diff --git a/classes/context/Context.class.php b/classes/context/Context.class.php index 94f762dbe..7ef076418 100644 --- a/classes/context/Context.class.php +++ b/classes/context/Context.class.php @@ -668,7 +668,8 @@ class Context $url_info = parse_url($url); $oModuleModel = getModel('module'); - $site_info = $oModuleModel->getSiteInfoByDomain($url_info['host']); + $target_domain = (stripos($url, $default_url) !== 0) ? $url_info['host'] : $default_url; + $site_info = $oModuleModel->getSiteInfoByDomain($target_domain); if(!$site_info->site_srl) { $oModuleObject = new ModuleObject(); $oModuleObject->stop('msg_invalid_request'); diff --git a/classes/module/ModuleHandler.class.php b/classes/module/ModuleHandler.class.php index 16291fefb..56b775604 100644 --- a/classes/module/ModuleHandler.class.php +++ b/classes/module/ModuleHandler.class.php @@ -410,8 +410,8 @@ class ModuleHandler extends Handler $logged_info = Context::get('logged_info'); - // check CSRF for admin actions - if(Context::getRequestMethod() === 'POST' && Context::isInstalled() && !checkCSRF()) { + // check CSRF for POST actions + if(Context::getRequestMethod() === 'POST' && Context::isInstalled() && $this->act !== 'procFileUpload' && !checkCSRF()) { $this->error = 'msg_invalid_request'; $oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode); $oMessageObject->setError(-1); diff --git a/config/config.inc.php b/config/config.inc.php index c979fe233..0775ec09e 100644 --- a/config/config.inc.php +++ b/config/config.inc.php @@ -29,7 +29,7 @@ define('__ZBXE__', __XE__); /** * Display XE's full version. */ -define('__XE_VERSION__', '1.8.12'); +define('__XE_VERSION__', '1.8.13'); define('__XE_VERSION_ALPHA__', (stripos(__XE_VERSION__, 'alpha') !== false)); define('__XE_VERSION_BETA__', (stripos(__XE_VERSION__, 'beta') !== false)); define('__XE_VERSION_RC__', (stripos(__XE_VERSION__, 'rc') !== false)); diff --git a/modules/board/board.class.php b/modules/board/board.class.php index b8eb35dfe..353745af4 100644 --- a/modules/board/board.class.php +++ b/modules/board/board.class.php @@ -18,6 +18,21 @@ class board extends ModuleObject var $page_count = 10; ///< page number var $category_list = NULL; ///< category list + /** + * constructor + * + * @return void + */ + function board() + { + if(!Context::isInstalled()) return; + + if(!Context::isExistsSSLAction('dispBoardWrite') && Context::getSslStatus() == 'optional') + { + $ssl_actions = array('dispBoardWrite', 'dispBoardWriteComment', 'dispBoardReplyComment', 'dispBoardModifyComment', 'dispBoardDeleteComment', 'procBoardInsertDocument', 'procBoardDeleteDocument', 'procBoardInsertComment', 'procBoardDeleteComment', 'procBoardVerificationPassword'); + Context::addSSLActions($ssl_actions); + } + } /** * @brief install the module diff --git a/modules/member/conf/module.xml b/modules/member/conf/module.xml index e361bcec6..082494a63 100644 --- a/modules/member/conf/module.xml +++ b/modules/member/conf/module.xml @@ -62,8 +62,8 @@ - - + + diff --git a/modules/member/tpl/group_list.html b/modules/member/tpl/group_list.html index 55ae4585e..93e6305c7 100644 --- a/modules/member/tpl/group_list.html +++ b/modules/member/tpl/group_list.html @@ -15,7 +15,7 @@

{$XE_VALIDATOR_MESSAGE}

-
+ diff --git a/modules/module/module.controller.php b/modules/module/module.controller.php index d4f4a1e2b..552bfacd9 100644 --- a/modules/module/module.controller.php +++ b/modules/module/module.controller.php @@ -981,7 +981,7 @@ class moduleController extends module } } - $oDB->commit; + $oDB->commit(); return new Object(); }