diff options
Diffstat (limited to 'h-source/Application/Controllers')
| -rw-r--r-- | h-source/Application/Controllers/BaseController.php | 5 | ||||
| -rw-r--r-- | h-source/Application/Controllers/IssuesController.php | 10 |
2 files changed, 8 insertions, 7 deletions
diff --git a/h-source/Application/Controllers/BaseController.php b/h-source/Application/Controllers/BaseController.php index 76fc4d3..db85405 100644 --- a/h-source/Application/Controllers/BaseController.php +++ b/h-source/Application/Controllers/BaseController.php @@ -24,8 +24,9 @@ class BaseController extends Controller { protected $lang; - protected $ismoderator; + protected $ismoderator = false; protected $querySanitized = true; + protected $token = 'token'; protected $_topMenuClasses = array( "home" => null, @@ -56,13 +57,13 @@ class BaseController extends Controller $data['islogged'] = 'no'; $data['token'] = 'token'; $data['ismoderator'] = false; - $this->ismoderator = false; if ($this->s['registered']->status['status'] === 'logged') { $data['username'] = $this->s['registered']->status['user']; $data['islogged'] = 'yes'; $data['token'] = $this->s['registered']->status['token']; + $this->token = $data['token']; $data['ismoderator'] = in_array('moderator',$this->s['registered']->status['groups']) ? true : false; $this->ismoderator = $data['ismoderator']; } diff --git a/h-source/Application/Controllers/IssuesController.php b/h-source/Application/Controllers/IssuesController.php index efda83e..53b3c58 100644 --- a/h-source/Application/Controllers/IssuesController.php +++ b/h-source/Application/Controllers/IssuesController.php @@ -36,7 +36,7 @@ class IssuesController extends BaseController $argKeys = array( 'page:forceNat' => 1, - 'token:sanitizeAlphanum' => 'token' + 'token:sanitizeAlphanum' => $this->token, ); $this->setArgKeys($argKeys); @@ -57,7 +57,7 @@ class IssuesController extends BaseController { if ($this->s['registered']->status['status'] === 'logged') { - if (!$this->s['registered']->checkCsrf($this->viewArgs['token'])) $this->redirect('home/index'.$this->lang,2,'wrong token..'); + if (!$this->s['registered']->checkCsrf($this->viewArgs['token'])) $this->redirect('home/index/'.$this->lang,2,'wrong token..'); if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) $this->redirect('my/home/'.$this->lang,2,'your account has been blocked..'); @@ -77,7 +77,7 @@ class IssuesController extends BaseController { if ($this->s['registered']->status['status'] === 'logged') { - if (!$this->s['registered']->checkCsrf($this->viewArgs['token'])) $this->redirect('home/index'.$this->lang,2,'wrong token..'); + if (!$this->s['registered']->checkCsrf($this->viewArgs['token'])) $this->redirect('home/index/'.$this->lang,2,'wrong token..'); $data['preview_message'] = $this->request->post('message','','sanitizeHtml'); $this->m['IssuesModel']->result = false; @@ -126,7 +126,7 @@ class IssuesController extends BaseController { if ($this->s['registered']->status['status'] === 'logged') { - if (!$this->s['registered']->checkCsrf($this->viewArgs['token'])) $this->redirect('home/index'.$this->lang,2,'wrong token..'); + if (!$this->s['registered']->checkCsrf($this->viewArgs['token'])) $this->redirect('home/index/'.$this->lang,2,'wrong token..'); if ($this->m['UsersModel']->isBlocked($this->s['registered']->status['id_user'])) $this->redirect('my/home/'.$this->lang,2,'your account has been blocked..'); @@ -141,7 +141,7 @@ class IssuesController extends BaseController { if ($this->s['registered']->status['status'] === 'logged') { - if (!$this->s['registered']->checkCsrf($this->viewArgs['token'])) $this->redirect('home/index'.$this->lang,2,'wrong token..'); + if (!$this->s['registered']->checkCsrf($this->viewArgs['token'])) $this->redirect('home/index/'.$this->lang,2,'wrong token..'); $data['preview_message'] = $this->request->post('message','','sanitizeHtml'); $this->m['MessagesModel']->result = false; |