composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-24 02:58:43 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°2306 - Security hardening

Browse Source
This commit is contained in:
Molkobain
2020-01-07 13:53:10 +01:00
parent 864ded2102
commit acf28ca4aa
2 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
datamodels/2.x/itop-portal-base/portal/src/Controller/UserProfileBrickController.php
View File

@@ -1,7 +1,7 @@
<?php <?php
/** /**
* Copyright (C) 2013-2019 Combodo SARL * Copyright (C) 2013-2020 Combodo SARL
* *
* This file is part of iTop. * This file is part of iTop.
* *
@@ -16,8 +16,6 @@
* GNU Affero General Public License for more details. * GNU Affero General Public License for more details.
* *
* You should have received a copy of the GNU Affero General Public License * You should have received a copy of the GNU Affero General Public License
*
*
*/ */
namespace Combodo\iTop\Portal\Controller; namespace Combodo\iTop\Portal\Controller;
@@ -176,7 +174,7 @@ class UserProfileBrickController extends BrickController
{ {
// - Creating renderer // - Creating renderer
$oFormRenderer = new BsFormRenderer(); $oFormRenderer = new BsFormRenderer();
$oFormRenderer->SetEndpoint($_SERVER['REQUEST_URI']); $oFormRenderer->SetEndpoint($oUrlGenerator->generate('p_user_profile_brick'));
// - Creating manager // - Creating manager
$oFormManager = new PreferencesFormManager(); $oFormManager = new PreferencesFormManager();
$oFormManager->SetRenderer($oFormRenderer) $oFormManager->SetRenderer($oFormRenderer)
@@ -248,6 +246,8 @@ class UserProfileBrickController extends BrickController
{ {
/** @var \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulator */ /** @var \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulator */
$oRequestManipulator = $this->get('request_manipulator'); $oRequestManipulator = $this->get('request_manipulator');
/** @var \Combodo\iTop\Portal\Routing\UrlGenerator $oUrlGenerator */
$oUrlGenerator = $this->get('url_generator');
$aFormData = array(); $aFormData = array();
@@ -259,7 +259,7 @@ class UserProfileBrickController extends BrickController
{ {
// - Creating renderer // - Creating renderer
$oFormRenderer = new BsFormRenderer(); $oFormRenderer = new BsFormRenderer();
$oFormRenderer->SetEndpoint($_SERVER['REQUEST_URI']); $oFormRenderer->SetEndpoint($oUrlGenerator->generate('p_user_profile_brick'));
// - Creating manager // - Creating manager
$oFormManager = new PasswordFormManager(); $oFormManager = new PasswordFormManager();
$oFormManager->SetRenderer($oFormRenderer) $oFormManager->SetRenderer($oFormRenderer)

3
datamodels/2.x/itop-portal-base/portal/src/Helper/ObjectFormHandlerHelper.php
View File

@@ -1,7 +1,7 @@
<?php <?php
/** /**
* Copyright (C) 2013-2019 Combodo SARL * Copyright (C) 2013-2020 Combodo SARL
* *
* This file is part of iTop. * This file is part of iTop.
* *
@@ -240,6 +240,7 @@ class ObjectFormHandlerHelper
} }
else else
{ {
// Fallback to current URL for other use cases
$sFormEndpoint = $_SERVER['REQUEST_URI']; $sFormEndpoint = $_SERVER['REQUEST_URI'];
} }
$oFormRenderer = new BsFormRenderer(); $oFormRenderer = new BsFormRenderer();