From 3eea92c6e6495920d6fe94d34223e033889560d2 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 13 Jun 2021 20:36:12 +0200 Subject: [PATCH] Clean code --- htdocs/public/eventorganization/attendee_subscription.php | 5 +++++ htdocs/public/eventorganization/subscriptionok.php | 8 +++++++- htdocs/public/project/index.html | 1 - htdocs/public/project/suggestbooth.php | 5 +++++ htdocs/public/project/suggestconference.php | 5 +++++ htdocs/public/project/viewandvote.php | 5 +++++ 6 files changed, 27 insertions(+), 2 deletions(-) delete mode 100644 htdocs/public/project/index.html diff --git a/htdocs/public/eventorganization/attendee_subscription.php b/htdocs/public/eventorganization/attendee_subscription.php index a81ac456353..96dd77bce74 100644 --- a/htdocs/public/eventorganization/attendee_subscription.php +++ b/htdocs/public/eventorganization/attendee_subscription.php @@ -115,6 +115,11 @@ $extrafields = new ExtraFields($db); $user->loadDefaultValues(); +// Security check +if (empty($conf->eventorganization->enabled)) { + accessforbidden('', 0, 0, 1); +} + /** * Show header for new member diff --git a/htdocs/public/eventorganization/subscriptionok.php b/htdocs/public/eventorganization/subscriptionok.php index 8586535f5ab..b45e98b832a 100644 --- a/htdocs/public/eventorganization/subscriptionok.php +++ b/htdocs/public/eventorganization/subscriptionok.php @@ -66,7 +66,7 @@ $object = new stdClass(); // For triggers $error = 0; // Security check -$id = GETPOST("id"); +$id = GETPOST("id", 'int'); $securekeyreceived = GETPOST("securekey"); $securekeytocompare = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$id, 2); @@ -75,6 +75,12 @@ if ($securekeyreceived != $securekeytocompare) { exit; } +// Security check +if (empty($conf->eventorganization->enabled)) { + accessforbidden('', 0, 0, 1); +} + + /* * Actions */ diff --git a/htdocs/public/project/index.html b/htdocs/public/project/index.html deleted file mode 100644 index 8b137891791..00000000000 --- a/htdocs/public/project/index.html +++ /dev/null @@ -1 +0,0 @@ - diff --git a/htdocs/public/project/suggestbooth.php b/htdocs/public/project/suggestbooth.php index 77d3873511a..f5ef237a9bd 100644 --- a/htdocs/public/project/suggestbooth.php +++ b/htdocs/public/project/suggestbooth.php @@ -115,6 +115,11 @@ $user->loadDefaultValues(); $cactioncomm = new CActionComm($db); $arrayofeventtype = $cactioncomm->liste_array('', 'id', '', 0, 'module=\'booth@eventorganization\''); +// Security check +if (empty($conf->eventorganization->enabled)) { + accessforbidden('', 0, 0, 1); +} + /** * Show header for new member diff --git a/htdocs/public/project/suggestconference.php b/htdocs/public/project/suggestconference.php index 45dbaf80656..4ef1784e2a7 100644 --- a/htdocs/public/project/suggestconference.php +++ b/htdocs/public/project/suggestconference.php @@ -115,6 +115,11 @@ $user->loadDefaultValues(); $cactioncomm = new CActionComm($db); $arrayofeventtype = $cactioncomm->liste_array('', 'id', '', 0, 'module=\'conference@eventorganization\''); +// Security check +if (empty($conf->eventorganization->enabled)) { + accessforbidden('', 0, 0, 1); +} + /** * Show header for new member diff --git a/htdocs/public/project/viewandvote.php b/htdocs/public/project/viewandvote.php index 9252a7ac50f..64307018c38 100644 --- a/htdocs/public/project/viewandvote.php +++ b/htdocs/public/project/viewandvote.php @@ -89,6 +89,11 @@ if ($resultproject < 0) { $errmsg .= $project->error; } +// Security check +if (empty($conf->eventorganization->enabled)) { + accessforbidden('', 0, 0, 1); +} + /* * Actions