admin/Facilitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FSN#37517 PENTEST PINE 4.7.1: CSRF token vaker gebruiken

Browse Source 
svn path=/Website/trunk/; revision=30495
This commit is contained in:
Erik Groener
2016-09-01 11:14:08 +00:00
parent 8885ad9b2f
commit 77efcab7fa
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
APPL/Shared/UploadForm_save.asp
View File

@@ -119,7 +119,8 @@ function jslog(str) // VB Vindt de twee underscores niet leuk
oRs.close();
pKey = String(afspr_key);
}
var ptxt = L("lcl_shared_attachment_add").format(params.kenmerkoms, result.safefilename);
var ptxt = L("lcl_shared_attachment_add").format(params.kenmerkoms, found_files[0].name);
shared.trackaction(params.trackcode, pKey, ptxt);
}
@@ -298,6 +299,7 @@ Public Function VB_getfiles()
filepathname = UploadRequest.Item("imgfile").Item("FileName")
value = MultiByteToBinary(UploadRequest.Item("imgfile").Item("Value"))
js_add_file filepathname, value, contentType
result.add "safefilename", filepathname
' Vul via de (Javascipt) functie js_add_field de globale found_fields
' met de hidden form-fields uit de header