public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2026-01-07 03:59:15 +00:00
Code Issues Releases Wiki Activity

experimental CSRF protection

Browse Source
This commit is contained in:
Andrew Dolgov
2011-12-26 12:02:52 +04:00
parent 036cd3a410
commit 8484ce2258
14 changed files with 106 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
classes/pref_users.php
View File

@@ -1,6 +1,5 @@
<?php
class Pref_Users extends Protected_Handler {
function before() {
if (parent::before()) {
if ($_SESSION["access_level"] < 10) {
@@ -12,6 +11,12 @@ class Pref_Users extends Protected_Handler {
return false;
}
function csrf_ignore($method) {
$csrf_ignored = array("index");
return array_search($method, $csrf_ignored) !== false;
}
function userdetails() {
header("Content-Type: text/xml");