From 24893d9275acfed3c5126890b7b671bbcacb5281 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=B6=82=E7=A6=8F?= <2581047041@qq.com>
Date: Mon, 1 Aug 2022 13:42:39 +0800
Subject: [PATCH] =?UTF-8?q?=E8=A7=A3=E5=86=B3csrf=E5=AE=89=E5=85=A8?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/home/c/UserController.php | 9 ++++++++-
 static/cms/user/userinfo.html | 1 +
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/app/home/c/UserController.php b/app/home/c/UserController.php
index 12b6aa0..f2ef9dd 100644
--- a/app/home/c/UserController.php
+++ b/app/home/c/UserController.php
@@ -62,6 +62,12 @@ function userinfo(){
 		$this->checklogin();
 		if($_POST){
 			$w = $this->frparam();
+            if(!isset($w['csrfkey']) || $w['csrfkey']!=$_SESSION['csrfkey']){
+                if($this->frparam('ajax')){
+                    JsonReturn(['code'=>1,'msg'=>JZLANG('非法操作！')]);
+                }
+                Error(JZLANG('非法操作！'));
+            }
 			$w = get_fields_data($w,'member',0);
 			unset($w['jifen']);
 			unset($w['money']);
@@ -167,7 +173,8 @@ function userinfo(){
 			Error(JZLANG('修改成功！'));
 			
 		}
-		
+        $_SESSION['csrfkey'] = getRandChar(32);
+        $this->csrfkey = $_SESSION['csrfkey'];
 		$this->display($this->template.'/user/userinfo');
        
     }
diff --git a/static/cms/user/userinfo.html b/static/cms/user/userinfo.html
index 9e032d0..f7c6a38 100644
--- a/static/cms/user/userinfo.html
+++ b/static/cms/user/userinfo.html
@@ -19,6 +19,7 @@
       <div class="user-content">
         <h2>资料与账号</h2>
         <form action="" method="POST" onsubmit="return checkform()" id="jizhiform" class="user-form">
+          <input type="hidden" name="csrfkey" value="{$csrfkey}">
           <span id="fields_ext"></span>
           <div class="form-control">
             <label for="password">新密码：</label>