From 0178bc757c975aebf657919dd2c670473ae5ee81 Mon Sep 17 00:00:00 2001 From: Rom1-B Date: Fri, 2 May 2025 12:01:09 +0200 Subject: [PATCH 1/2] Fix: front/ check --- front/config.form.php | 2 ++ front/export.massive.php | 2 ++ front/export.php | 2 ++ front/preference.form.php | 2 ++ 4 files changed, 8 insertions(+) diff --git a/front/config.form.php b/front/config.form.php index 9645c2b..3ea7941 100644 --- a/front/config.form.php +++ b/front/config.form.php @@ -32,6 +32,8 @@ include('../../../inc/includes.php'); +Session::checkLoginUser(); + // No autoload when plugin is not activated require_once('../inc/config.class.php'); diff --git a/front/export.massive.php b/front/export.massive.php index ee15b60..e148b1b 100644 --- a/front/export.massive.php +++ b/front/export.massive.php @@ -32,6 +32,8 @@ include('../../../inc/includes.php'); +Session::checkLoginUser(); + Plugin::load('pdf', true); $type = $_SESSION['plugin_pdf']['type']; diff --git a/front/export.php b/front/export.php index 327e23b..60cdb94 100644 --- a/front/export.php +++ b/front/export.php @@ -35,6 +35,8 @@ include('../../../inc/includes.php'); +Session::checkLoginUser(); + /* 0.85 Hack to allow multiple exports, yes this is an hack, yes an awful one */ if (!isset($_SESSION['glpicsrftokens'][$token])) { $_SESSION['glpicsrftokens'][$token] = time() + GLPI_CSRF_EXPIRES; diff --git a/front/preference.form.php b/front/preference.form.php index 46e4ccc..657af87 100644 --- a/front/preference.form.php +++ b/front/preference.form.php @@ -32,6 +32,8 @@ include_once('../../../inc/includes.php'); +Session::checkLoginUser(); + /** @var \DBmysql $DB */ global $DB; From 43e69f47a7d3b570cac298e89b30a3527c9ffceb Mon Sep 17 00:00:00 2001 From: Rom1-B Date: Mon, 5 May 2025 09:53:02 +0200 Subject: [PATCH 2/2] stan --- front/export.massive.php | 2 +- front/export.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/front/export.massive.php b/front/export.massive.php index e148b1b..0fab385 100644 --- a/front/export.massive.php +++ b/front/export.massive.php @@ -32,7 +32,7 @@ include('../../../inc/includes.php'); -Session::checkLoginUser(); +Session::checkRight('plugin_pdf', READ); Plugin::load('pdf', true); diff --git a/front/export.php b/front/export.php index 60cdb94..d3df80e 100644 --- a/front/export.php +++ b/front/export.php @@ -35,7 +35,7 @@ include('../../../inc/includes.php'); -Session::checkLoginUser(); +Session::checkRight('plugin_pdf', READ); /* 0.85 Hack to allow multiple exports, yes this is an hack, yes an awful one */ if (!isset($_SESSION['glpicsrftokens'][$token])) {