diff options
| author | Michael Tänzer <neo@nhng.de> | 2011-08-16 23:22:04 +0200 |
|---|---|---|
| committer | Michael Tänzer <neo@nhng.de> | 2011-08-16 23:22:04 +0200 |
| commit | 32038d25e6997a4d5366c4829931279dabe608cb (patch) | |
| tree | 9b58adc452612152c020256f7f1dbdda71d6062c /includes/account.php | |
| parent | b7d0a97b288ff6b02e1a3c7f18175132864bb0d9 (diff) | |
| download | cacert-devel-32038d25e6997a4d5366c4829931279dabe608cb.tar.gz cacert-devel-32038d25e6997a4d5366c4829931279dabe608cb.tar.xz cacert-devel-32038d25e6997a4d5366c4829931279dabe608cb.zip | |
bug 966: Same problem in other forms too.
Generally blacklist the string _("Cancel"), whitelisting "Delete" does not
work:
a) It has to be get_text()ed
b) Any change to the wording would break the check
Following it up by a separate commit removing all process parameters in
the forms on cancel
Signed-off-by: Michael Tänzer <neo@nhng.de>
Diffstat (limited to 'includes/account.php')
| -rw-r--r-- | includes/account.php | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/includes/account.php b/includes/account.php index 900bbce..c1f6542 100644 --- a/includes/account.php +++ b/includes/account.php @@ -35,6 +35,12 @@ exit; } + if ($process == _("Cancel")) + { + // General reset CANCEL process requests + $process = ""; + } + if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46) { @@ -2286,7 +2292,7 @@ $id = 32; } - if($oldid == 34 && $process == "Delete") + if($oldid == 34 && $process != "") { $orgid = intval($_SESSION['_config']['orgid']); $memid = intval($_REQUEST['memid']); |