Nemcio/Grav-Admin-Plugin
1
0
Fork 0
mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2025-12-27 02:40:48 +01:00
Code Issues Packages Projects Releases Activity

Make sure we don't process the nonce as a Data value

Browse Source
This commit is contained in:
Flavio Copes
2015-11-17 23:31:58 +01:00
parent b8cc2639c4
commit 1c8a33f7a9
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
classes/controller.php
View File

@@ -92,6 +92,7 @@ class AdminController
$this->admin->setMessage('Unauthorized', 'error');
return false;
}
unset($this->post['admin-nonce']);
} else {
if ($this->task == 'logout') {
$nonce = $this->grav['uri']->param('logout-nonce');