]> git.mjollnir.org Git - moodle.git/commitdiff
projects / moodle.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 81d1f09)
blocks: MDL-20711 prevent XSRF.
authorTim Hunt <T.J.Hunt@open.ac.uk>
Mon, 2 Nov 2009 17:16:28 +0000 (17:16 +0000)
committerTim Hunt <T.J.Hunt@open.ac.uk>
Mon, 2 Nov 2009 17:16:28 +0000 (17:16 +0000)
Uses new require_sesskey function from MDL-20702.

lib/blocklib.php patch | blob | history

diff --git a/lib/blocklib.php b/lib/blocklib.php
index e7e01e5abbb5adf141aacf0ea054b69dd8eaf384..b6e6489aa51577c5d1a51bc283bad8326ed6c608 100644 (file)
--- a/lib/blocklib.php
+++ b/lib/blocklib.php
@@ -959,7 +959,7 @@ class block_manager {
             return false;
         }
 
-        confirm_sesskey();
+        require_sesskey();
 
         if (!$this->page->user_can_edit_blocks()) {
             throw new moodle_exception('nopermissions', '', $this->page->url->out(), get_string('addblock'));
@@ -987,7 +987,7 @@ class block_manager {
             return false;
         }
 
-        confirm_sesskey();
+        require_sesskey();
 
         $block = $this->page->blocks->find_instance($blockid);
 
@@ -1016,7 +1016,7 @@ class block_manager {
             return false;
         }
 
-        confirm_sesskey();
+        require_sesskey();
 
         $block = $this->page->blocks->find_instance($blockid);
 
@@ -1046,7 +1046,7 @@ class block_manager {
             return false;
         }
 
-        confirm_sesskey();
+        require_sesskey();
         require_once($CFG->dirroot . '/blocks/edit_form.php');
 
         $block = $this->find_instance($blockid);
@@ -1169,7 +1169,7 @@ class block_manager {
             return false;
         }
 
-        confirm_sesskey();
+        require_sesskey();
 
         $block = $this->find_instance($blockid);
 
Unnamed repository; edit this file to name it for gitweb.