fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HOR-3921

Browse Source 
Fix CSRF security issue.
This commit is contained in:
davidcallizaya
2017-10-13 07:57:22 -04:00
parent 592ab76c01
commit 086cc31982
12 changed files with 112 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
workflow/public_html/sysGeneric.php
View File

@@ -979,8 +979,10 @@ if (! defined( 'EXECUTE_BY_CRON' )) {
require_once 'classes/model/Users.php';
$oUser = new Users();
$aUser = $oUser->load( $aSession['USR_UID'] );
$_SESSION['USER_LOGGED'] = $aUser['USR_UID'];
$_SESSION['USR_USERNAME'] = $aUser['USR_USERNAME'];
initUserSession(
$_SESSION['USER_LOGGED'],
$aUser['USR_USERNAME']
);
$bRedirect = false;
if ((preg_match("/msie/i", $_SERVER ['HTTP_USER_AGENT']) != 1 ||
$config['ie_cookie_lifetime'] == 1) &&