GNUsocial
/
gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

CSRF protection for subscription/unsubscription 

darcs-hash:20080829051104-84dde-9bd23c28c2c8a720046060a33ff3e5f246c47116.gz
This commit is contained in:
Evan Prodromou 2008-08-29 01:11:04 -04:00
parent 2e239e3fbb
commit 4272da4e9e
3 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
actions/showstream.php
View File

@ -179,6 +179,7 @@ class ShowstreamAction extends StreamAction {
function show_subscribe_form($profile) {
common_element_start('form', array('id' => 'subscribe', 'method' => 'post',
'action' => common_local_url('subscribe')));
common_hidden('token', common_session_token());
common_element('input', array('id' => 'subscribeto',
'name' => 'subscribeto',
'type' => 'hidden',
@ -200,6 +201,7 @@ class ShowstreamAction extends StreamAction {
function show_unsubscribe_form($profile) {
common_element_start('form', array('id' => 'unsubscribe', 'method' => 'post',
'action' => common_local_url('unsubscribe')));
common_hidden('token', common_session_token());
common_element('input', array('id' => 'unsubscribeto',
'name' => 'unsubscribeto',
'type' => 'hidden',

9
actions/subscribe.php
View File

@ -36,6 +36,15 @@ class SubscribeAction extends Action {
return;
}
# CSRF protection
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname)));
return;
}
$other_nickname = $this->arg('subscribeto');
$result=subs_subscribe_user($user, $other_nickname);

9
actions/unsubscribe.php
View File

@ -33,6 +33,15 @@ class UnsubscribeAction extends Action {
return;
}
# CSRF protection
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname)));
return;
}
$other_nickname = $this->arg('unsubscribeto');
$result=subs_unsubscribe_user($user,$other_nickname);
if($result!=true) {