From ebd0e986ed11f2a34fb58cdd33efbfab192083ad Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Fri, 22 Apr 2016 05:26:17 -0400
Subject: [PATCH] Added PHP 7 check in installer and updater.

---
 interface/web/admin/remote_action_ispcupdate.php |   11 ++++++++++-
 1 files changed, 10 insertions(+), 1 deletions(-)

diff --git a/interface/web/admin/remote_action_ispcupdate.php b/interface/web/admin/remote_action_ispcupdate.php
index e8c8b24..d207dd0 100644
--- a/interface/web/admin/remote_action_ispcupdate.php
+++ b/interface/web/admin/remote_action_ispcupdate.php
@@ -66,6 +66,10 @@
 
 //* Note: Disabled post action
 if (1 == 0 && isset($_POST['server_select'])) {
+	
+	//* CSRF Check
+	$app->auth->csrf_token_check();
+	
 	$server = $_POST['server_select'];
 	$servers = array();
 	if ($server == '*') {
@@ -81,7 +85,7 @@
 	foreach ($servers as $serverId) {
 		$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
 			"VALUES (".
-			(int)$serverId . ", " .
+			$app->functions->intval($serverId) . ", " .
 			time() . ", " .
 			"'ispc_update', " .
 			"'', " .
@@ -95,6 +99,11 @@
 
 $app->tpl->setVar('msg', $msg);
 
+//* SET csrf token
+$csrf_token = $app->auth->csrf_token_get('ispupdate');
+$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
+$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
+
 $app->tpl->setVar($wb);
 
 $app->tpl_defaults();

--
Gitblit v1.9.1