Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

MDL-20901 fixed input validation

  • Loading branch information...
commit 4a8192d754ec299d5dd5194d4601f462195c19c8 1 parent f5c2028
@skodak skodak authored
View
2  backup/backup.php
@@ -115,7 +115,7 @@
raise_memory_limit("192M");
//Call the form, depending the step we are
- if (!$launch) {
+ if (!$launch or !data_submitted() or !confirm_sesskey()) {
// if we're at the start, clear the cache of prefs
if (isset($SESSION->backupprefs[$course->id])) {
unset($SESSION->backupprefs[$course->id]);
View
1  backup/backup_check.html
@@ -43,6 +43,7 @@
<form id="form" method="post" action="backup.php">
<table cellpadding="5" style="text-align:center;margin-left:auto;margin-right:auto">
<?php
+ echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
if (empty($to)) {
//Now print the Backup Name tr
View
2  backup/backup_form.html
@@ -120,6 +120,8 @@
<form id="form1" method="post" action="backup.php">
<table cellpadding="5" style="margin-left:auto;margin-right:auto;">
<?php
+ echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
+
/// Acummulator for hidden options and proper XHTML output
$hidden_options = '';
//Now, check modules and info and show posibilities
Please sign in to comment.
Something went wrong with that request. Please try again.