lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #11796 from hregis/develop_menu

Browse Source 
FIX possibility to bypass captcha if it has been validated otherwise
This commit is contained in:
Laurent Destailleur 2019-09-03 13:02:49 +02:00 committed by GitHub
commit 89160c4594
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/main.inc.php
View File

@ -493,7 +493,7 @@ if (! defined('NOLOGIN'))
}
// Verification security graphic code
if (GETPOST("username", "alpha", 2) && ! empty($conf->global->MAIN_SECURITY_ENABLECAPTCHA))
if (GETPOST("username", "alpha", 2) && ! empty($conf->global->MAIN_SECURITY_ENABLECAPTCHA) && ! isset($_SESSION['dol_bypass_antispam']))
{
$sessionkey = 'dol_antispam_value';
$ok=(array_key_exists($sessionkey, $_SESSION) === true && (strtolower($_SESSION[$sessionkey]) == strtolower($_POST['code'])));