Skip to content
Permalink
Browse files Browse the repository at this point in the history
Added missing CSRF token
  • Loading branch information
thorsten committed Oct 10, 2017
1 parent 2d2a85b commit a249b46
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 9 deletions.
5 changes: 5 additions & 0 deletions phpmyfaq/admin/ajax.config.php
Expand Up @@ -38,6 +38,11 @@

case 'add_instance':

if (!isset($_SESSION['phpmyfaq_csrf_token']) || $_SESSION['phpmyfaq_csrf_token'] !== $csrfToken) {
$http->sendJsonWithHeaders(array('error' => $PMF_LANG['err_NotAuth']));
exit(1);
}

$url = PMF_Filter::filterInput(INPUT_GET, 'url', FILTER_SANITIZE_STRING);
$instance = PMF_Filter::filterInput(INPUT_GET, 'instance', FILTER_SANITIZE_STRING);
$comment = PMF_Filter::filterInput(INPUT_GET, 'comment', FILTER_SANITIZE_STRING);
Expand Down
19 changes: 10 additions & 9 deletions phpmyfaq/admin/instances.php
Expand Up @@ -97,9 +97,9 @@
<?php
foreach ($instance->getAllInstances() as $site):
$currentInstance = new PMF_Instance($faqConfig);
$currentInstance->getInstanceById($site->id);
$currentInstance->setId($site->id);
?>
$currentInstance->getInstanceById($site->id);
$currentInstance->setId($site->id);
?>
<tr id="row-instance-<?php print $site->id ?>">
<td><?php print $site->id ?></td>
<td><a href="<?php print $site->url.$site->instance ?>"><?php print $site->url ?></a></td>
Expand All @@ -117,12 +117,10 @@ class="btn btn-danger pmf-instance-delete"
data-csrf-token="<?php echo $user->getCsrfTokenFromSession() ?>">
<i aria-hidden="true" class="fa fa-trash"></i>
</a>
<?php endif;
?>
<?php endif; ?>
</td>
</tr>
<?php endforeach;
?>
<?php endforeach; ?>
</tbody>
</table>

Expand All @@ -135,6 +133,7 @@ class="btn btn-danger pmf-instance-delete"
</div>
<div class="modal-body">
<form class="form-horizontal" action="#" method="post" accept-charset="utf-8">
<input type="hidden" name="csrf" id="csrf" value="<?php echo $user->getCsrfTokenFromSession() ?>">
<div class="form-group">
<label class="control-label col-lg-4">
<?php echo $PMF_LANG['ad_instance_url'] ?>:
Expand Down Expand Up @@ -205,6 +204,7 @@ class="btn btn-danger pmf-instance-delete"
// Add instance
$('.pmf-instance-add').click(function(event) {
event.preventDefault();
var csrf = $('#csrf').val();
var url = $('#url').val();
var instance = $('#instance').val();
var comment = $('#comment').val();
Expand All @@ -213,8 +213,9 @@ class="btn btn-danger pmf-instance-delete"
var password = $('#password').val();

$.get('index.php',
{ action: 'ajax', ajax: 'config', ajaxaction: 'add_instance',
url: url, instance: instance, comment: comment, email: email, admin: admin, password: password
{
action: 'ajax', ajax: 'config', ajaxaction: 'add_instance', csrf: csrf, url: url,
instance: instance, comment: comment, email: email, admin: admin, password: password
},
function(data) {
if (typeof(data.added) === 'undefined') {
Expand Down

0 comments on commit a249b46

Please sign in to comment.