3205-part1.patch - CB - Joomlapolis forge

Feature proposal #3205 » 3205-part1.patch

krileon, 07 February 2012 22:10

     	global $_CB_framework, $_CB_database, $ueConfig, $_PLUGINS, $_POST;
     	// simple spoof check security
     	checkCBPostIsHTTPS();
     	cbSpoofCheck( 'lostPassForm' );
     	cbRegAntiSpamCheck();
-...
     	global $_CB_framework, $_CB_database, $ueConfig, $_POST, $_PLUGINS;
     	// simple spoof check security
     	checkCBPostIsHTTPS();
     	cbSpoofCheck( 'registerForm' );
     	cbRegAntiSpamCheck();
-...
     function login( $username=null, $passwd2=null ) {
         global $_POST, $_CB_framework, $ueConfig;
     	checkCBPostIsHTTPS();
         if ( count( $_POST ) == 0 ) {
         	HTML_comprofiler::loginForm( 'com_comprofiler', $_POST, null );
         	return;
-...
     	return;
+    }
     function checkCBPostIsHTTPS( $return = false ) {
     	global $_CB_framework, $_CB_database, $_SERVER;
     	$isHttps			=	( isset( $_SERVER['HTTPS'] ) && ( ! empty( $_SERVER['HTTPS'] ) ) && ( $_SERVER['HTTPS'] != 'off' ) );
     	if ( file_exists( $_CB_framework->getCfg( 'absolute_path' ) . '/modules/' . ( checkJversion() > 0 ? 'mod_cblogin/' : null ) . 'mod_cblogin.php' ) ) {
     		$query			=	'SELECT ' . $_CB_database->NameQuote( 'params' )
     						.	"\n FROM " . $_CB_database->NameQuote( '#__modules' )
     						.	"\n WHERE " . $_CB_database->NameQuote( 'module' ) . " = " . $_CB_database->Quote( 'mod_cblogin' )
     						.	"\n ORDER BY " . $_CB_database->NameQuote( 'ordering' );
     		$_CB_database->setQuery( $query, 0, 1 );
     		$module			=	$_CB_database->loadResult();
     		if ( $module ) {
     			$params		=	new cbParamsBase( $module );
     			$https_post	=	(int) $params->get( 'https_post', 0 );
     		} else {
     			$https_post	=	0;
+    		}
     	} else {
     		$https_post		=	0;
+    	}
     	if ( $return ) {
     		return $https_post;
     	} else {
     		if ( $https_post && ( ! $isHttps ) ) {
     			header( 'HTTP/1.0 403 Forbidden' );
     			exit( _UE_NOT_AUTHORIZED );
+    		}
+    	}
+    }
     ?>

« Previous
1
2
Next »

(1-1/2)

Project

General

Profile

CB

Feature proposal #3205 » 3205-part1.patch