tags 481504 patch thanks Hi
Attached you'll find a complete patch for the mantis issue. I still need to investigate it a little further and test it. I would also appreciate the maintainer's opinion :) Cheers Steffen
diff -u mantis-1.0.8/debian/patches/00list mantis-1.0.8/debian/patches/00list
--- mantis-1.0.8/debian/patches/00list
+++ mantis-1.0.8/debian/patches/00list
@@ -5,0 +6 @@
+06-CVE-2008-2276
diff -u mantis-1.0.8/debian/changelog mantis-1.0.8/debian/changelog
--- mantis-1.0.8/debian/changelog
+++ mantis-1.0.8/debian/changelog
@@ -1,3 +1,12 @@
+mantis (1.0.8-4.1) unstable; urgency=high
+
+ * Non-maintainer upload by the security team
+ * Fix Cross-site request forgery (CSRF) vulnerability that allowed
+ certain actions via HTTP requests without performing any validity
+ checks (Closes: #481504) Fixes: CVE-2008-2276
+
+ -- Steffen Joeris <[EMAIL PROTECTED]> Sat, 17 May 2008 06:23:03 +0000
+
mantis (1.0.8-4) unstable; urgency=medium
* Made package work with webservers different than apache2:
only in patch2:
unchanged:
--- mantis-1.0.8.orig/debian/patches/06-CVE-2008-2276.dpatch
+++ mantis-1.0.8/debian/patches/06-CVE-2008-2276.dpatch
@@ -0,0 +1,1512 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 06-CVE-2008-2276.dpatch
+##
+
[EMAIL PROTECTED]@
+--- mantis-1.0.8.orig/manage_user_prune.php
++++ mantis-1.0.8/manage_user_prune.php
+@@ -8,9 +8,11 @@
+ # --------------------------------------------------------
+ # $Id: manage_user_prune.php,v 1.7.18.1 2006/05/05 15:52:23 vboctor Exp $
+ # --------------------------------------------------------
+-?>
+-<?php require_once( 'core.php' ) ?>
+-<?php
++
++ require_once( 'core.php' );
++
++ helper_ensure_post();
++
+ access_ensure_global_level( config_get( 'manage_user_threshold' ) );
+
+ $t_user_table = config_get( 'mantis_user_table' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/account_update.php
++++ mantis-1.0.8/account_update.php
+@@ -8,25 +8,20 @@
+ # --------------------------------------------------------
+ # $Id: account_update.php,v 1.40 2004/11/30 13:02:57 vboctor Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # This page updates a user's information
+ # If an account is protected then changes are forbidden
+ # The page gets redirected back to account_page.php
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'email_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ auth_ensure_user_authenticated();
+
+ current_user_ensure_unprotected();
+-?>
+-<?php
+ $f_email = gpc_get_string( 'email', '' );
+ $f_realname = gpc_get_string( 'realname', '' );
+ $f_password = gpc_get_string( 'password', '' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_user_proj_delete.php
++++ mantis-1.0.8/manage_user_proj_delete.php
+@@ -10,6 +10,8 @@
+ # --------------------------------------------------------
+
+ require_once( 'core.php' );
++
++ helper_ensure_post();
+
+ auth_ensure_user_authenticated();
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_user_add.php
++++ mantis-1.0.8/manage_proj_user_add.php
+@@ -8,9 +8,11 @@
+ # --------------------------------------------------------
+ # $Id: manage_proj_user_add.php,v 1.4 2004/01/11 07:16:07 vboctor Exp $
+ # --------------------------------------------------------
+-?>
+-<?php require_once( 'core.php' ) ?>
+-<?php
++
++ require_once( 'core.php' );
++
++ helper_ensure_post();
++
+ $f_project_id = gpc_get_int( 'project_id' );
+ $f_user_id = gpc_get_int_array( 'user_id', array() );
+ $f_access_level = gpc_get_int( 'access_level' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_subproj_delete.php
++++ mantis-1.0.8/manage_proj_subproj_delete.php
+@@ -13,6 +13,8 @@
+
+ $t_core_path = config_get( 'core_path' );
+
++ helper_ensure_post();
++
+ $f_project_id = gpc_get_int( 'project_id' );
+ $f_subproject_id = gpc_get_int( 'subproject_id' );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/print_all_bug_options_update.php
++++ mantis-1.0.8/print_all_bug_options_update.php
+@@ -8,15 +8,15 @@
+ # --------------------------------------------------------
+ # $Id: print_all_bug_options_update.php,v 1.16 2005/02/28 00:30:39 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # Updates printing prefs then redirect to print_all_bug_page_page.php
+-?>
+-<?php require_once( 'core.php' ) ?>
+-<?php require( 'print_all_bug_options_inc.php' ) ?>
++
++ require_once( 'core.php' );
++ require( 'print_all_bug_options_inc.php' );
++
++ helper_ensure_post();
+
+-<?php auth_ensure_user_authenticated() ?>
+-<?php
++ auth_ensure_user_authenticated();
++
+ $f_user_id = gpc_get_int( 'user_id' );
+ $f_redirect_url = gpc_get_string( 'redirect_url' );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bug_set_sponsorship.php
++++ mantis-1.0.8/bug_set_sponsorship.php
+@@ -8,14 +8,14 @@
+ # --------------------------------------------------------
+ # $Id: bug_set_sponsorship.php,v 1.5 2005/07/25 16:34:10 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path . 'sponsorship_api.php' );
+
++ helper_ensure_post();
++
+ if ( config_get( 'enable_sponsorship' ) == OFF ) {
+ trigger_error( ERROR_SPONSORSHIP_NOT_ENABLED, ERROR );
+ }
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_update.php
++++ mantis-1.0.8/manage_proj_update.php
+@@ -8,9 +8,11 @@
+ # --------------------------------------------------------
+ # $Id: manage_proj_update.php,v 1.26 2004/01/11 07:16:07 vboctor Exp $
+ # --------------------------------------------------------
+-?>
+-<?php require_once( 'core.php' ) ?>
+-<?php
++
++ require_once( 'core.php' );
++
++ helper_ensure_post();
++
+ $f_project_id = gpc_get_int( 'project_id' );
+ $f_name = gpc_get_string( 'name' );
+ $f_description = gpc_get_string( 'description' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_custom_field_delete.php
++++ mantis-1.0.8/manage_custom_field_delete.php
+@@ -15,6 +15,8 @@
+
+ require_once( $t_core_path.'custom_field_api.php' );
+
++ helper_ensure_post();
++
+ access_ensure_global_level( config_get( 'manage_custom_fields_threshold' ) );
+
+ $f_field_id = gpc_get_int( 'field_id' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_user_remove.php
++++ mantis-1.0.8/manage_proj_user_remove.php
+@@ -10,6 +10,8 @@
+ # --------------------------------------------------------
+
+ require_once( 'core.php' );
++
++ helper_ensure_post();
+
+ $f_project_id = gpc_get_int( 'project_id' );
+ $f_user_id = gpc_get_int( 'user_id', 0 );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bug_file_delete.php
++++ mantis-1.0.8/bug_file_delete.php
+@@ -17,6 +17,8 @@
+
+ require_once( $t_core_path.'file_api.php' );
+
++ helper_ensure_post();
++
+ $f_file_id = gpc_get_int( 'file_id' );
+
+ $t_bug_id = file_get_field( $f_file_id, 'bug_id' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_user_proj_add.php
++++ mantis-1.0.8/manage_user_proj_add.php
+@@ -8,10 +8,12 @@
+ # --------------------------------------------------------
+ # $Id: manage_user_proj_add.php,v 1.21 2004/01/11 07:16:07 vboctor Exp $
+ # --------------------------------------------------------
+-?>
+-<?php require_once( 'core.php' ) ?>
+-<?php auth_ensure_user_authenticated() ?>
+-<?php
++
++ require_once( 'core.php' );
++
++ helper_ensure_post();
++
++ auth_ensure_user_authenticated();
+ $f_user_id = gpc_get_int( 'user_id' );
+ $f_access_level = gpc_get_int( 'access_level' );
+ $f_project_id = gpc_get_int_array( 'project_id', array() );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bugnote_set_view_state.php
++++ mantis-1.0.8/bugnote_set_view_state.php
+@@ -8,19 +8,16 @@
+ # --------------------------------------------------------
+ # $Id: bugnote_set_view_state.php,v 1.27 2005/07/25 16:34:10 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # Set an existing bugnote private or public.
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'bug_api.php' );
+ require_once( $t_core_path.'bugnote_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_bugnote_id = gpc_get_int( 'bugnote_id' );
+ $f_private = gpc_get_bool( 'private' );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_cat_copy.php
++++ mantis-1.0.8/manage_proj_cat_copy.php
+@@ -8,15 +8,14 @@
+ # --------------------------------------------------------
+ # $Id: manage_proj_cat_copy.php,v 1.21 2005/02/27 15:33:01 jlatour Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'category_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_project_id = gpc_get_int( 'project_id' );
+ $f_other_project_id = gpc_get_int( 'other_project_id' );
+ $f_copy_from = gpc_get_bool( 'copy_from' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bug_actiongroup.php
++++ mantis-1.0.8/bug_actiongroup.php
+@@ -8,19 +8,17 @@
+ # --------------------------------------------------------
+ # $Id: bug_actiongroup.php,v 1.47 2005/06/16 02:26:48 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # This page allows actions to be performed an an array of bugs
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'bug_api.php' );
+-?>
+-<?php auth_ensure_user_authenticated() ?>
+-<?php
++
++ helper_ensure_post();
++
++ auth_ensure_user_authenticated();
++
+ helper_begin_long_process();
+
+ $f_action = gpc_get_string( 'action' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_config_revert.php
++++ mantis-1.0.8/manage_config_revert.php
+@@ -10,6 +10,8 @@
+ # --------------------------------------------------------
+
+ require_once( 'core.php' );
++
++ helper_ensure_post();
+
+ $t_core_path = config_get( 'core_path' );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/signup.php
++++ mantis-1.0.8/signup.php
+@@ -14,6 +14,8 @@
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'email_api.php' );
++
++ helper_ensure_post();
+
+ $f_username = strip_tags( gpc_get_string( 'username' ) );
+ $f_email = strip_tags( gpc_get_string( 'email' ) );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bug_relationship_add.php
++++ mantis-1.0.8/bug_relationship_add.php
+@@ -16,6 +16,8 @@
+ require_once( 'core.php' );
+ $t_core_path = config_get( 'core_path' );
+ require_once( $t_core_path . 'relationship_api.php' );
++
++ helper_ensure_post();
+
+ $f_rel_type = gpc_get_int( 'rel_type' );
+ $f_src_bug_id = gpc_get_int( 'src_bug_id' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_ver_add.php
++++ mantis-1.0.8/manage_proj_ver_add.php
+@@ -8,15 +8,14 @@
+ # --------------------------------------------------------
+ # $Id: manage_proj_ver_add.php,v 1.30 2005/02/12 20:01:06 jlatour Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'version_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_project_id = gpc_get_int( 'project_id' );
+ $f_version = gpc_get_string( 'version' );
+ $f_add_and_edit = gpc_get_bool( 'add_and_edit_version' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_user_update.php
++++ mantis-1.0.8/manage_user_update.php
+@@ -8,15 +8,14 @@
+ # --------------------------------------------------------
+ # $Id: manage_user_update.php,v 1.37.12.1 2007/03/06 07:00:33 vboctor Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'email_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ access_ensure_global_level( config_get( 'manage_user_threshold' ) );
+
+ $f_protected = gpc_get_bool( 'protected' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/account_prof_make_default.php
++++ mantis-1.0.8/account_prof_make_default.php
+@@ -8,24 +8,19 @@
+ # --------------------------------------------------------
+ # $Id: account_prof_make_default.php,v 1.26 2005/02/12 20:01:03 jlatour Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # Make the specified profile the default
+ # Redirect to account_prof_menu_page.php
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'current_user_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ auth_ensure_user_authenticated();
+
+ current_user_ensure_unprotected();
+-?>
+-<?php
+ $f_profile_id = gpc_get_int( 'profile_id' );
+
+ current_user_set_pref( 'default_profile', $f_profile_id );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/set_project.php
++++ mantis-1.0.8/set_project.php
+@@ -8,15 +8,14 @@
+ # --------------------------------------------------------
+ # $Id: set_project.php,v 1.54.10.1 2005/12/05 12:14:47 vboctor Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'current_user_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_project_id = gpc_get_string( 'project_id' );
+ $f_make_default = gpc_get_bool ( 'make_default' );
+ $f_ref = gpc_get_string( 'ref', '' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/news_add.php
++++ mantis-1.0.8/news_add.php
+@@ -8,16 +8,15 @@
+ # --------------------------------------------------------
+ # $Id: news_add.php,v 1.32 2005/03/21 12:09:37 vboctor Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'news_api.php' );
+ require_once( $t_core_path.'print_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ access_ensure_project_level( config_get( 'manage_news_threshold' ) );
+
+ $f_view_state = gpc_get_int( 'view_state' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_user_copy.php
++++ mantis-1.0.8/manage_proj_user_copy.php
+@@ -8,9 +8,10 @@
+ # --------------------------------------------------------
+ # $Id: manage_proj_user_copy.php,v 1.5 2005/02/27 15:33:01 jlatour Exp $
+ # --------------------------------------------------------
+-?>
+-<?php require_once( 'core.php' ) ?>
+-<?php
++ require_once( 'core.php' );
++
++ helper_ensure_post();
++
+ $f_project_id = gpc_get_int( 'project_id' );
+ $f_other_project_id = gpc_get_int( 'other_project_id' );
+ $f_copy_from = gpc_get_bool( 'copy_from' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bugnote_add.php
++++ mantis-1.0.8/bugnote_add.php
+@@ -8,19 +8,16 @@
+ # --------------------------------------------------------
+ # $Id: bugnote_add.php,v 1.46 2005/07/25 16:34:10 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # Insert the bugnote into the database then redirect to the bug page
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'bug_api.php' );
+ require_once( $t_core_path.'bugnote_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_bug_id = gpc_get_int( 'bug_id' );
+ $f_private = gpc_get_bool( 'private' );
+ $f_bugnote_text = gpc_get_string( 'bugnote_text', '' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bug_delete.php
++++ mantis-1.0.8/bug_delete.php
+@@ -8,19 +8,15 @@
+ # --------------------------------------------------------
+ # $Id: bug_delete.php,v 1.40 2005/07/25 16:34:10 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # Deletes the bug and re-directs to view_all_bug_page.php
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'bug_api.php' );
+-?>
+-<?php
+ $f_bug_id = gpc_get_int( 'bug_id' );
++
++ helper_ensure_post();
+
+ access_ensure_bug_level( config_get( 'delete_bug_threshold' ), $f_bug_id );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bug_reminder.php
++++ mantis-1.0.8/bug_reminder.php
+@@ -8,11 +8,7 @@
+ # --------------------------------------------------------
+ # $Id: bug_reminder.php,v 1.19.10.1 2006/03/16 19:41:05 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # This page allows an authorized user to send a reminder by email to another user
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+@@ -20,8 +16,9 @@
+ require_once( $t_core_path.'bug_api.php' );
+ require_once( $t_core_path.'email_api.php' );
+ require_once( $t_core_path.'bugnote_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_bug_id = gpc_get_int( 'bug_id' );
+ $f_to = gpc_get_int_array( 'to' );
+ $f_body = gpc_get_string( 'body' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/query_store.php
++++ mantis-1.0.8/query_store.php
+@@ -4,8 +4,6 @@
+ # Copyright (C) 2002 - 2003 Mantis Team - [EMAIL PROTECTED]
+ # This program is distributed under the terms and conditions of the GPL
+ # See the README and LICENSE files for details
+-?>
+-<?php
+ require_once( 'core.php' );
+ $t_core_path = config_get( 'core_path' );
+
+@@ -16,6 +14,8 @@
+ require_once( $t_core_path.'string_api.php' );
+ require_once( $t_core_path.'date_api.php' );
+
++ helper_ensure_post();
++
+ auth_ensure_user_authenticated();
+ compress_enable();
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/news_update.php
++++ mantis-1.0.8/news_update.php
+@@ -8,8 +8,6 @@
+ # --------------------------------------------------------
+ # $Id: news_update.php,v 1.32 2005/03/21 12:09:37 vboctor Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+@@ -17,8 +15,9 @@
+ require_once( $t_core_path.'news_api.php' );
+ require_once( $t_core_path.'string_api.php' );
+ require_once( $t_core_path.'print_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_news_id = gpc_get_int( 'news_id' );
+ $f_project_id = gpc_get_int( 'project_id' );
+ $f_view_state = gpc_get_int( 'view_state' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bug_relationship_delete.php
++++ mantis-1.0.8/bug_relationship_delete.php
+@@ -24,6 +24,8 @@
+ $t_core_path = config_get( 'core_path' );
+ require_once( $t_core_path . 'relationship_api.php' );
+
++ helper_ensure_post();
++
+ $f_rel_id = gpc_get_int( 'rel_id' );
+ $f_bug_id = gpc_get_int( 'bug_id' );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bug_monitor.php
++++ mantis-1.0.8/bug_monitor.php
+@@ -8,18 +8,15 @@
+ # --------------------------------------------------------
+ # $Id: bug_monitor.php,v 1.28 2005/06/14 22:00:32 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # This file turns monitoring on or off for a bug for the current user
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'bug_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_bug_id = gpc_get_int( 'bug_id' );
+ $t_bug = bug_get( $f_bug_id, true );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/account_prof_add.php
++++ mantis-1.0.8/account_prof_add.php
+@@ -8,23 +8,18 @@
+ # --------------------------------------------------------
+ # $Id: account_prof_add.php,v 1.27 2005/02/25 00:23:48 jlatour Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # This file adds a new profile and redirects to account_proj_menu_page.php
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'profile_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ auth_ensure_user_authenticated();
+
+ current_user_ensure_unprotected();
+-?>
+-<?php
+ $f_platform = gpc_get_string( 'platform' );
+ $f_os = gpc_get_string( 'os' );
+ $f_os_build = gpc_get_string( 'os_build' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bug_update.php
++++ mantis-1.0.8/bug_update.php
+@@ -8,11 +8,7 @@
+ # --------------------------------------------------------
+ # $Id: bug_update.php,v 1.88.4.1 2005/12/13 00:58:52 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # Update bug data then redirect to the appropriate viewing page
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+@@ -20,8 +16,9 @@
+ require_once( $t_core_path.'bug_api.php' );
+ require_once( $t_core_path.'bugnote_api.php' );
+ require_once( $t_core_path.'custom_field_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_bug_id = gpc_get_int( 'bug_id' );
+ $f_update_mode = gpc_get_bool( 'update_mode', FALSE ); # set if called from generic update page
+ $f_new_status = gpc_get_int( 'status', bug_get_field( $f_bug_id, 'status' ) );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bug_assign_reporter.php
++++ mantis-1.0.8/bug_assign_reporter.php
+@@ -8,18 +8,15 @@
+ # --------------------------------------------------------
+ # $Id: bug_assign_reporter.php,v 1.4 2005/07/25 16:34:10 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # Assign bug to user then redirect to viewing page
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'bug_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_bug_id = gpc_get_int( 'bug_id' );
+
+ access_ensure_bug_level( config_get( 'update_bug_threshold' ), $f_bug_id );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/query_delete.php
++++ mantis-1.0.8/query_delete.php
+@@ -16,6 +16,8 @@
+ require_once( $t_core_path.'string_api.php' );
+ require_once( $t_core_path.'date_api.php' );
+
++ helper_ensure_post();
++
+ auth_ensure_user_authenticated();
+ compress_enable();
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_custom_field_update.php
++++ mantis-1.0.8/manage_custom_field_update.php
+@@ -8,15 +8,14 @@
+ # --------------------------------------------------------
+ # $Id: manage_custom_field_update.php,v 1.17 2004/08/03 23:43:49 prichards Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'custom_field_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ access_ensure_global_level( config_get( 'manage_custom_fields_threshold' ) );
+
+ $f_field_id = gpc_get_int( 'field_id' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_custom_field_remove.php
++++ mantis-1.0.8/manage_proj_custom_field_remove.php
+@@ -14,6 +14,8 @@
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'custom_field_api.php' );
++
++ helper_ensure_post();
+
+ $f_field_id = gpc_get_int( 'field_id' );
+ $f_project_id = gpc_get_int( 'project_id' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/news_delete.php
++++ mantis-1.0.8/news_delete.php
+@@ -8,15 +8,14 @@
+ # --------------------------------------------------------
+ # $Id: news_delete.php,v 1.23 2005/05/16 19:20:32 marcelloscata Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'news_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_news_id = gpc_get_int( 'news_id' );
+
+ $row = news_get_row( $f_news_id );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/account_prefs_reset.php
++++ mantis-1.0.8/account_prefs_reset.php
+@@ -35,6 +35,8 @@
+ $f_redirect_url = gpc_get_string( 'redirect_url', 'account_prefs_page.php' );
+
+ #============ Permissions ============
++ helper_ensure_post();
++
+ auth_ensure_user_authenticated();
+
+ user_ensure_unprotected( $f_user_id );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_ver_delete.php
++++ mantis-1.0.8/manage_proj_ver_delete.php
+@@ -14,6 +14,8 @@
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'version_api.php' );
++
++ helper_ensure_post();
+
+ $f_version_id = gpc_get_int( 'version_id' );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_user_create.php
++++ mantis-1.0.8/manage_user_create.php
+@@ -15,6 +15,8 @@
+
+ require_once( $t_core_path.'email_api.php' );
+
++ helper_ensure_post();
++
+ access_ensure_global_level( config_get( 'manage_user_threshold' ) );
+
+ $f_username = gpc_get_string( 'username' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/proj_doc_delete.php
++++ mantis-1.0.8/proj_doc_delete.php
+@@ -10,6 +10,8 @@
+ # --------------------------------------------------------
+
+ require_once( 'core.php' );
++
++ helper_ensure_post();
+
+ # Check if project documentation feature is enabled.
+ if ( OFF == config_get( 'enable_project_documentation' ) ) {
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_config_work_threshold_set.php
++++ mantis-1.0.8/manage_config_work_threshold_set.php
+@@ -14,6 +14,8 @@
+ $t_core_path = config_get( 'core_path' );
+ require_once( $t_core_path.'email_api.php' );
+
++ helper_ensure_post();
++
+ $t_redirect_url = 'manage_config_work_threshold_page.php';
+ $t_project = helper_get_current_project();
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/account_prof_delete.php
++++ mantis-1.0.8/account_prof_delete.php
+@@ -8,24 +8,19 @@
+ # --------------------------------------------------------
+ # $Id: account_prof_delete.php,v 1.27 2005/02/25 00:18:38 jlatour Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # The specified profile is deleted and the user is redirected to
+ # account_prof_menu_page.php3
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'profile_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ auth_ensure_user_authenticated();
+
+ current_user_ensure_unprotected();
+-?>
+-<?php
+ $f_profile_id = gpc_get_int( 'profile_id' );
+
+ if ( profile_is_global( $f_profile_id ) ) {
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_create.php
++++ mantis-1.0.8/manage_proj_create.php
+@@ -8,15 +8,14 @@
+ # --------------------------------------------------------
+ # $Id: manage_proj_create.php,v 1.7.14.1.2.1 2006/02/03 03:56:34 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'project_hierarchy_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ access_ensure_global_level( config_get( 'create_project_threshold' ) );
+
+ $f_name = gpc_get_string( 'name' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_config_email_set.php
++++ mantis-1.0.8/manage_config_email_set.php
+@@ -14,6 +14,8 @@
+ $t_core_path = config_get( 'core_path' );
+ require_once( $t_core_path.'email_api.php' );
+
++ helper_ensure_post();
++
+ $t_can_change_level = min( config_get_access( 'notify_flags' ), config_get_access( 'default_notify_flags' ) );
+ access_ensure_project_level( $t_can_change_level );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/account_prof_update.php
++++ mantis-1.0.8/account_prof_update.php
+@@ -8,24 +8,19 @@
+ # --------------------------------------------------------
+ # $Id: account_prof_update.php,v 1.28 2005/02/25 00:18:39 jlatour Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # This page updates the users profile information then redirects to
+ # account_prof_menu_page.php
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'profile_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ auth_ensure_user_authenticated();
+
+ current_user_ensure_unprotected();
+-?>
+-<?php
+ $f_profile_id = gpc_get_int( 'profile_id' );
+ $f_platform = gpc_get_string( 'platform' );
+ $f_os = gpc_get_string( 'os' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_cat_update.php
++++ mantis-1.0.8/manage_proj_cat_update.php
+@@ -8,15 +8,14 @@
+ # --------------------------------------------------------
+ # $Id: manage_proj_cat_update.php,v 1.32 2005/02/12 20:01:06 jlatour Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'category_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_project_id = gpc_get_int( 'project_id' );
+ $f_category = gpc_get_string( 'category' );
+ $f_new_category = gpc_get_string( 'new_category' );
+@@ -40,8 +39,7 @@
+ }
+
+ $t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id;
+-?>
+-<?php
++
+ html_page_top1();
+
+ html_meta_redirect( $t_redirect_url );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_config_workflow_set.php
++++ mantis-1.0.8/manage_config_workflow_set.php
+@@ -14,6 +14,8 @@
+ $t_core_path = config_get( 'core_path' );
+ require_once( $t_core_path.'email_api.php' );
+
++ helper_ensure_post();
++
+ $t_can_change_level = min( config_get_access( 'notify_flags' ), config_get_access( 'default_notify_flags' ) );
+ access_ensure_project_level( $t_can_change_level );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_user_delete.php
++++ mantis-1.0.8/manage_user_delete.php
+@@ -11,6 +11,8 @@
+
+ require_once( 'core.php' );
+
++ helper_ensure_post();
++
+ access_ensure_global_level( config_get( 'manage_user_threshold' ) );
+
+ $f_user_id = gpc_get_int( 'user_id' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/account_prefs_update.php
++++ mantis-1.0.8/account_prefs_update.php
+@@ -8,21 +8,16 @@
+ # --------------------------------------------------------
+ # $Id: account_prefs_update.php,v 1.36 2005/07/05 18:50:49 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # Updates prefs then redirect to account_prefs_page.php3
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'user_pref_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ auth_ensure_user_authenticated();
+-?>
+-<?php
+ $f_user_id = gpc_get_int( 'user_id' );
+ $f_redirect_url = gpc_get_string( 'redirect_url' );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bugnote_delete.php
++++ mantis-1.0.8/bugnote_delete.php
+@@ -8,12 +8,8 @@
+ # --------------------------------------------------------
+ # $Id: bugnote_delete.php,v 1.39 2005/07/25 16:34:10 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # Remove the bugnote and bugnote text and redirect back to
+ # the viewing page
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+@@ -21,8 +17,9 @@
+ require_once( $t_core_path.'bug_api.php' );
+ require_once( $t_core_path.'bugnote_api.php' );
+ require_once( $t_core_path.'current_user_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_bugnote_id = gpc_get_int( 'bugnote_id' );
+
+ $t_bug_id = bugnote_get_field( $f_bugnote_id, 'bug_id' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/proj_doc_update.php
++++ mantis-1.0.8/proj_doc_update.php
+@@ -15,6 +15,8 @@
+
+ require_once( $t_core_path.'file_api.php' );
+
++ helper_ensure_post();
++
+ # Check if project documentation feature is enabled.
+ if ( OFF == config_get( 'enable_project_documentation' ) ||
+ !file_is_uploading_enabled() ||
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_subproj_add.php
++++ mantis-1.0.8/manage_proj_subproj_add.php
+@@ -12,6 +12,8 @@
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
++
++ helper_ensure_post();
+
+ $f_project_id = gpc_get_int( 'project_id' );
+ $f_subproject_id = gpc_get_int( 'subproject_id' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bug_file_add.php
++++ mantis-1.0.8/bug_file_add.php
+@@ -8,18 +8,15 @@
+ # --------------------------------------------------------
+ # $Id: bug_file_add.php,v 1.48 2005/07/25 16:34:10 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # Add file to a bug and then view the bug
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'file_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_bug_id = gpc_get_int( 'bug_id' );
+ $f_file = gpc_get_file( 'file' );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_user_reset.php
++++ mantis-1.0.8/manage_user_reset.php
+@@ -10,6 +10,8 @@
+ # --------------------------------------------------------
+
+ require_once( 'core.php' );
++
++ helper_ensure_post();
+
+ access_ensure_global_level( config_get( 'manage_user_threshold' ) );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_cat_delete.php
++++ mantis-1.0.8/manage_proj_cat_delete.php
+@@ -14,6 +14,8 @@
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'category_api.php' );
++
++ helper_ensure_post();
+
+ $f_project_id = gpc_get_int( 'project_id' );
+ $f_category = gpc_get_string( 'category' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/lost_pwd.php
++++ mantis-1.0.8/lost_pwd.php
+@@ -14,6 +14,8 @@
+ # ======================================================================
+
+ require_once( 'core.php' );
++
++ helper_ensure_post();
+
+ # lost password feature disabled or reset password via email disabled -> stop here!
+ if( OFF == config_get( 'lost_password_feature' ) ||
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_custom_field_add_existing.php
++++ mantis-1.0.8/manage_proj_custom_field_add_existing.php
+@@ -8,15 +8,14 @@
+ # --------------------------------------------------------
+ # $Id: manage_proj_custom_field_add_existing.php,v 1.16 2005/02/12 20:01:06 jlatour Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'custom_field_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_field_id = gpc_get_int( 'field_id' );
+ $f_project_id = gpc_get_int( 'project_id' );
+
+@@ -29,12 +28,12 @@
+ custom_field_link( $f_field_id, $f_project_id );
+
+ $t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id;
+-?>
+-<?php html_page_top1() ?>
+-<?php
+- html_meta_redirect( $t_redirect_url );
+-?>
+-<?php html_page_top2() ?>
++
++
++ html_page_top1();
++ html_meta_redirect( $t_redirect_url );
++ html_page_top2() ?>
++
+
+ <br />
+ <div align="center">
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_delete.php
++++ mantis-1.0.8/manage_proj_delete.php
+@@ -11,6 +11,8 @@
+
+ require_once( 'core.php' );
+
++ helper_ensure_post();
++
+ $f_project_id = gpc_get_int( 'project_id' );
+
+ access_ensure_project_level( config_get( 'delete_project_threshold' ), $f_project_id );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/proj_doc_add.php
++++ mantis-1.0.8/proj_doc_add.php
+@@ -15,6 +15,8 @@
+
+ require_once( $t_core_path.'file_api.php' );
+
++ helper_ensure_post();
++
+ # Check if project documentation feature is enabled.
+ if ( OFF == config_get( 'enable_project_documentation' ) ) {
+ access_denied();
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_cat_add.php
++++ mantis-1.0.8/manage_proj_cat_add.php
+@@ -8,15 +8,14 @@
+ # --------------------------------------------------------
+ # $Id: manage_proj_cat_add.php,v 1.31 2005/02/12 20:01:05 jlatour Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'category_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_project_id = gpc_get_int( 'project_id' );
+ $f_category = gpc_get_string( 'category' );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/print_all_bug_options_reset.php
++++ mantis-1.0.8/print_all_bug_options_reset.php
+@@ -17,6 +17,8 @@
+
+ require_once( $t_core_path.'current_user_api.php' );
+ require( 'print_all_bug_options_inc.php' );
++
++ helper_ensure_post();
+
+ auth_ensure_user_authenticated();
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bugnote_update.php
++++ mantis-1.0.8/bugnote_update.php
+@@ -8,11 +8,7 @@
+ # --------------------------------------------------------
+ # $Id: bugnote_update.php,v 1.43 2005/02/12 20:01:05 jlatour Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # Update bugnote data then redirect to the appropriate viewing page
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+@@ -20,8 +16,9 @@
+ require_once( $t_core_path.'bug_api.php' );
+ require_once( $t_core_path.'bugnote_api.php' );
+ require_once( $t_core_path.'current_user_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_bugnote_id = gpc_get_int( 'bugnote_id' );
+ $f_bugnote_text = gpc_get_string( 'bugnote_text', '' );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_custom_field_update.php
++++ mantis-1.0.8/manage_proj_custom_field_update.php
+@@ -8,15 +8,12 @@
+ # --------------------------------------------------------
+ # $Id: manage_proj_custom_field_update.php,v 1.10 2005/02/12 20:01:06 jlatour Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'custom_field_api.php' );
+-?>
+-<?php
++ helper_ensure_post();
+ $f_field_id = gpc_get_int( 'field_id' );
+ $f_project_id = gpc_get_int( 'project_id' );
+ $f_sequence = gpc_get_int( 'sequence' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/account_delete.php
++++ mantis-1.0.8/account_delete.php
+@@ -31,6 +31,8 @@
+ # (none)
+
+ #============ Permissions ============
++ helper_ensure_post();
++
+ auth_ensure_user_authenticated();
+
+ current_user_ensure_unprotected();
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bug_assign.php
++++ mantis-1.0.8/bug_assign.php
+@@ -8,18 +8,15 @@
+ # --------------------------------------------------------
+ # $Id: bug_assign.php,v 1.42 2005/06/14 22:00:32 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # Assign bug to user then redirect to viewing page
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'bug_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_bug_id = gpc_get_int( 'bug_id' );
+ $t_bug = bug_get( $f_bug_id );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_custom_field_create.php
++++ mantis-1.0.8/manage_custom_field_create.php
+@@ -8,15 +8,14 @@
+ # --------------------------------------------------------
+ # $Id: manage_custom_field_create.php,v 1.15 2005/02/12 20:01:05 jlatour Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'custom_field_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ access_ensure_global_level( config_get( 'manage_custom_fields_threshold' ) );
+
+ $f_name = gpc_get_string( 'name' );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/account_sponsor_update.php
++++ mantis-1.0.8/account_sponsor_update.php
+@@ -8,23 +8,18 @@
+ # --------------------------------------------------------
+ # $Id: account_sponsor_update.php,v 1.2 2005/07/23 15:09:51 thraxisp Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ # This page updates a user's information
+ # If an account is protected then changes are forbidden
+ # The page gets redirected back to account_page.php
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'email_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ auth_ensure_user_authenticated();
+-?>
+-<?php
+ $f_bug_list = gpc_get_string( 'buglist', '' );
+ $t_bug_list = explode( ',', $f_bug_list );
+
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/bug_report.php
++++ mantis-1.0.8/bug_report.php
+@@ -20,6 +20,8 @@
+ require_once( $t_core_path.'bug_api.php' );
+ require_once( $t_core_path.'custom_field_api.php' );
+
++ helper_ensure_post();
++
+ access_ensure_project_level( config_get('report_bug_threshold' ) );
+
+ $t_bug_data = new BugData;
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/manage_proj_ver_update.php
++++ mantis-1.0.8/manage_proj_ver_update.php
+@@ -8,15 +8,14 @@
+ # --------------------------------------------------------
+ # $Id: manage_proj_ver_update.php,v 1.30 2005/02/12 20:01:06 jlatour Exp $
+ # --------------------------------------------------------
+-?>
+-<?php
+ require_once( 'core.php' );
+
+ $t_core_path = config_get( 'core_path' );
+
+ require_once( $t_core_path.'version_api.php' );
+-?>
+-<?php
++
++ helper_ensure_post();
++
+ $f_version_id = gpc_get_int( 'version_id' );
+
+ $t_version = version_get( $f_version_id );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/core/constant_inc.php
++++ mantis-1.0.8/core/constant_inc.php
+@@ -170,6 +170,7 @@
+ define( 'ERROR_FTP_CONNECT_ERROR', 16 );
+ define( 'ERROR_HANDLER_ACCESS_TOO_LOW', 17 );
+ define( 'ERROR_PAGE_REDIRECTION', 18 );
++ define( 'ERROR_INVALID_REQUEST_METHOD', 19 );
+
+ # ERROR_CONFIG_*
+ define( 'ERROR_CONFIG_OPT_NOT_FOUND', 100 );
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/core/helper_api.php
++++ mantis-1.0.8/core/helper_api.php
+@@ -315,4 +315,16 @@
+
+ return $t_project_filter;
+ }
++
++ #
++ #-------------------------------------------------
++ # check access method is POST, return if true, else call error handler
++ function helper_ensure_post()
++ {
++ if ( isset( $_SERVER['REQUEST_METHOD'] ) && ( strtoupper( $_SERVER['REQUEST_METHOD'] ) != 'POST' ) ) {
++ trigger_error( ERROR_INVALID_REQUEST_METHOD, ERROR );
++ }
++
++ }
++
+ ?>
+only in patch2:
+unchanged:
+--- mantis-1.0.8.orig/lang/strings_english.txt
++++ mantis-1.0.8/lang/strings_english.txt
+@@ -263,6 +263,7 @@
+ $MANTIS_ERROR[ERROR_PROJECT_RECURSIVE_HIERARCHY] = 'That operation would create a loop in the subproject hierarchy.';
+ $MANTIS_ERROR[ERROR_USER_CHANGE_LAST_ADMIN] = 'You cannot change the access level of the only ADMINISTRATOR in the system.';
+ $MANTIS_ERROR[ERROR_PAGE_REDIRECTION] = 'Page redirection error, ensure that there are no spaces outside the PHP block (<?php ?>) in config_inc.php or custom_*.php files.';
++$MANTIS_ERROR[ERROR_INVALID_REQUEST_METHOD] = 'This page cannot be accessed using this method.';
+
+ $s_login_error = 'Your account may be disabled or blocked or the username/password you entered is incorrect.';
+ $s_login_cookies_disabled = 'Your browser either doesn\'t know how to handle cookies, or refuses to handle them.';
signature.asc
Description: This is a digitally signed message part.
