minetest-mods/privilegeareas
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix vulnerability by checking privs in formspec callback

Browse Source
This commit is contained in:
rubenwardy 2017-12-04 16:49:17 +00:00 committed by GitHub
parent 701ec1f060
commit 18a803c9a9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
gui.lua
View File

@ -36,6 +36,10 @@ minetest.register_on_player_receive_fields(function(player, formname, fields)
if (formname~="privilegeareas:gui_add") then
return false
end
if not minetest.check_player_privs(player, "privs") then
return false
end
if fields.submit then
-- Do addition stuff