mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-28 06:08:52 +00:00
Merge remote-tracking branch 'nickvergessen/ticket/10840' into develop-olympus
* nickvergessen/ticket/10840: [ticket/10840] Add check_form_key to acp_groups.php
This commit is contained in:
Andreas Fischer
commit
1cd6bb88a6
1 changed files with 10 additions and 0 deletions
|
|
@ -80,6 +80,11 @@ class acp_groups
|
||||||
case 'approve':
|
case 'approve':
|
||||||
case 'demote':
|
case 'demote':
|
||||||
case 'promote':
|
case 'promote':
|
||||||
|
if (!check_form_key($form_key))
|
||||||
|
{
|
||||||
|
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
|
||||||
|
}
|
||||||
|
|
||||||
if (!$group_id)
|
if (!$group_id)
|
||||||
{
|
{
|
||||||
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
|
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
|
||||||
|
|
@ -252,6 +257,11 @@ class acp_groups
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'addusers':
|
case 'addusers':
|
||||||
|
if (!check_form_key($form_key))
|
||||||
|
{
|
||||||
|
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
|
||||||
|
}
|
||||||
|
|
||||||
if (!$group_id)
|
if (!$group_id)
|
||||||
{
|
{
|
||||||
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
|
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue