security fix, id was encoded where it should not be encoded

This commit is contained in:
Dorian Vabre 2021-05-07 14:49:00 +02:00
parent 2169a106fa
commit 6111f43946
3 changed files with 3 additions and 4 deletions

View File

@ -98,6 +98,7 @@ EvntOrgCancelled = Cancelled
#
SuggestForm = Suggestion page
RegisterPage = Page for conferences or booth
EvntOrgRegistrationHelpMessage = Here, you can vote for an event, or suggest a new conference or booth for the project
EvntOrgRegistrationConfHelpMessage = Here, you can suggest a new conference for the project
EvntOrgRegistrationBoothHelpMessage = Here, you can suggest a new booth for the project
ListOfSuggestedConferences = List of suggested conferences

View File

@ -496,9 +496,8 @@ if (empty($reshook) && $action == 'add') {
}
if (!$error) {
$db->commit();
$encodedid = dol_encode($id, $dolibarr_main_instance_unique_id);
$securekeyurl = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$id, 2);
$redirection = $dolibarr_main_url_root.'/public/eventorganization/subscriptionok.php?id='.$encodedid.'&securekey='.$securekeyurl;
$redirection = $dolibarr_main_url_root.'/public/eventorganization/subscriptionok.php?id='.$id.'&securekey='.$securekeyurl;
Header("Location: ".$redirection);
exit;
} else {

View File

@ -430,9 +430,8 @@ if (empty($reshook) && $action == 'add') {
}
if (!$error) {
$db->commit();
$encodedid = dol_encode($id, $dolibarr_main_instance_unique_id);
$securekeyurl = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$id, 2);
$redirection = $dolibarr_main_url_root.'/public/eventorganization/subscriptionok.php?id='.$encodedid.'&securekey='.$securekeyurl;
$redirection = $dolibarr_main_url_root.'/public/eventorganization/subscriptionok.php?id='.$id.'&securekey='.$securekeyurl;
Header("Location: ".$redirection);
exit;
} else {