sec(Logout) add CSRF check

tsolucio · Dec 4, 2021 · a7d0185 · a7d0185
1 parent efd9a7b
commit a7d0185
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 1 deletion.
diff --git a/Smarty/templates/Header.tpl b/Smarty/templates/Header.tpl
@@ -318,7 +318,7 @@
 									</a>
 								</li>
 								<li class="slds-dropdown__item" role="presentation">
-									<a href="index.php?module=Users&action=Logout" role="menuitem" tabindex="-1">
+									<a href="index.php?module=Users&action=Logout&{$CSRFNAME}={''|csrf_get_tokens}" role="menuitem" tabindex="-1">
 										<span class="slds-truncate" title="{$APP.LBL_LOGOUT}">{$APP.LBL_LOGOUT}</span>
 									</a>
 								</li>

diff --git a/modules/Users/Logout.php b/modules/Users/Logout.php
@@ -14,6 +14,9 @@
 require_once 'include/utils/Session.php';
 include_once 'include/integrations/saml/saml.php';
 global $adb,$current_user;
+$_SERVER['REQUEST_METHOD'] = 'POST';
+$_POST[$GLOBALS['csrf']['input-name']] = empty($_REQUEST[$GLOBALS['csrf']['input-name']]) ? '' : $_REQUEST[$GLOBALS['csrf']['input-name']];
+Vtiger_Request::validateRequest();
 
 // Recording Logout Info
 $loghistory=new LoginHistory();

diff --git a/modules/Vtiger/header.php b/modules/Vtiger/header.php
@@ -25,6 +25,7 @@
 $smarty->assign('THEME', $theme);
 $smarty->assign('IMAGEPATH', $image_path);
 $smarty->assign('USER', $userName);
+$smarty->assign('CSRFNAME', $GLOBALS['csrf']['input-name']);
 
 $qc_modules = getQuickCreateModules();
 uasort($qc_modules, function ($a, $b) {