Code commits
phpBB Rhea
-
nicofuma 19bbbfe0f3e9898f2ee8d8d392ecf2584dafce86
Merge branch '3.1.x' into 3.2.x
* 3.1.x:
[ticket/14789] Add form tokens to tests and uncomment add_form_key
[ticket/14789] Add link hashes and form tokens to all acp links/buttons -
nicofuma bc08813866a4496b88777a5d152f601ac521fef1 m
Merge pull request #4452 from marc1706/ticket/14789
[ticket/14789] Further harden ACP link and form checks
* marc1706/ticket/14789:
[ticket/14789] Add form tokens to tests and uncomment add_form_key
[ticket/14789] Add link hashes and form tokens to all acp links/buttons -
Marc 72f6241aa2c6d129c8c49380d84fd915d589aa6c m
[ticket/14789] Add form tokens to tests and uncomment add_form_key
PHPBB3-14789- phpBB/includes/acp/acp_search.php (version 72f6241aa2c6d129c8c49380d84fd915d589aa6c)
- tests/functional/search/base.php (version 72f6241aa2c6d129c8c49380d84fd915d589aa6c)
-
Marc 585a3ed863c267f36584a3fb9a0cf35f6a2e4c2d m
[ticket/14789] Add link hashes and form tokens to all acp links/buttons
This will further harden the ACP security by adding link hashes to links and
form tokens to forms that did not have these yet and result in modified
settings or write action on the filesystem or database. These few links and
forms were still relying on the global ACP protection, mainly due to them
not posing further risks of compromising data. After this change these will
now also be properly protected against tampering.
PHPBB3-14789- phpBB/includes/acp/acp_database.php (version 585a3ed863c267f36584a3fb9a0cf35f6a2e4c2d)
- phpBB/includes/acp/acp_icons.php (version 585a3ed863c267f36584a3fb9a0cf35f6a2e4c2d)
- phpBB/includes/acp/acp_language.php (version 585a3ed863c267f36584a3fb9a0cf35f6a2e4c2d)
- phpBB/includes/acp/acp_modules.php (version 585a3ed863c267f36584a3fb9a0cf35f6a2e4c2d)
- phpBB/includes/acp/acp_permission_roles.php (version 585a3ed863c267f36584a3fb9a0cf35f6a2e4c2d)
- phpBB/includes/acp/acp_profile.php (version 585a3ed863c267f36584a3fb9a0cf35f6a2e4c2d)
- phpBB/includes/acp/acp_reasons.php (version 585a3ed863c267f36584a3fb9a0cf35f6a2e4c2d)
- phpBB/includes/acp/acp_search.php (version 585a3ed863c267f36584a3fb9a0cf35f6a2e4c2d)