From 93815fc7619567cc962e053280c5ed0b19492feb Mon Sep 17 00:00:00 2001 From: "lpsolit%gmail.com" <> Date: Sun, 15 Oct 2006 05:02:09 +0000 Subject: Bug 281181: [SECURITY] It's way too easy to delete versions/components/milestones etc... - Patch by Frédéric Buclin r=mkanat a=myk MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- editsettings.cgi | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'editsettings.cgi') diff --git a/editsettings.cgi b/editsettings.cgi index 6d7fffdfa..a4a85710f 100755 --- a/editsettings.cgi +++ b/editsettings.cgi @@ -24,6 +24,7 @@ use Bugzilla::Constants; use Bugzilla::Util; use Bugzilla::Error; use Bugzilla::User::Setting; +use Bugzilla::Token; my $template = Bugzilla->template; local our $vars = {}; @@ -79,9 +80,12 @@ $user->in_group('tweakparams') object => "settings"}); my $action = trim($cgi->param('action') || 'load'); +my $token = $cgi->param('token'); if ($action eq 'update') { + check_token_data($token, 'edit_settings'); SaveSettings(); + delete_token($token); $vars->{'changes_saved'} = 1; $template->process("admin/settings/updated.html.tmpl", $vars) @@ -92,6 +96,7 @@ if ($action eq 'update') { if ($action eq 'load') { LoadSettings(); + $vars->{'token'} = issue_session_token('edit_settings'); $template->process("admin/settings/edit.html.tmpl", $vars) || ThrowTemplateError($template->error()); -- cgit v1.2.3-24-g4f1b