Falscher CSRF-Schutz
bernd commited on 2007-08-09 19:27:59
Zeige 1 geänderte Dateien mit 2 Einfügungen und 2 Löschungen.
git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@610 87cf0b9e-d624-0410-a070-f6ee81989793
- modules/mysql/databases.php 8a44ef9..2fc2c90
| ... | ... |
@@ -52,7 +52,7 @@ if (isset($_GET['action'])) |
| 52 | 52 |
} |
| 53 | 53 |
break; |
| 54 | 54 |
case 'change_pw': |
| 55 |
- check_form_token('mysql_databases_change_pw');
|
|
| 55 |
+ check_form_token('mysql_databases');
|
|
| 56 | 56 |
set_mysql_password($_POST['mysql_username'], $_POST['mysql_password']); |
| 57 | 57 |
header("Location: ?");
|
| 58 | 58 |
$output_something = false; |
| ... | ... |
@@ -67,7 +67,7 @@ $users = get_mysql_accounts($_SESSION['userinfo']['uid']); |
| 67 | 67 |
|
| 68 | 68 |
if (isset($_POST['access'])) |
| 69 | 69 |
{
|
| 70 |
- check_form_token('mysql_databases_access');
|
|
| 70 |
+ check_form_token('mysql_databases');
|
|
| 71 | 71 |
/* Eine neue Datenbank */ |
| 72 | 72 |
if ($_POST['new_db'] != '') |
| 73 | 73 |
{
|
| 74 | 74 |