validate local redirection actions in jumpto.php SC#310

author skodak <skodak>

Mon, 11 Sep 2006 06:47:38 +0000 (06:47 +0000)

committer skodak <skodak>

Mon, 11 Sep 2006 06:47:38 +0000 (06:47 +0000)
author skodak <skodak>
Mon, 11 Sep 2006 06:47:38 +0000 (06:47 +0000)
committer skodak <skodak>
Mon, 11 Sep 2006 06:47:38 +0000 (06:47 +0000)
diff --git a/course/jumpto.php b/course/jumpto.php

index c6342662583bf0d5ccb227e26f49169135ac0819..ce4df789f03b9a7dac5f6a9706fb3000d3e18930 100644 (file)
--- a/course/jumpto.php
+++ b/course/jumpto.php
@@ -10,6 +10,10 @@
  
      $jump = optional_param('jump', '', PARAM_RAW);
  
+    if (!confirm_sesskey()) {
+        print_error('confirmsesskeybad');
+    }
+
      if (strpos($jump, $CFG->wwwroot) === 0) {            // Anything on this site
          redirect(urldecode($jump));
      } else if (preg_match('/^[a-z]+\.php\?/', $jump)) { 
diff --git a/lib/weblib.php b/lib/weblib.php

index 01ce4f0649aa123df4502229b6d86dc62a7a6c72..aeebd5f897c4f4ee0486db9cf1ab3ff2db1b0012 100644 (file)
--- a/lib/weblib.php
+++ b/lib/weblib.php
@@ -1053,6 +1053,7 @@ function popup_form($common, $options, $formname, $selected='', $nothing='choose
      }
  
      $output .= '</select>';
+    $output .= '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
      $output .= '<noscript id="noscript'.$formname.'" style="display: inline;">';
      $output .= '<input type="submit" value="'.$go.'" /></noscript>';
      $output .= '<script type="text/javascript">'.
course/jumpto.php		patch \| blob \| history
lib/weblib.php		patch \| blob \| history