fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-03 16:51:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Update references to deprecated global function checkCSRF()

Browse source
This commit is contained in:
Kijin Sung 2025-12-17 18:00:48 +09:00
parent cc17bbe05a
commit 0c018f1daf
6 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

4
classes/module/ModuleHandler.class.php
View file

@ -393,7 +393,7 @@ class ModuleHandler extends Handler
// check CSRF for non-GET (POST, PUT, etc.) actions // check CSRF for non-GET (POST, PUT, etc.) actions
if(!in_array(Context::getRequestMethod(), self::$_nocsrf_methods) && Context::isInstalled()) if(!in_array(Context::getRequestMethod(), self::$_nocsrf_methods) && Context::isInstalled())
{ {
if(isset($xml_info->action->{$this->act}) && $xml_info->action->{$this->act}->check_csrf !== 'false' && !checkCSRF()) if(isset($xml_info->action->{$this->act}) && $xml_info->action->{$this->act}->check_csrf !== 'false' && !Rhymix\Framework\Security::checkCSRF())
{ {
return self::_createErrorMessage(-1, 'msg_security_violation', 403, 'ERR_CSRF_CHECK_FAILED'); return self::_createErrorMessage(-1, 'msg_security_violation', 403, 'ERR_CSRF_CHECK_FAILED');
} }
@ -555,7 +555,7 @@ class ModuleHandler extends Handler
// check CSRF for non-GET (POST, PUT, etc.) actions // check CSRF for non-GET (POST, PUT, etc.) actions
if(!in_array(Context::getRequestMethod(), self::$_nocsrf_methods) && Context::isInstalled()) if(!in_array(Context::getRequestMethod(), self::$_nocsrf_methods) && Context::isInstalled())
{ {
if($xml_info->action->{$this->act} && $xml_info->action->{$this->act}->check_csrf !== 'false' && !checkCSRF()) if($xml_info->action->{$this->act} && $xml_info->action->{$this->act}->check_csrf !== 'false' && !Rhymix\Framework\Security::checkCSRF())
{ {
return self::_createErrorMessage(-1, 'msg_security_violation', 403, 'ERR_CSRF_CHECK_FAILED'); return self::_createErrorMessage(-1, 'msg_security_violation', 403, 'ERR_CSRF_CHECK_FAILED');
} }

4
modules/comment/comment.controller.php
View file

@ -517,7 +517,7 @@ class CommentController extends Comment
*/ */
function insertComment($obj, $manual_inserted = FALSE, $update_document = TRUE) function insertComment($obj, $manual_inserted = FALSE, $update_document = TRUE)
{ {
if(!$manual_inserted && !checkCSRF()) if(!$manual_inserted && !Rhymix\Framework\Security::checkCSRF())
{ {
return new BaseObject(-1, 'msg_security_violation'); return new BaseObject(-1, 'msg_security_violation');
} }
@ -954,7 +954,7 @@ class CommentController extends Comment
*/ */
function updateComment($obj, $skip_grant_check = FALSE, $manual_updated = FALSE) function updateComment($obj, $skip_grant_check = FALSE, $manual_updated = FALSE)
{ {
if(!$manual_updated && !checkCSRF()) if(!$manual_updated && !Rhymix\Framework\Security::checkCSRF())
{ {
return new BaseObject(-1, 'msg_security_violation'); return new BaseObject(-1, 'msg_security_violation');
} }

4
modules/document/document.controller.php
View file

@ -607,7 +607,7 @@ class DocumentController extends Document
*/ */
function insertDocument($obj, $manual_inserted = false, $isRestore = false, $isLatest = true) function insertDocument($obj, $manual_inserted = false, $isRestore = false, $isLatest = true)
{ {
if (!$manual_inserted && !checkCSRF()) if (!$manual_inserted && !Rhymix\Framework\Security::checkCSRF())
{ {
return new BaseObject(-1, 'msg_security_violation'); return new BaseObject(-1, 'msg_security_violation');
} }
@ -974,7 +974,7 @@ class DocumentController extends Document
*/ */
function updateDocument($source_obj, $obj, $manual_updated = FALSE) function updateDocument($source_obj, $obj, $manual_updated = FALSE)
{ {
if(!$manual_updated && !checkCSRF()) if(!$manual_updated && !Rhymix\Framework\Security::checkCSRF())
{ {
return new BaseObject(-1, 'msg_security_violation'); return new BaseObject(-1, 'msg_security_violation');
} }

2
modules/document/document.view.php
View file

@ -50,7 +50,7 @@ class DocumentView extends Document
*/ */
function dispDocumentPreview() function dispDocumentPreview()
{ {
if(!checkCSRF()) if(!Rhymix\Framework\Security::checkCSRF())
{ {
throw new Rhymix\Framework\Exceptions\SecurityViolation; throw new Rhymix\Framework\Exceptions\SecurityViolation;
} }

2
modules/layout/layout.view.php
View file

@ -320,7 +320,7 @@ class LayoutView extends Layout
*/ */
function dispLayoutPreview() function dispLayoutPreview()
{ {
if(!checkCSRF()) if(!Rhymix\Framework\Security::checkCSRF())
{ {
throw new Rhymix\Framework\Exceptions\InvalidRequest; throw new Rhymix\Framework\Exceptions\InvalidRequest;
} }

2
modules/member/member.admin.controller.php
View file

@ -24,7 +24,7 @@ class MemberAdminController extends Member
// if(Context::getRequestMethod() == "GET") return new Object(-1, "msg_invalid_request"); // if(Context::getRequestMethod() == "GET") return new Object(-1, "msg_invalid_request");
// Extract the necessary information in advance // Extract the necessary information in advance
$logged_info = Context::get('logged_info'); $logged_info = Context::get('logged_info');
if($logged_info->is_admin != 'Y' || !checkCSRF()) if($logged_info->is_admin != 'Y' || !Rhymix\Framework\Security::checkCSRF())
{ {
throw new Rhymix\Framework\Exceptions\InvalidRequest; throw new Rhymix\Framework\Exceptions\InvalidRequest;
} }