lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: on supprime le GET ET POST si la requete ne vient pas du serveur

Browse Source
This commit is contained in:
Regis Houssin 2009-05-16 07:16:12 +00:00
parent db8ffae9fc
commit 3723bb350a
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
htdocs/main.inc.php
View File

@ -110,7 +110,8 @@ analyse_sql_injection($_POST);
// Security: CSRF protection
if (! defined('NOCSRFCHECK') && ! empty($_SERVER['HTTP_REFERER']) && !eregi(DOL_MAIN_URL_ROOT, $_SERVER['HTTP_REFERER']))
{
return;
unset($_GET);
unset($_POST);
}
// This is to make Dolibarr working with Plesk