[pLog-svn] r7017 - plugins/branches/lifetype-1.2/csrf
jondaley at devel.lifetype.net
jondaley at devel.lifetype.net
Wed Aug 4 22:20:49 EDT 2010
Author: jondaley
Date: 2010-08-04 22:20:49 -0400 (Wed, 04 Aug 2010)
New Revision: 7017
Modified:
plugins/branches/lifetype-1.2/csrf/plugincsrf.class.php
Log:
bug/validation, also helps with editcomments plugin
Modified: plugins/branches/lifetype-1.2/csrf/plugincsrf.class.php
===================================================================
--- plugins/branches/lifetype-1.2/csrf/plugincsrf.class.php 2010-07-31 17:18:36 UTC (rev 7016)
+++ plugins/branches/lifetype-1.2/csrf/plugincsrf.class.php 2010-08-05 02:20:49 UTC (rev 7017)
@@ -11,7 +11,7 @@
$this->id = "csrf";
$this->author = "Jon Daley";
- $this->version = "20100731";
+ $this->version = "20100804";
$this->desc = "Protects the administrators and blog editors from CSRF attacks.";
// this plugin only cares about the administration side
@@ -39,7 +39,7 @@
$protectedOps[$key] = "/(op=$op)(\W)/";
}
$params['content'] = preg_replace($protectedOps, '$1' .
- '&'.CSRF_TOKEN_NAME.'='.
+ '&'.CSRF_TOKEN_NAME.'='.
$sessioninfo->getValue(CSRF_TOKEN_NAME).'$2',
$params['content']);
More information about the pLog-svn
mailing list