summaryrefslogtreecommitdiff
path: root/lib/plugins
diff options
context:
space:
mode:
Diffstat (limited to 'lib/plugins')
-rw-r--r--lib/plugins/acl/ajax.php11
1 files changed, 6 insertions, 5 deletions
diff --git a/lib/plugins/acl/ajax.php b/lib/plugins/acl/ajax.php
index 71a2eb03a..3a5d89c08 100644
--- a/lib/plugins/acl/ajax.php
+++ b/lib/plugins/acl/ajax.php
@@ -6,16 +6,17 @@
* @author Andreas Gohr <andi@splitbrain.org>
*/
-//fix for Opera XMLHttpRequests
-if(!count($_POST) && !empty($HTTP_RAW_POST_DATA)){
- parse_str($HTTP_RAW_POST_DATA, $_POST);
-}
-
if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../../');
require_once(DOKU_INC.'inc/init.php');
//close session
session_write_close();
+//fix for Opera XMLHttpRequests
+$postData = http_get_raw_post_data();
+if(!count($_POST) && !empty($postData)){
+ parse_str($postData, $_POST);
+}
+
if(!auth_isadmin()) die('for admins only');
if(!checkSecurityToken()) die('CRSF Attack');
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-10 07:18:01 +0000