From 17a1ae5c3c0ca8a2078c5c18f380ef342692b073 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 16 Jan 2010 11:40:23 +0000 Subject: [PATCH] Fix: All public pages must no make CRF check. --- htdocs/public/agenda/agendaexport.php | 3 ++- htdocs/public/demo/index.php | 1 + htdocs/public/donations/donateurs_code.php | 3 ++- htdocs/public/donations/therm.php | 3 ++- htdocs/public/members/new.php | 3 ++- htdocs/public/members/public_card.php | 3 ++- htdocs/public/members/public_list.php | 3 ++- htdocs/public/paybox/newpayment.php | 3 ++- htdocs/public/paybox/paymentko.php | 7 ++++--- htdocs/public/paybox/paymentok.php | 5 +++-- 10 files changed, 22 insertions(+), 12 deletions(-) diff --git a/htdocs/public/agenda/agendaexport.php b/htdocs/public/agenda/agendaexport.php index 0cce2c9098a..ea9975278ff 100644 --- a/htdocs/public/agenda/agendaexport.php +++ b/htdocs/public/agenda/agendaexport.php @@ -23,7 +23,8 @@ * \version $Id$ */ -define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOCSRFCHECK",1); // We accept to go on this page from external web site. require("../../main.inc.php"); require_once(DOL_DOCUMENT_ROOT.'/actioncomm.class.php'); diff --git a/htdocs/public/demo/index.php b/htdocs/public/demo/index.php index f4985827ef6..8feb5fccade 100644 --- a/htdocs/public/demo/index.php +++ b/htdocs/public/demo/index.php @@ -26,6 +26,7 @@ */ define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOCSRFCHECK",1); // We accept to go on this page from external web site. require("../../main.inc.php"); diff --git a/htdocs/public/donations/donateurs_code.php b/htdocs/public/donations/donateurs_code.php index 39cef86771e..55f83b5bb7c 100644 --- a/htdocs/public/donations/donateurs_code.php +++ b/htdocs/public/donations/donateurs_code.php @@ -23,7 +23,8 @@ * \version $Id$ */ -define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOCSRFCHECK",1); // We accept to go on this page from external web site. require("../../main.inc.php"); require_once(DOL_DOCUMENT_ROOT ."/don.class.php"); diff --git a/htdocs/public/donations/therm.php b/htdocs/public/donations/therm.php index 4a3657b02dc..9bb974e2f02 100644 --- a/htdocs/public/donations/therm.php +++ b/htdocs/public/donations/therm.php @@ -24,7 +24,8 @@ * \version $Id$ */ -define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOCSRFCHECK",1); // We accept to go on this page from external web site. require("../../main.inc.php"); require_once(DOL_DOCUMENT_ROOT."/lib/images.lib.php"); diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index cb233728e4a..1b22e9c2203 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -25,7 +25,8 @@ * \version $Id$ */ -define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOCSRFCHECK",1); // We accept to go on this page from external web site. require("../../main.inc.php"); require_once(DOL_DOCUMENT_ROOT."/adherents/adherent.class.php"); diff --git a/htdocs/public/members/public_card.php b/htdocs/public/members/public_card.php index 3c4d4843499..2701942932e 100644 --- a/htdocs/public/members/public_card.php +++ b/htdocs/public/members/public_card.php @@ -25,7 +25,8 @@ * \version $Id$ */ -define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOCSRFCHECK",1); // We accept to go on this page from external web site. require("../../main.inc.php"); require_once(DOL_DOCUMENT_ROOT."/adherents/adherent.class.php"); diff --git a/htdocs/public/members/public_list.php b/htdocs/public/members/public_list.php index 5ea486b9f20..d8c9c9db704 100644 --- a/htdocs/public/members/public_list.php +++ b/htdocs/public/members/public_list.php @@ -25,7 +25,8 @@ * \version $Id$ */ -define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOCSRFCHECK",1); // We accept to go on this page from external web site. require("../../main.inc.php"); diff --git a/htdocs/public/paybox/newpayment.php b/htdocs/public/paybox/newpayment.php index ad5381e8087..12b837a5fcc 100644 --- a/htdocs/public/paybox/newpayment.php +++ b/htdocs/public/paybox/newpayment.php @@ -26,7 +26,8 @@ * \version $Id$ */ -define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOCSRFCHECK",1); // We accept to go on this page from external web site. require("../../main.inc.php"); require_once(DOL_DOCUMENT_ROOT."/paybox/paybox.lib.php"); diff --git a/htdocs/public/paybox/paymentko.php b/htdocs/public/paybox/paymentko.php index 61301a23ac4..e8b16388f38 100644 --- a/htdocs/public/paybox/paymentko.php +++ b/htdocs/public/paybox/paymentko.php @@ -18,14 +18,15 @@ */ /** - * \file htdocs/public/paybox/paymentok.php + * \file htdocs/public/paybox/paymentko.php * \ingroup paybox - * \brief File to offer a way to make a payment for a particular Dolibarr entity + * \brief File to show page after a failed payment * \author Laurent Destailleur * \version $Id$ */ -define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOCSRFCHECK",1); // We accept to go on this page from external web site. require("../../main.inc.php"); require_once(DOL_DOCUMENT_ROOT."/paybox/paybox.lib.php"); diff --git a/htdocs/public/paybox/paymentok.php b/htdocs/public/paybox/paymentok.php index 9a2b0717f47..315c8f504c3 100644 --- a/htdocs/public/paybox/paymentok.php +++ b/htdocs/public/paybox/paymentok.php @@ -20,12 +20,13 @@ /** * \file htdocs/public/paybox/paymentok.php * \ingroup paybox - * \brief File to offer a way to make a payment for a particular Dolibarr entity + * \brief File to show page after a successful payment * \author Laurent Destailleur * \version $Id$ */ -define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOLOGIN",1); // This means this output page does not require to be logged. +define("NOCSRFCHECK",1); // We accept to go on this page from external web site. require("../../main.inc.php"); require_once(DOL_DOCUMENT_ROOT."/paybox/paybox.lib.php");