From d3bac76b2ee415fd4da59d1e869b46fd9b48f0f6 Mon Sep 17 00:00:00 2001 From: Chl Date: Sun, 17 Dec 2023 00:22:21 +0100 Subject: [PATCH] CSRF-protect the form + update the version Fix #8 --- core/modules/modsendrecurringinvoicebymail.class.php | 2 +- fiche-rec-tab1.php | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/core/modules/modsendrecurringinvoicebymail.class.php b/core/modules/modsendrecurringinvoicebymail.class.php index f26bf39..f2a029d 100644 --- a/core/modules/modsendrecurringinvoicebymail.class.php +++ b/core/modules/modsendrecurringinvoicebymail.class.php @@ -69,7 +69,7 @@ class modsendrecurringinvoicebymail extends DolibarrModules $this->editor_url = 'https://code.bugness.org/Dolibarr/sendrecurringinvoicebymail'; // Possible values for version are: 'development', 'experimental', 'dolibarr', 'dolibarr_deprecated' or a version string like 'x.y.z' - $this->version = '0.3.2'; + $this->version = '0.3.3'; //Url to the file with your last numberversion of this module //$this->url_last_version = 'http://www.example.com/versionmodule.txt'; diff --git a/fiche-rec-tab1.php b/fiche-rec-tab1.php index 4d55f06..604ec6e 100644 --- a/fiche-rec-tab1.php +++ b/fiche-rec-tab1.php @@ -234,6 +234,12 @@ do { $output .= '
' . $langs->trans("Options") . "
\n"; $output .= '
'; + if (function_exists('newToken')) { + $output .= ''; // CSRF protection + } else { + // Used before Dolibar 13 + $output .= ''; // CSRF protection + } $output .= ''; $output .= ''; $output .= ' \n";