makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-07 20:08:53 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/13833] Prevent flooding if type=submit doesn't exist

Browse source 
PHPBB3-13833
This commit is contained in:
Oliver Schramm 2015-06-08 16:43:10 +02:00
parent fedd0ae7f3
commit 2c6369c5d9
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
phpBB/includes/ucp/ucp_pm_compose.php
View file

@ -57,7 +57,6 @@ function compose_pm($id, $mode, $action, $user_folders = array())
$address_list = array(); $address_list = array();
} }
$submit = (isset($_POST['post'])) ? true : false;
$preview = (isset($_POST['preview'])) ? true : false; $preview = (isset($_POST['preview'])) ? true : false;
$save = (isset($_POST['save'])) ? true : false; $save = (isset($_POST['save'])) ? true : false;
$load = (isset($_POST['load'])) ? true : false; $load = (isset($_POST['load'])) ? true : false;
@ -71,6 +70,7 @@ function compose_pm($id, $mode, $action, $user_folders = array())
$refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load $refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load
|| $remove_u || $remove_g || $add_to || $add_bcc; || $remove_u || $remove_g || $add_to || $add_bcc;
$submit = isset($_POST['post']) && !$refresh && !$preview;
$action = ($delete && !$preview && !$refresh && $submit) ? 'delete' : $action; $action = ($delete && !$preview && !$refresh && $submit) ? 'delete' : $action;
$select_single = ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? false : true; $select_single = ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? false : true;

2
phpBB/posting.php
View file

@ -32,7 +32,6 @@ $forum_id = request_var('f', 0);
$draft_id = request_var('d', 0); $draft_id = request_var('d', 0);
$lastclick = request_var('lastclick', 0); $lastclick = request_var('lastclick', 0);
$submit = (isset($_POST['post'])) ? true : false;
$preview = (isset($_POST['preview'])) ? true : false; $preview = (isset($_POST['preview'])) ? true : false;
$save = (isset($_POST['save'])) ? true : false; $save = (isset($_POST['save'])) ? true : false;
$load = (isset($_POST['load'])) ? true : false; $load = (isset($_POST['load'])) ? true : false;
@ -40,6 +39,7 @@ $delete = (isset($_POST['delete'])) ? true : false;
$cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false; $cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false;
$refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['full_editor']) || isset($_POST['cancel_unglobalise']) || $save || $load) ? true : false; $refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['full_editor']) || isset($_POST['cancel_unglobalise']) || $save || $load) ? true : false;
$submit = isset($_POST['post']) && !$refresh && !$preview;
$mode = ($delete && !$preview && !$refresh && $submit) ? 'delete' : request_var('mode', ''); $mode = ($delete && !$preview && !$refresh && $submit) ? 'delete' : request_var('mode', '');
$error = $post_data = array(); $error = $post_data = array();