headers
nuclear_eclipse | 3 Oct 17:19

SF.net SVN: mantisbt:[5626] branches/BRANCH_1_1_0/mantisbt

Revision: 5626
          http://mantisbt.svn.sourceforge.net/mantisbt/?rev=5626&view=rev
Author:   nuclear_eclipse
Date:     2008-10-03 15:23:32 +0000 (Fri, 03 Oct 2008)

Log Message:
-----------
Second step of implementing form security purging.

Modified Paths:
--------------
    branches/BRANCH_1_1_0/mantisbt/account_prof_update.php
    branches/BRANCH_1_1_0/mantisbt/account_update.php
    branches/BRANCH_1_1_0/mantisbt/bug_actiongroup_ext.php
    branches/BRANCH_1_1_0/mantisbt/bug_report.php
    branches/BRANCH_1_1_0/mantisbt/bug_update.php
    branches/BRANCH_1_1_0/mantisbt/news_add.php
    branches/BRANCH_1_1_0/mantisbt/news_delete.php
    branches/BRANCH_1_1_0/mantisbt/news_update.php
    branches/BRANCH_1_1_0/mantisbt/signup.php
    branches/BRANCH_1_1_0/mantisbt/tag_attach.php
    branches/BRANCH_1_1_0/mantisbt/tag_delete.php
    branches/BRANCH_1_1_0/mantisbt/tag_detach.php
    branches/BRANCH_1_1_0/mantisbt/tag_update.php

Modified: branches/BRANCH_1_1_0/mantisbt/account_prof_update.php
===================================================================
--- branches/BRANCH_1_1_0/mantisbt/account_prof_update.php	2008-10-03 15:22:45 UTC (rev 5625)
+++ branches/BRANCH_1_1_0/mantisbt/account_prof_update.php	2008-10-03 15:23:32 UTC (rev 5626)
@@ -41,6 +41,7 @@
 	switch ( $f_action ) {
 		case 'edit':
 			$f_profile_id = gpc_get_int( 'profile_id' );
+			form_security_purge('profile_update');
 			print_header_redirect( 'account_prof_edit_page.php?profile_id=' . $f_profile_id );
 			break;

@@ -62,6 +63,7 @@
 			}

 			profile_create( $t_user_id, $f_platform, $f_os, $f_os_build, $f_description );
+			form_security_purge('profile_update');

 			if ( ALL_USERS == $t_user_id ) {
 				print_header_redirect( 'manage_prof_menu_page.php' );
@@ -81,9 +83,11 @@
 				access_ensure_global_level( config_get( 'manage_global_profile_threshold' ) );

 				profile_update( ALL_USERS, $f_profile_id, $f_platform, $f_os, $f_os_build, $f_description );
+				form_security_purge('profile_update');
 				print_header_redirect( 'manage_prof_menu_page.php' );
 			} else {
 				profile_update( auth_get_current_user_id(), $f_profile_id, $f_platform, $f_os, $f_os_build,
$f_description );
+				form_security_purge('profile_update');
 				print_header_redirect( 'account_prof_menu_page.php' );
 			}
 			break;
@@ -94,9 +98,11 @@
 				access_ensure_global_level( config_get( 'manage_global_profile_threshold' ) );

 				profile_delete( ALL_USERS, $f_profile_id );
+				form_security_purge('profile_update');
 				print_header_redirect( 'manage_prof_menu_page.php' );
 			} else {
 				profile_delete( auth_get_current_user_id(), $f_profile_id );
+				form_security_purge('profile_update');
 				print_header_redirect( 'account_prof_menu_page.php' );
 			}
 			break;
@@ -104,6 +110,7 @@
 		case 'make_default':
 			$f_profile_id = gpc_get_int( 'profile_id' );
 			current_user_set_pref( 'default_profile', $f_profile_id );
+			form_security_purge('profile_update');
 			print_header_redirect( 'account_prof_menu_page.php' );
 			break;
 	}

Modified: branches/BRANCH_1_1_0/mantisbt/account_update.php
===================================================================
--- branches/BRANCH_1_1_0/mantisbt/account_update.php	2008-10-03 15:22:45 UTC (rev 5625)
+++ branches/BRANCH_1_1_0/mantisbt/account_update.php	2008-10-03 15:23:32 UTC (rev 5626)
@@ -91,6 +91,8 @@
 		}
 	}

+	form_security_purge('account_update');
+
 	html_page_top1();
 	html_meta_redirect( $t_redirect );
 	html_page_top2();

Modified: branches/BRANCH_1_1_0/mantisbt/bug_actiongroup_ext.php
===================================================================
--- branches/BRANCH_1_1_0/mantisbt/bug_actiongroup_ext.php	2008-10-03 15:22:45 UTC (rev 5625)
+++ branches/BRANCH_1_1_0/mantisbt/bug_actiongroup_ext.php	2008-10-03 15:23:32 UTC (rev 5626)
@@ -98,6 +98,8 @@
         }
     }

+	form_security_purge( $t_form_name );
+
 	$t_redirect_url = 'view_all_bug_page.php';

 	if ( count( $t_failed_ids ) > 0 ) {

Modified: branches/BRANCH_1_1_0/mantisbt/bug_report.php
===================================================================
--- branches/BRANCH_1_1_0/mantisbt/bug_report.php	2008-10-03 15:22:45 UTC (rev 5625)
+++ branches/BRANCH_1_1_0/mantisbt/bug_report.php	2008-10-03 15:23:32 UTC (rev 5626)
@@ -154,6 +154,8 @@

 	helper_call_custom_function( 'issue_create_notify', array( $t_bug_id ) );

+	form_security_purge( 'bug_report' );
+	
 	html_page_top1();

 	if ( ! $f_report_stay ) {

Modified: branches/BRANCH_1_1_0/mantisbt/bug_update.php
===================================================================
--- branches/BRANCH_1_1_0/mantisbt/bug_update.php	2008-10-03 15:22:45 UTC (rev 5625)
+++ branches/BRANCH_1_1_0/mantisbt/bug_update.php	2008-10-03 15:23:32 UTC (rev 5626)
@@ -196,6 +196,8 @@
 	# Update the bug entry, notify if we haven't done so already
 	bug_update( $f_bug_id, $t_bug_data, true, ( false == $t_notify ) );

+	form_security_purge( 'bug_update' );
+
 	helper_call_custom_function( 'issue_update_notify', array( $f_bug_id ) );

 	print_successful_redirect_to_bug( $f_bug_id );

Modified: branches/BRANCH_1_1_0/mantisbt/news_add.php
===================================================================
--- branches/BRANCH_1_1_0/mantisbt/news_add.php	2008-10-03 15:22:45 UTC (rev 5625)
+++ branches/BRANCH_1_1_0/mantisbt/news_add.php	2008-10-03 15:23:32 UTC (rev 5626)
@@ -39,6 +39,8 @@

 	$t_news_id = news_create( helper_get_current_project(), auth_get_current_user_id(),
$f_view_state, $f_announcement, $f_headline, $f_body );

+	form_security_purge( 'news_add' );
+
 	$t_news_row = news_get_row( $t_news_id );
 ?>
 <?php html_page_top1() ?>

Modified: branches/BRANCH_1_1_0/mantisbt/news_delete.php
===================================================================
--- branches/BRANCH_1_1_0/mantisbt/news_delete.php	2008-10-03 15:22:45 UTC (rev 5625)
+++ branches/BRANCH_1_1_0/mantisbt/news_delete.php	2008-10-03 15:23:32 UTC (rev 5626)
@@ -43,6 +43,8 @@

 	news_delete( $f_news_id );

+	form_security_purge( 'news_delete' );
+
 	$t_redirect_url = 'news_menu_page.php';
 	html_page_top1();
 	html_meta_redirect( $t_redirect_url );

Modified: branches/BRANCH_1_1_0/mantisbt/news_update.php
===================================================================
--- branches/BRANCH_1_1_0/mantisbt/news_update.php	2008-10-03 15:22:45 UTC (rev 5625)
+++ branches/BRANCH_1_1_0/mantisbt/news_update.php	2008-10-03 15:23:32 UTC (rev 5626)
@@ -45,6 +45,8 @@
 	access_ensure_project_level( config_get( 'manage_news_threshold' ), $f_project_id );

 	news_update( $f_news_id, $f_project_id, $f_view_state, $f_announcement, $f_headline, $f_body );
+
+	form_security_purge( 'news_update' );
 ?>
 <?php html_page_top1() ?>
 <?php html_page_top2() ?>

Modified: branches/BRANCH_1_1_0/mantisbt/signup.php
===================================================================
--- branches/BRANCH_1_1_0/mantisbt/signup.php	2008-10-03 15:22:45 UTC (rev 5625)
+++ branches/BRANCH_1_1_0/mantisbt/signup.php	2008-10-03 15:23:32 UTC (rev 5626)
@@ -67,6 +67,8 @@
 		email_notify_new_account( $f_username, $f_email );
 	}

+	form_security_purge( 'signup' );
+
 	html_page_top1();
 	html_page_top2a();
 ?>

Modified: branches/BRANCH_1_1_0/mantisbt/tag_attach.php
===================================================================
--- branches/BRANCH_1_1_0/mantisbt/tag_attach.php	2008-10-03 15:22:45 UTC (rev 5625)
+++ branches/BRANCH_1_1_0/mantisbt/tag_attach.php	2008-10-03 15:23:32 UTC (rev 5626)
@@ -118,5 +118,7 @@
 			}
 		}

+		form_security_purge( 'tag_attach' );
+
 		print_successful_redirect_to_bug( $f_bug_id );
 	}

Modified: branches/BRANCH_1_1_0/mantisbt/tag_delete.php
===================================================================
--- branches/BRANCH_1_1_0/mantisbt/tag_delete.php	2008-10-03 15:22:45 UTC (rev 5625)
+++ branches/BRANCH_1_1_0/mantisbt/tag_delete.php	2008-10-03 15:23:32 UTC (rev 5626)
@@ -36,5 +36,6 @@

 	form_security_validate( 'tag_delete' );
 	tag_delete( $f_tag_id );
+	form_security_purge( 'tag_delete' );
 	
 	print_successful_redirect( config_get( 'default_home_page' ) );

Modified: branches/BRANCH_1_1_0/mantisbt/tag_detach.php
===================================================================
--- branches/BRANCH_1_1_0/mantisbt/tag_detach.php	2008-10-03 15:22:45 UTC (rev 5625)
+++ branches/BRANCH_1_1_0/mantisbt/tag_detach.php	2008-10-03 15:23:32 UTC (rev 5626)
@@ -43,5 +43,6 @@

 	form_security_validate( 'tag_detach' );
 	tag_bug_detach( $f_tag_id, $f_bug_id );
+	form_security_purge( 'tag_detach' );
 	
 	print_successful_redirect_to_bug( $f_bug_id );

Modified: branches/BRANCH_1_1_0/mantisbt/tag_update.php
===================================================================
--- branches/BRANCH_1_1_0/mantisbt/tag_update.php	2008-10-03 15:22:45 UTC (rev 5625)
+++ branches/BRANCH_1_1_0/mantisbt/tag_update.php	2008-10-03 15:23:32 UTC (rev 5626)
@@ -65,5 +65,7 @@

 	tag_update( $f_tag_id, $f_new_name, $f_new_user_id, $f_new_description );
 		
+	form_security_purge( 'tag_update' );
+
 	$t_url = 'tag_view_page.php?tag_id='.$f_tag_id;
 	print_successful_redirect( $t_url );

This was sent by the SourceForge.net collaborative development platform, the world's largest Open
Source development site.

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
Permalink | Reply |

Gmane