FSN#37517 PENTEST PINE 4.7.1: CSRF token vaker gebruiken

svn path=/Website/trunk/; revision=30487

APPL/Shared/BijlagenForm.asp

@@ -158,15 +158,14 @@ if (fso.FolderExists(params.AttachPath))
         document.forms.finder.submit();
       }
 
-      function DeleteFile(fname)
+      function DeleteFile(fname, safeDeleteurl)
       {
         if (confirm(L("lcl_delete") + " " + fname + "?"))
         {
-            var purl = '<%=safe.jsstring(protectQS.create("BijlagenForm_delete.asp?x=x"+transitParam))%>';
-            var data = {DoDelete: fname};
+            var data = {};
             protectRequest.dataToken(data);
 
-            $.post(purl,
+            $.post(safeDeleteurl,
                    data,
                    FcltCallbackRefresh
                   );
@@ -305,7 +304,7 @@ if (fso.FolderExists(params.AttachPath))
               <TD align='right'><%=fileArray[i].vFileSize%></TD>
 <%            if (!pReado)
               { %>
-                <td align=center><img onClick="DeleteFile('<%=safe.jsstring(fileArray[i].vFileName)%>')"
+                <td align=center><img onClick="DeleteFile('<%=safe.jsstring(fileArray[i].vFileName)%>', '<%=safe.jsstring(protectQS.create("Bijlagenform_delete.asp?DoDelete="+Server.URLEncode(fileArray[i].vFileName)+transitParam))%>')"
                     src='../pictures/delete.gif' title='<%=L("lcl_filedelete")%>'>
                 </td>
 <%            } %>

APPL/Shared/BijlagenForm_delete.asp

@@ -25,7 +25,7 @@ var pModule = getQParamSafe("module");
 var pNiveau = getQParamSafe("niveau", "");
 var pKenmerk_key = getQParamInt("kenmerk_key", -1);
 var pAlgLevel = getQParam("kenmerk_module", "");
-var pDoDelete = getFParam("DoDelete", "");
+var pDoDelete = getQParam("DoDelete", "");
 
 var params = flexProps(pModule, pKey, String(pKenmerk_key), pNiveau, {alglevel: pAlgLevel});