Fix CSRF for module siteinfo

Author: VINADES.,JSC

admin/siteinfo/logs_del.php

@@ -7,43 +7,44 @@
  * @License GNU/GPL version 2 or any later version
  * @Createdate 11-10-2010 14:43
  */
-
-if (! defined('NV_IS_FILE_SITEINFO')) {
+if (!defined('NV_IS_FILE_SITEINFO')) {
     die('Stop!!!');
 }
 
 // Delete all log
-if ($nv_Request->get_title('logempty', 'post', '') == md5('siteinfo_' . NV_CHECK_SESSION . '_' . $admin_info['userid'])) {
-    if ($db->query('TRUNCATE TABLE ' . $db_config['prefix'] . '_logs')) {
-        $nv_Cache->delMod($module_name);
-        nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['log_empty_log'], 'All', $admin_info['userid']);
-        die('OK');
-    } else {
-        die($lang_module['log_del_error']);
+if ($nv_Request->get_title('checksess', 'post') == md5('siteinfo_' . NV_CHECK_SESSION . '_' . $admin_info['userid'])) {
+    $logempty = $nv_Request->get_int('logempty', 'post,get', 0);
+    if ($logempty) {
+        if ($db->query('TRUNCATE TABLE ' . $db_config['prefix'] . '_logs')) {
+            $nv_Cache->delMod($module_name);
+            nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['log_empty_log'], 'All', $admin_info['userid']);
+            die('OK');
+        } else {
+            die($lang_module['log_del_error']);
+        }
     }
-}
 
-$id = $nv_Request->get_int('id', 'post,get', 0);
-$contents = 'NO_' . $lang_module['log_del_error'];
-$number_del = 0;
-if ($id > 0) {
-    if ($db->exec('DELETE FROM ' . $db_config['prefix'] . '_logs WHERE id=' . $id)) {
-        $contents = 'OK_' . $lang_module['log_del_ok'];
-        ++$number_del;
-    }
-} else {
-    $listall = $nv_Request->get_string('listall', 'post,get');
-    $array_id = explode(',', $listall);
-    $array_id = array_map('intval', $array_id);
-    foreach ($array_id as $id) {
-        if ($id > 0) {
-            $db->query('DELETE FROM ' . $db_config['prefix'] . '_logs WHERE id=' . $id);
-            ++$number_del;
+    $id = $nv_Request->get_int('id', 'post,get', 0);
+    $contents = 'NO_' . $lang_module['log_del_error'];
+    $number_del = 0;
+    if ($id > 0) {
+        if ($db->exec('DELETE FROM ' . $db_config['prefix'] . '_logs WHERE id=' . $id)) {
+            $contents = 'OK_' . $lang_module['log_del_ok'];
+            ++ $number_del;
         }
+    } else {
+        $listall = $nv_Request->get_string('listall', 'post,get');
+        $array_id = explode(',', $listall);
+        $array_id = array_map('intval', $array_id);
+        foreach ($array_id as $id) {
+            if ($id > 0) {
+                $db->query('DELETE FROM ' . $db_config['prefix'] . '_logs WHERE id=' . $id);
+                ++ $number_del;
+            }
+        }
+        $contents = 'OK_' . $lang_module['log_del_ok'];
     }
-    $contents = 'OK_' . $lang_module['log_del_ok'];
-}
-
-nv_insert_logs(NV_LANG_DATA, $module_name, $lang_global['delete'] . ' ' . $lang_module['logs_title'], $number_del, $admin_info['userid']);
 
+    nv_insert_logs(NV_LANG_DATA, $module_name, $lang_global['delete'] . ' ' . $lang_module['logs_title'], $number_del, $admin_info['userid']);
+}
 nv_htmlOutput($contents);

themes/admin_default/js/siteinfo.js

@@ -93,7 +93,7 @@ $(document).ready(function(){
             $.ajax({
                 type : 'POST',
                 url : CFG.url_del,
-                data : 'listall=' + listall,
+                data : 'listall=' + listall + '&checksess=' + CFG.checksess,
                 success : function(data) {
                     var s = data.split('_');
                     if (s[0] == 'OK') {
@@ -111,7 +111,7 @@ $(document).ready(function(){
             $.ajax({
                 type : 'POST',
                 url : href,
-                data : '',
+                data : 'checksess=' + CFG.checksess,
                 success : function(data) {
                     var s = data.split('_');
                     if (s[0] == 'OK') {
@@ -129,7 +129,7 @@ $(document).ready(function(){
             $.ajax({
                 type : 'POST',
                 url : script_name,
-                data : nv_name_variable + "=" + nv_module_name + "&" + nv_fc_variable + "=logs_del&logempty=" + CFG.checksess,
+                data : nv_name_variable + "=" + nv_module_name + "&" + nv_fc_variable + "=logs_del&logempty=1&checksess=" + CFG.checksess,
                 success : function(data) {
                     if (data == 'OK') {
                         window.location = script_name + "?" + nv_name_variable + "=" + nv_module_name + "&" + nv_fc_variable + "=logs";