From f0dfa9f4bb885178de0dde42eebc4e5e5321bef2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Fri, 05 Jun 2015 04:50:05 -0400
Subject: [PATCH] - added http -> https rewriting - backported patches

---
 interface/web/admin/remote_action_osupdate.php |    9 +++++++++
 1 files changed, 9 insertions(+), 0 deletions(-)

diff --git a/interface/web/admin/remote_action_osupdate.php b/interface/web/admin/remote_action_osupdate.php
index 8f48e29..5e73cdf 100644
--- a/interface/web/admin/remote_action_osupdate.php
+++ b/interface/web/admin/remote_action_osupdate.php
@@ -62,6 +62,10 @@
  * If the user wants to do the action, write this to our db
 */
 if (isset($_POST['server_select'])) {
+	
+	//* CSRF Check
+	$app->auth->csrf_token_check();
+	
 	$server = $_POST['server_select'];
 	$servers = array();
 	if ($server == '*') {
@@ -84,6 +88,11 @@
 
 $app->tpl->setVar('msg', $msg);
 
+//* SET csrf token
+$csrf_token = $app->auth->csrf_token_get('osupdate');
+$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
+$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
+
 $app->tpl->setVar($wb);
 
 $app->tpl_defaults();

--
Gitblit v1.9.1