Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-13218

Missing token check in acp_styles

    Details

    • Type: Bug
    • Status: Unverified Fix
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.1.0-RC5
    • Fix Version/s: 3.1.0-RC6
    • Component/s: ACP
    • Labels:
      None

      Description

      There's a an issue on the activate/deactive/install actions in the styles management page using a POST request. The uninstall action uses a confirmation box in the subsequent page, so that doesn't seem affected. GET requests are checked for validity using check_link_hash(), however, POST requests fail to use check_form_key(). Relevant code below:

      		$post_actions = array('install', 'activate', 'deactivate', 'uninstall');
       
      		if ($action && in_array($action, $post_actions) && !check_link_hash($request->variable('hash', ''), $action))
      		{
      			trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
      		}
       
      		foreach ($post_actions as $key)
      		{
      			if ($this->request->is_set_post($key))
      			{
      				$action = $key;
      			}
      		}
      

        Activity

        Hide
        nickvergessen Joas Schilling added a comment -

        Well moving stuff around is not as bad as installing/uninstalling. But yeah, not a big problem but still something we should fix.

        Show
        nickvergessen Joas Schilling added a comment - Well moving stuff around is not as bad as installing/uninstalling. But yeah, not a big problem but still something we should fix.
        Show
        naderman Nils Adermann added a comment - Fix: https://github.com/phpbb/phpbb/commit/4d30633cd4dfa8ad8438fc63c7cefe3c66e5ad46

          People

          • Assignee:
            prototech prototech
            Reporter:
            prototech prototech
          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development