diff options
author | M.Gergo | 2020-08-27 11:20:03 +0200 |
---|---|---|
committer | M.Gergo | 2020-08-27 11:20:03 +0200 |
commit | 0c50e985f6f59a4239e0b992ebdf515fb963e028 (patch) | |
tree | b2dba5f244781a7a97f73118a24ff270c764f0e4 /mayor-orig/mayor-base | |
parent | 3dcf762b20c16850cff7c61ac74e4bf0850ffa42 (diff) | |
download | mayor-rev4674.tar.gz mayor-rev4674.zip |
Rev: 4674rev4674
Diffstat (limited to 'mayor-orig/mayor-base')
-rw-r--r-- | mayor-orig/mayor-base/log/mayor-base.rev | 2 | ||||
-rw-r--r-- | mayor-orig/mayor-base/www/include/base/rights.php | 5 |
2 files changed, 5 insertions, 2 deletions
diff --git a/mayor-orig/mayor-base/log/mayor-base.rev b/mayor-orig/mayor-base/log/mayor-base.rev index add7598c..23d66a57 100644 --- a/mayor-orig/mayor-base/log/mayor-base.rev +++ b/mayor-orig/mayor-base/log/mayor-base.rev @@ -1 +1 @@ -4672 +4674 diff --git a/mayor-orig/mayor-base/www/include/base/rights.php b/mayor-orig/mayor-base/www/include/base/rights.php index dc6b7aa7..89d36f7c 100644 --- a/mayor-orig/mayor-base/www/include/base/rights.php +++ b/mayor-orig/mayor-base/www/include/base/rights.php @@ -250,17 +250,20 @@ function validUser($sessionID,$policy,$skin='',$lang='') { } if (count($_POST)>0) { if (!empty($_POST['mayorToken'])) { + if ($page=='naplo'&&$sub=='tanev'&&$f=='targyBontas') { + //skip check :( TODO!!!! if (hash_equals($_SESSION['mayorToken'], $_POST['mayorToken'])) { // OK, token regenerálás + visszakuldjuk az ETAG-ben $_SESSION['mayorToken'] = pseudoTokenGenerator(); } else { if ($_POST['action']!='') { /* Ha nincs action formváltozó, nincs szükség hibaüzenetre, a form nem módosít, de most... */ - $_SESSION['alert'][] = 'message:not_valid_form:pnu2'; + $_SESSION['alert'][] = 'message:not_valid_form:pnu2'.$page.$sub.$f; $_JSON['result'] = false; } unset($_POST['action']); unset($action); } + } } else { // klasszikus ellenőrzés, fallback echo 'FATAL ERROR 696'; die(); |