From 0e073038ad4e5a0612e4f68e48b1e15f5ef46604 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sun, 14 Apr 2013 20:59:16 +0200
Subject: [PATCH] Fix: Check on correct security key

---
 htdocs/public/emailing/mailing-read.php        | 6 +++++-
 htdocs/public/emailing/mailing-unsubscribe.php | 8 ++++++--
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/htdocs/public/emailing/mailing-read.php b/htdocs/public/emailing/mailing-read.php
index f7734a03e25..d29bb0fefc4 100644
--- a/htdocs/public/emailing/mailing-read.php
+++ b/htdocs/public/emailing/mailing-read.php
@@ -43,7 +43,11 @@ $securitykey=GETPOST('securitykey');
 
 dol_syslog("public/emailing/mailing-read.php : tag=".$tag." securitykey=".$securitykey, LOG_DEBUG);
 
-if ($securitykey != $conf->global->MAILING_EMAIL_UNSUBSCRIBE) accessforbidden('Bad security key value.');
+if ($securitykey != $conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY)
+{
+	print 'Bad security key value.';
+	exit;
+}
 
 if (! empty($tag))
 {
diff --git a/htdocs/public/emailing/mailing-unsubscribe.php b/htdocs/public/emailing/mailing-unsubscribe.php
index 339946d4123..c1245ace0ad 100644
--- a/htdocs/public/emailing/mailing-unsubscribe.php
+++ b/htdocs/public/emailing/mailing-unsubscribe.php
@@ -48,10 +48,14 @@ $securitykey=GETPOST('securitykey');
 
 dol_syslog("public/emailing/mailing-read.php : tag=".$tag." securitykey=".$securitykey, LOG_DEBUG);
 
-if ($securitykey != $conf->global->MAILING_EMAIL_UNSUBSCRIBE) accessforbidden('Bad security key value.');
+if ($securitykey != $conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY)
+{
+	print 'Bad security key value.';
+	exit;
+}
 
 
-if (($tag!='') && ($unsuscrib=='1'))
+if (! empty($tag) && ($unsuscrib=='1'))
 {
 	//Udate status of mail in Destinaries maling list
 	$statut='3';