harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

SECURITY: dir_sort_links() exposes session cookie

Browse Source
This commit is contained in:
friendica 2015-01-08 19:09:52 -08:00
parent 836223bf5b
commit 1e4e7ce2d3
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
include/dir_fns.php
View File

@ -56,10 +56,10 @@ function dir_sort_links() {
$current_order = (($_REQUEST['order']) ? $_REQUEST['order'] : 'normal');
$url = 'directory?';
$tmp = $_REQUEST;
$tmp = array_merge($_GET,$_POST);
unset($tmp['order']);
$sorturl = $url . http_build_query($tmp);
$tmp = $_REQUEST;
$tmp = array_merge($_GET,$_POST);
unset($tmp['pubforums']);
$forumsurl = $url . http_build_query($tmp);