From 93815fc7619567cc962e053280c5ed0b19492feb Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Sun, 15 Oct 2006 05:02:09 +0000
Subject: Bug 281181: [SECURITY] It's way too easy to delete
 versions/components/milestones etc... - Patch by Frédéric Buclin
 <LpSolit@gmail.com> r=mkanat a=myk
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 editsettings.cgi | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'editsettings.cgi')

diff --git a/editsettings.cgi b/editsettings.cgi
index 6d7fffdfa..a4a85710f 100755
--- a/editsettings.cgi
+++ b/editsettings.cgi
@@ -24,6 +24,7 @@ use Bugzilla::Constants;
 use Bugzilla::Util;
 use Bugzilla::Error;
 use Bugzilla::User::Setting;
+use Bugzilla::Token;
 
 my $template = Bugzilla->template;
 local our $vars = {};
@@ -79,9 +80,12 @@ $user->in_group('tweakparams')
                                      object => "settings"});
 
 my $action  = trim($cgi->param('action')  || 'load');
+my $token   = $cgi->param('token');
 
 if ($action eq 'update') {
+    check_token_data($token, 'edit_settings');
     SaveSettings();
+    delete_token($token);
     $vars->{'changes_saved'} = 1;
 
     $template->process("admin/settings/updated.html.tmpl", $vars)
@@ -92,6 +96,7 @@ if ($action eq 'update') {
 
 if ($action eq 'load') {
     LoadSettings();
+    $vars->{'token'} = issue_session_token('edit_settings');
 
     $template->process("admin/settings/edit.html.tmpl", $vars)
       || ThrowTemplateError($template->error());
-- 
cgit v1.2.3-24-g4f1b