[pLog-svn] r7022 - plugins/branches/lifetype-1.2/csrf/class/security
jondaley at devel.lifetype.net
jondaley at devel.lifetype.net
Sat Aug 21 08:19:35 EDT 2010
Author: jondaley
Date: 2010-08-21 08:19:35 -0400 (Sat, 21 Aug 2010)
New Revision: 7022
Modified:
plugins/branches/lifetype-1.2/csrf/class/security/csrffilter.class.php
Log:
don't block access when there isn't an op, this helps when you open a new tab, or use a bookmark back to /admin.php when you still have a session open
Modified: plugins/branches/lifetype-1.2/csrf/class/security/csrffilter.class.php
===================================================================
--- plugins/branches/lifetype-1.2/csrf/class/security/csrffilter.class.php 2010-08-19 16:28:00 UTC (rev 7021)
+++ plugins/branches/lifetype-1.2/csrf/class/security/csrffilter.class.php 2010-08-21 12:19:35 UTC (rev 7022)
@@ -13,7 +13,7 @@
// Check if this operation needs to be blocked
lt_include(PLOG_CLASS_PATH."plugins/csrf/class/dao/csrfurls.class.php");
- if(!CsrfUrls::getProtectedOps($op))
+ if(!$op || !CsrfUrls::getProtectedOps($op))
return new PipelineResult();
// Get our token from the session
More information about the pLog-svn
mailing list