summaryrefslogtreecommitdiff
path: root/includes/account.php
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2011-08-16 23:22:04 +0200
committerMichael Tänzer <neo@nhng.de>2011-08-16 23:22:04 +0200
commit32038d25e6997a4d5366c4829931279dabe608cb (patch)
tree9b58adc452612152c020256f7f1dbdda71d6062c /includes/account.php
parentb7d0a97b288ff6b02e1a3c7f18175132864bb0d9 (diff)
downloadcacert-devel-32038d25e6997a4d5366c4829931279dabe608cb.tar.gz
cacert-devel-32038d25e6997a4d5366c4829931279dabe608cb.tar.xz
cacert-devel-32038d25e6997a4d5366c4829931279dabe608cb.zip
bug 966: Same problem in other forms too.
Generally blacklist the string _("Cancel"), whitelisting "Delete" does not work: a) It has to be get_text()ed b) Any change to the wording would break the check Following it up by a separate commit removing all process parameters in the forms on cancel Signed-off-by: Michael Tänzer <neo@nhng.de>
Diffstat (limited to 'includes/account.php')
-rw-r--r--includes/account.php8
1 files changed, 7 insertions, 1 deletions
diff --git a/includes/account.php b/includes/account.php
index 900bbce..c1f6542 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -35,6 +35,12 @@
exit;
}
+ if ($process == _("Cancel"))
+ {
+ // General reset CANCEL process requests
+ $process = "";
+ }
+
if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
{
@@ -2286,7 +2292,7 @@
$id = 32;
}
- if($oldid == 34 && $process == "Delete")
+ if($oldid == 34 && $process != "")
{
$orgid = intval($_SESSION['_config']['orgid']);
$memid = intval($_REQUEST['memid']);