Fix process logic and CSRF check

selfthinker / dokuwiki-plugin-loadskin

Change the skin/template/theme of DokuWiki - admins can select templates for pages or namespaces, users can select templates for the whole wiki

http://dokuwiki.org/plugin:loadskin

GNU General Public License v2.0

7 stars 6 forks source link

Fix process logic and CSRF check #30

Closed duebel- closed 7 years ago

duebel- commented 7 years ago

Always check CSRF token. Process form data when given and CSRF token is right. Fixes #28

selfthinker commented 7 years ago

I fixed this in be948cce7179ddca3b06d1752e377a43a9537c68. Sorry I didn't use your changes. But because you refactored at the same time as fixing the issue, I couldn't figure out what's going on. Your description could have helped in describing the fix.

duebel- commented 7 years ago

Thanks, that's fine. I prefer positive checks over negative ones. That's all. Effectivly it's the same.