fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-08 03:01:43 +09:00
Code Issues Projects Releases Packages Wiki Activity

checkCSRF 조건변경

Browse source
This commit is contained in:
conory 2016-01-20 19:46:16 +09:00
parent a519db608d
commit d3a96cb8e1
1 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
classes/module/ModuleHandler.class.php
View file

@ -404,9 +404,9 @@ class ModuleHandler extends Handler
}
// check CSRF for POST actions
if(Context::getRequestMethod() === 'POST' && Context::isInstalled() && !checkCSRF())
if(Context::getRequestMethod() === 'POST' && Context::isInstalled())
{
if($xml_info->action->{$this->act} && $xml_info->action->{$this->act}->check_csrf !== 'false')
if($xml_info->action->{$this->act} && $xml_info->action->{$this->act}->check_csrf !== 'false' && !checkCSRF())
{
$this->_setInputErrorToContext();
$this->error = 'msg_invalid_request';
@ -559,9 +559,9 @@ class ModuleHandler extends Handler
}
// check CSRF for POST actions
if(Context::getRequestMethod() === 'POST' && Context::isInstalled() && !checkCSRF())
if(Context::getRequestMethod() === 'POST' && Context::isInstalled())
{
if($xml_info->action->{$this->act} && $xml_info->action->{$this->act}->check_csrf !== 'false')
if($xml_info->action->{$this->act} && $xml_info->action->{$this->act}->check_csrf !== 'false' && !checkCSRF())
{
$this->_setInputErrorToContext();
$this->error = 'msg_invalid_request';