Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-13218

Missing token check in acp_styles

    Details

    • Type: Bug
    • Status: Unverified Fix
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.1.0-RC5
    • Fix Version/s: 3.1.0-RC6
    • Component/s: ACP
    • Labels:
      None

      Description

      There's a an issue on the activate/deactive/install actions in the styles management page using a POST request. The uninstall action uses a confirmation box in the subsequent page, so that doesn't seem affected. GET requests are checked for validity using check_link_hash(), however, POST requests fail to use check_form_key(). Relevant code below:

      		$post_actions = array('install', 'activate', 'deactivate', 'uninstall');
       
      		if ($action && in_array($action, $post_actions) && !check_link_hash($request->variable('hash', ''), $action))
      		{
      			trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
      		}
       
      		foreach ($post_actions as $key)
      		{
      			if ($this->request->is_set_post($key))
      			{
      				$action = $key;
      			}
      		}
      

        Attachments

          Activity

            People

            • Assignee:
              prototech prototech
              Reporter:
              prototech prototech
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: