Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

MDL-20901 fixed input validation

  • Loading branch information...
commit 135765992f8600eeca91aad89a720dcb985fdbca 1 parent ac50582
Petr Skoda skodak authored

Showing 2 changed files with 2 additions and 1 deletion. Show diff stats Hide diff stats

  1. +1 1  mod/survey/save.php
  2. +1 0  mod/survey/view.php
2  mod/survey/save.php
@@ -6,7 +6,7 @@
6 6
7 7 // Make sure this is a legitimate posting
8 8
9   - if (!$formdata = data_submitted("$CFG->wwwroot/mod/survey/view.php")) {
  9 + if (!$formdata = data_submitted("$CFG->wwwroot/mod/survey/view.php") or !confirm_sesskey()) {
10 10 error("You are not supposed to use this script like that.");
11 11 }
12 12
1  mod/survey/view.php
@@ -111,6 +111,7 @@
111 111 echo "<form method=\"post\" action=\"save.php\" id=\"surveyform\">";
112 112 echo '<div>';
113 113 echo "<input type=\"hidden\" name=\"id\" value=\"$id\" />";
  114 + echo "<input type=\"hidden\" name=\"sesskey\" value=\"".sesskey()."\" />";
114 115
115 116 print_simple_box(format_text($survey->intro), 'center', '70%', '', 5, 'generalbox', 'intro');
116 117

0 comments on commit 1357659

Please sign in to comment.
Something went wrong with that request. Please try again.