Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Projets publics
Sympa
Commits
36fedef2
Commit
36fedef2
authored
Dec 08, 2018
by
Sympa authors
Committed by
IKEDA Soji
Dec 08, 2018
Browse files
tidyall.
parent
7c92c14c
Changes
1
Hide whitespace changes
Inline
Side-by-side
src/cgi/wwsympa.fcgi.in
View file @
36fedef2
...
...
@@ -729,13 +729,13 @@ our %required_privileges = (
# as possible.
our %require_csrftoken = (
'add'
=> 1,
'confirm_action'
=> 1,
'del'
=> 1,
'move_user'
=> 1,
'savefile'
=> 1,
'setpasswd'
=> 1,
'setpref'
=> 1,
'add' => 1,
'confirm_action' => 1,
'del' => 1,
'move_user' => 1,
'savefile' => 1,
'setpasswd' => 1,
'setpref' => 1,
);
# this definition is used to choose the left side menu type (admin ->
...
...
@@ -2316,13 +2316,13 @@ sub check_action_parameters {
## Validate CSRF token when one is required
if (defined($require_csrftoken{$param->{'action'}})) {
wwslog('debug', 'Action %s: CSRF token required', $param->{'action'});
wwslog('debug', 'Action %s: CSRF token required', $param->{'action'});
unless (defined($in{'csrftoken'})
and ($in{'csrftoken'} eq $session->{'csrftoken'})) {
unless (defined($in{'csrftoken'})
and ($in{'csrftoken'} eq $session->{'csrftoken'})) {
Sympa::WWW::Report::reject_report_web('user',
'authorization_reject', {'list' => $in{'list'}},
$param->{'action'}, '');
'authorization_reject', {'list' => $in{'list'}},
$param->{'action'}, '');
wwslog('info', 'CSRF token mismatch: in="%s" session="%s"',
$in{'csrftoken'}, $session->{'csrftoken'});
...
...
@@ -2506,7 +2506,7 @@ sub send_html {
my $error_escaped = Sympa::Tools::Text::encode_html($error);
$param->{'tt2_error'} = $error_escaped;
$param_copy->{'tt2_error'} = $error_escaped;
$output = '';
$output
= '';
$template->parse($param_copy, 'tt2_error.tt2', \$output,
has_header => 1);
$output .= "\n\n"; # when tt2 failed to parse
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment