fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-12 07:11:42 +09:00
Code Issues Projects Releases Packages Wiki Activity

POST 요청시 CSRF 체크를 하지않도록 module.xml에 check_csrf 속성 추가

Browse source
This commit is contained in:
conory 2016-01-20 18:47:40 +09:00
parent c74a88201a
commit a519db608d
3 changed files with 37 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

3
modules/module/module.model.php
View file

@ -934,6 +934,7 @@ class moduleModel extends module
$standalone = $action->attrs->standalone=='false'?'false':'true';
$ruleset = $action->attrs->ruleset?$action->attrs->ruleset:'';
$method = $action->attrs->method?$action->attrs->method:'';
$check_csrf = $action->attrs->check_csrf=='false'?'false':'true';
$index = $action->attrs->index;
$admin_index = $action->attrs->admin_index;
@ -947,6 +948,7 @@ class moduleModel extends module
$info->action->{$name}->standalone = $standalone;
$info->action->{$name}->ruleset = $ruleset;
$info->action->{$name}->method = $method;
$info->action->{$name}->check_csrf = $check_csrf;
if($action->attrs->menu_name)
{
if($menu_index == 'true')
@ -970,6 +972,7 @@ class moduleModel extends module
$buff[] = sprintf('$info->action->%s->standalone=\'%s\';', $name, $standalone);
$buff[] = sprintf('$info->action->%s->ruleset=\'%s\';', $name, $ruleset);
$buff[] = sprintf('$info->action->%s->method=\'%s\';', $name, $method);
$buff[] = sprintf('$info->action->%s->check_csrf=\'%s\';', $name, $check_csrf);
if($index=='true')
{