lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: Check on correct security key

Browse Source
This commit is contained in:
Laurent Destailleur 2013-04-14 20:59:16 +02:00
parent f028cce39d
commit 0e073038ad
2 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
htdocs/public/emailing/mailing-read.php
View File

@ -43,7 +43,11 @@ $securitykey=GETPOST('securitykey');
dol_syslog("public/emailing/mailing-read.php : tag=".$tag." securitykey=".$securitykey, LOG_DEBUG);
if ($securitykey != $conf->global->MAILING_EMAIL_UNSUBSCRIBE) accessforbidden('Bad security key value.');
if ($securitykey != $conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY)
{
print 'Bad security key value.';
exit;
}
if (! empty($tag))
{

8
htdocs/public/emailing/mailing-unsubscribe.php
View File

@ -48,10 +48,14 @@ $securitykey=GETPOST('securitykey');
dol_syslog("public/emailing/mailing-read.php : tag=".$tag." securitykey=".$securitykey, LOG_DEBUG);
if ($securitykey != $conf->global->MAILING_EMAIL_UNSUBSCRIBE) accessforbidden('Bad security key value.');
if ($securitykey != $conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY)
{
print 'Bad security key value.';
exit;
}
if (($tag!='') && ($unsuscrib=='1'))
if (! empty($tag) && ($unsuscrib=='1'))
{
//Udate status of mail in Destinaries maling list
$statut='3';