oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

forum security fix

Browse source
This commit is contained in:
JT Smith 2003-11-16 23:59:21 +00:00
parent dccdefeeea
commit e69e464721
5 changed files with 48 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

11
lib/WebGUI/Wobject/Article.pm
View file

@ -193,7 +193,16 @@ sub www_view {
$templateId = $_[0]->get("templateId");
}
if ($session{form}{forumOp}) {
return WebGUI::Forum::UI::forumOp($callback,$_[0]->get("title"),$_[0]->get("description"));
unless ($!= $_[0]->get("wobjectId")) {
WebGUI::ErrorHandler::security("access a forum that was not related to this message board (".$_[0]->get("wobjectId").")");
return WebGUI::Privilege::insufficient();
}
return WebGUI::Forum::UI::forumOp({
callback=>$callback,
title=>$_[0]->get("title"),
description=>$_[0]->get("description"),
forumId=>$_[0]->get("forumId")
});
} else {
return $_[0]->processTemplate($templateId,\%var);
}