Expand on the maintenance code to make it more robust and give the

admin more control. You can now track running tasks, resume stalled tasks, cancel running tasks, and remove finished tasks. Added graphics::compose() as a placeholder for future watermark operations. Added CSRF protection to maintenance urls.
author: Bharat Mediratta <bharat@menalto.com> 2008-12-28 23:48:15 +0000
committer: Bharat Mediratta <bharat@menalto.com> 2008-12-28 23:48:15 +0000
commit: ed8689f768f81d2c3ed8bee70c43d4f7c71c108e (patch)
tree: 35fccdad514cd834cc0b7cea86966604e617d3f0 /core/helpers/access.php
parent: 1d76689e4b3ea68cada5154d1c0e17b00dec6bd7 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/core/helpers/access.php b/core/helpers/access.php
index c6ee1fcc..d05f3df0 100644
--- a/core/helpers/access.php
+++ b/core/helpers/access.php
@@ -305,7 +305,8 @@ class access_Core {
    * Verify our Cross Site Request Forgery token is valid, else throw an exception.
    */
   public static function verify_csrf() {
-    if (Input::instance()->post("csrf") !== Session::instance()->get("csrf")) {
+    $input = Input::instance();
+    if ($input->post("csrf", $input->get("csrf", null)) !== Session::instance()->get("csrf")) {
       access::forbidden();
     }
   }
author	Bharat Mediratta <bharat@menalto.com>	2008-12-28 23:48:15 +0000
committer	Bharat Mediratta <bharat@menalto.com>	2008-12-28 23:48:15 +0000
commit	ed8689f768f81d2c3ed8bee70c43d4f7c71c108e (patch)
tree	35fccdad514cd834cc0b7cea86966604e617d3f0 /core/helpers/access.php
parent	1d76689e4b3ea68cada5154d1c0e17b00dec6bd7 (diff)