Nemcio/Grav-Admin-Plugin
1
0
Fork 0
mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2026-01-03 14:20:43 +01:00
Code Issues Packages Projects Releases Activity

Only check for nonce if the getNonce method exists (nonces are implemented in Grav)

Browse Source
This commit is contained in:
Flavio Copes
2015-11-13 18:20:18 +01:00
parent db540c9c1f
commit 1840eb80f3
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
classes/controller.php
View File

@@ -87,9 +87,11 @@ class AdminController
public function execute()
{
if (strtolower($_SERVER['REQUEST_METHOD']) == 'post') {
if (!isset($this->post['admin-nonce']) || !Utils::verifyNonce($this->post['admin-nonce'], 'admin-form')) {
$this->admin->setMessage('Unauthorized', 'error');
return false;
if (method_exists('Utils', 'getNonce')) {
if (!isset($this->post['admin-nonce']) || !Utils::verifyNonce($this->post['admin-nonce'], 'admin-form')) {
$this->admin->setMessage('Unauthorized', 'error');
return false;
}
}
}