add security check on all relevant scripts

dweeves · Nov 4, 2015 · e59acdf · e59acdf
1 parent d170952
commit e59acdf
Show file tree

Hide file tree

Showing 11 changed files with 11 additions and 0 deletions.
diff --git a/magmi/web/magmi_cancel.php b/magmi/web/magmi_cancel.php
@@ -1,4 +1,5 @@
 <?php
+require_once("security.php");
 header('Pragma: public'); // required
 header('Expires: -1'); // no cache
 header('Cache-Control: must-revalidate, post-check=0, pre-check=0');

diff --git a/magmi/web/magmi_chooseprofile.php b/magmi/web/magmi_chooseprofile.php
@@ -1,4 +1,5 @@
 <?php
+require_once("security.php");
 require_once("../inc/magmi_config.php");
 
 $currentprofile = $_REQUEST["profile"];

diff --git a/magmi/web/magmi_config_setup.php b/magmi/web/magmi_config_setup.php
@@ -1,4 +1,5 @@
 <?php
+require_once("security.php");
 require_once("magmi_config.php");
 require_once("magmi_statemanager.php");
 require_once("dbhelper.class.php");

diff --git a/magmi/web/magmi_import_run.php b/magmi/web/magmi_import_run.php
@@ -1,4 +1,5 @@
 	<?php
+    require_once("security.php");
 ini_set('gpc_magic_quotes', 0);
     require_once("security.php");
 $profile = isset($_REQUEST["profile"]) ? strip_tags($_REQUEST["profile"]) : 'default';

diff --git a/magmi/web/magmi_profile_config.php b/magmi/web/magmi_profile_config.php
@@ -1,4 +1,5 @@
 <?php
+require_once("security.php");
 require_once("magmi_config.php");
 $conf = Magmi_Config::getInstance();
 $conf->load();

diff --git a/magmi/web/magmi_profile_panel.php b/magmi/web/magmi_profile_panel.php
@@ -1,4 +1,5 @@
 <?php
+require_once("security.php");
 if (isset($_REQUEST["profile"])) {
     $profile = strip_tags($_REQUEST["profile"]);
 } else {

diff --git a/magmi/web/magmi_progress.php b/magmi/web/magmi_progress.php
@@ -1,4 +1,5 @@
 <?php
+require_once("security.php");
 require_once("../inc/magmi_statemanager.php");
 require_once("progress_parser.php");
 

diff --git a/magmi/web/magmi_saveconfig.php b/magmi/web/magmi_saveconfig.php
@@ -1,4 +1,5 @@
 <?php
+require_once("security.php");
 require_once("../inc/magmi_config.php");
 $conf = Magmi_Config::getInstance();
 if ($conf->save($_POST)) {

diff --git a/magmi/web/magmi_saveprofile.php b/magmi/web/magmi_saveprofile.php
@@ -1,4 +1,5 @@
 <?php
+require_once("security.php");
 $profile = $_REQUEST["profile"];
 $dslist = $_REQUEST["PLUGINS_DATASOURCES:class"];
 $genlist = $_REQUEST["PLUGINS_GENERAL:classes"];

diff --git a/magmi/web/progress_details.php b/magmi/web/progress_details.php
@@ -1,4 +1,5 @@
 <?php
+require_once("security.php");
 session_start();
 $key = $_REQUEST["key"];
 $data = $_SESSION["log_$key"];

diff --git a/magmi/web/trace_details.php b/magmi/web/trace_details.php
@@ -1,4 +1,5 @@
 <?php
+require_once("security.php");
 require_once("../inc/magmi_statemanager.php");
 $tid = $_REQUEST["traceid"];
 $tracefile = Magmi_StateManager::getTraceFile();