Skip to content

Commit d0d1451

Browse files
poliphilochupoliphilochu
committed
refs #41788. Improve CSRF protection in coupon copy
1 parent e82dada commit d0d1451

File tree

1 file changed

+22
-2
lines changed

1 file changed

+22
-2
lines changed

CRM/Coupon/Page/Coupon.php

Lines changed: 22 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ function &actionLinks() {
3535
CRM_Core_Action::COPY => array(
3636
'name' => ts('Copy'),
3737
'url' => CRM_Utils_System::currentPath(),
38-
'qs' => 'action=copy&id=%%id%%',
38+
'qs' => 'action=copy&id=%%id%%&key=%%key%%',
3939
'extra' => 'onclick = "return confirm(\'' . $copyExtra . '\');"',
4040
),
4141
CRM_Core_Action::DISABLE => array(
@@ -202,7 +202,18 @@ function browse() {
202202
$action -= CRM_Core_Action::DISABLE;
203203
}
204204

205-
$coupon[$dao->id]['action'] = CRM_Core_Action::formLink(self::actionLinks(), $action, array('id' => $dao->id));
205+
$name = get_class($this);
206+
$key = CRM_Core_Key::get($name);
207+
$this->assign('key', $key);
208+
209+
$coupon[$dao->id]['action'] = CRM_Core_Action::formLink(
210+
self::actionLinks(),
211+
$action,
212+
array(
213+
'id' => $dao->id,
214+
'key' => $key
215+
)
216+
);
206217
}
207218
$couponIds = array_keys($coupon);
208219
$couponUses = CRM_Coupon_BAO_Coupon::getCouponUsed($couponIds);
@@ -296,6 +307,15 @@ function edit($id, $action) {
296307
* @access public
297308
*/
298309
function copy() {
310+
$key = CRM_Utils_Request::retrieve('key', 'String',
311+
CRM_Core_DAO::$_nullObject, TRUE, NULL, 'REQUEST'
312+
);
313+
314+
$name = get_class($this);
315+
if (!CRM_Core_Key::validate($key, $name)) {
316+
return CRM_Core_Error::statusBounce(ts('Sorry, we cannot process this request for security reasons. The request may have expired or is invalid. Please return to the coupon list and try again.'));
317+
}
318+
299319
$id = CRM_Utils_Request::retrieve('id', 'Positive',
300320
$this, TRUE, 0, 'GET'
301321
);

0 commit comments

Comments
 (0)