composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-12 23:14:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

N°2323 - Fix calls to ajax endpoints

Browse Source
This commit is contained in:
Eric
2019-06-17 15:47:37 +02:00
parent dac77e0606
commit c723d19e01
2 changed files with 16 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pages/ajax.document.php
View File

@@ -54,7 +54,7 @@ try
{
case 'download_document':
// Fixing security hole from bug N°1227, disabling by default attachment from legacy portal.
$sRequestedPortalId = ((MetaModel::GetConfig()->Get('disable_attachments_download_legacy_portal') === true) && ($sClass === 'Attachment')) ? 'backoffice' : null;
$sRequestedPortalId = (MetaModel::GetConfig()->Get('disable_attachments_download_legacy_portal') === true) ? 'backoffice' : null;
LoginWebPage::DoLoginEx($sRequestedPortalId, false);
$id = utils::ReadParam('id', '');
$sField = utils::ReadParam('field', '');