htdocs/themes/geocities/views/defaults/paste_form.php
View File

@ -132,6 +132,14 @@
<?php echo lang('paste_create'); ?>
</button>
</div>
<?php
if ($this->config->item('csrf_protection') === TRUE)
{
if(isset($_COOKIE[$this->config->item('csrf_cookie_name')])) {
echo '<input type="hidden" name="'.$this->config->item('csrf_token_name').'" value="'.html_escape($_COOKIE[$this->config->item('csrf_cookie_name')]).'" style="display:none;" />'."\n";
}
}
?>
</form>
</div>
</div>

8
htdocs/themes/i386/views/defaults/paste_form.php
View File

@ -134,6 +134,14 @@
<i class="icon-pencil icon-white"></i>
<?php echo lang('paste_create'); ?>
</button>
<?php
if ($this->config->item('csrf_protection') === TRUE)
{
if(isset($_COOKIE[$this->config->item('csrf_cookie_name')])) {
echo '<input type="hidden" name="'.$this->config->item('csrf_token_name').'" value="'.html_escape($_COOKIE[$this->config->item('csrf_cookie_name')]).'" style="display:none;" />'."\n";
}
}
?>
</div>
</form>
</div>

8
htdocs/themes/stikkedizr/views/defaults/paste_form.php
View File

@ -134,6 +134,14 @@
<?php echo lang('paste_create'); ?>
</button>
</div>
<?php
if ($this->config->item('csrf_protection') === TRUE)
{
if(isset($_COOKIE[$this->config->item('csrf_cookie_name')])) {
echo '<input type="hidden" name="'.$this->config->item('csrf_token_name').'" value="'.html_escape($_COOKIE[$this->config->item('csrf_cookie_name')]).'" style="display:none;" />'."\n";
}
}
?>
</form>
</div>
</div>