mirror of
https://github.com/Combodo/iTop.git
synced 2026-02-27 22:24:12 +01:00
N°2306 - Security hardening
This commit is contained in:
@@ -1,7 +1,7 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright (C) 2013-2019 Combodo SARL
|
||||
* Copyright (C) 2013-2020 Combodo SARL
|
||||
*
|
||||
* This file is part of iTop.
|
||||
*
|
||||
@@ -16,8 +16,6 @@
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
namespace Combodo\iTop\Portal\Controller;
|
||||
@@ -176,7 +174,7 @@ class UserProfileBrickController extends BrickController
|
||||
{
|
||||
// - Creating renderer
|
||||
$oFormRenderer = new BsFormRenderer();
|
||||
$oFormRenderer->SetEndpoint($_SERVER['REQUEST_URI']);
|
||||
$oFormRenderer->SetEndpoint($oUrlGenerator->generate('p_user_profile_brick'));
|
||||
// - Creating manager
|
||||
$oFormManager = new PreferencesFormManager();
|
||||
$oFormManager->SetRenderer($oFormRenderer)
|
||||
@@ -248,6 +246,8 @@ class UserProfileBrickController extends BrickController
|
||||
{
|
||||
/** @var \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulator */
|
||||
$oRequestManipulator = $this->get('request_manipulator');
|
||||
/** @var \Combodo\iTop\Portal\Routing\UrlGenerator $oUrlGenerator */
|
||||
$oUrlGenerator = $this->get('url_generator');
|
||||
|
||||
$aFormData = array();
|
||||
|
||||
@@ -259,7 +259,7 @@ class UserProfileBrickController extends BrickController
|
||||
{
|
||||
// - Creating renderer
|
||||
$oFormRenderer = new BsFormRenderer();
|
||||
$oFormRenderer->SetEndpoint($_SERVER['REQUEST_URI']);
|
||||
$oFormRenderer->SetEndpoint($oUrlGenerator->generate('p_user_profile_brick'));
|
||||
// - Creating manager
|
||||
$oFormManager = new PasswordFormManager();
|
||||
$oFormManager->SetRenderer($oFormRenderer)
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright (C) 2013-2019 Combodo SARL
|
||||
* Copyright (C) 2013-2020 Combodo SARL
|
||||
*
|
||||
* This file is part of iTop.
|
||||
*
|
||||
@@ -240,6 +240,7 @@ class ObjectFormHandlerHelper
|
||||
}
|
||||
else
|
||||
{
|
||||
// Fallback to current URL for other use cases
|
||||
$sFormEndpoint = $_SERVER['REQUEST_URI'];
|
||||
}
|
||||
$oFormRenderer = new BsFormRenderer();
|
||||
|
||||
Reference in New Issue
Block a user