Permalink
Browse files

MDL-20901 fixed input validation

  • Loading branch information...
1 parent 55d5661 commit a8adf25d119e48e935cd1236eeab7a04c8be9809 @skodak skodak committed Nov 19, 2009
Showing with 4 additions and 1 deletion.
  1. +1 −1 backup/backup.php
  2. +1 −0 backup/backup_check.html
  3. +2 −0 backup/backup_form.html
View
@@ -123,7 +123,7 @@
raise_memory_limit("192M");
//Call the form, depending the step we are
- if (!$launch) {
+ if (!$launch or !data_submitted() or !confirm_sesskey()) {
// if we're at the start, clear the cache of prefs
if (isset($SESSION->backupprefs[$course->id])) {
unset($SESSION->backupprefs[$course->id]);
View
@@ -50,6 +50,7 @@
<form id="form" method="post" action="backup.php">
<table cellpadding="5" style="text-align:center;margin-left:auto;margin-right:auto">
<?php
+ echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
if (empty($to)) {
//Now print the Backup Name tr
View
@@ -123,6 +123,8 @@
<form id="form1" method="post" action="backup.php">
<table cellpadding="5" style="margin-left:auto;margin-right:auto;">
<?php
+ echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
+
/// Acummulator for hidden options and proper XHTML output
$hidden_options = '';
//Now, check modules and info and show posibilities

0 comments on commit a8adf25

Please sign in to comment.