lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Start to enable MAIN_SECURITY_CSRF_WITH_TOKEN (for develop)

Browse Source
This commit is contained in:
Laurent Destailleur 2019-08-31 14:41:54 +02:00
parent 4e5e5542ff
commit 0889f2f537
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/core/class/conf.class.php
View File

@ -177,6 +177,7 @@ class Conf
if ($value && preg_match('/^MAIN_MODULE_/', $key))
{
$reg=array();
// If this is constant for a new tab page activated by a module. It initializes modules_parts['tabs'].
if (preg_match('/^MAIN_MODULE_([0-9A-Z_]+)_TABS_/i', $key))
{
@ -674,6 +675,9 @@ class Conf
if (empty($this->global->MAIN_MODULE_DOLISTORE_API_SRV)) $this->global->MAIN_MODULE_DOLISTORE_API_SRV='https://www.dolistore.com';
if (empty($this->global->MAIN_MODULE_DOLISTORE_API_KEY)) $this->global->MAIN_MODULE_DOLISTORE_API_KEY='dolistorecatalogpublickey1234567';
// If we are in develop mode, we activate the option MAIN_SECURITY_CSRF_WITH_TOKEN to 1 if not already defined.
if (! isset($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN) && $conf->global->MAIN_FEATURES_LEVEL >= 2) $conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN = 1;
// For backward compatibility
if (isset($this->product)) $this->produit=$this->product;
if (isset($this->facture)) $this->invoice=$this->facture;