Small fix for CSRF check in config and ACL plugins

darcs-hash:20070908142300-7ad00-ecb0aa5d77f6451b33988e6008e0297bd4425948.gz
author: Andreas Gohr <andi@splitbrain.org> 2007-09-08 16:23:00 +0200
committer: Andreas Gohr <andi@splitbrain.org> 2007-09-08 16:23:00 +0200
commit: aea87c78e17f8e8f817852532e3498577f97f405 (patch)
tree: 7da62df2fac86b944c141b8b47e2e7bdab1dd74a /lib/plugins/config/admin.php
parent: 32b1888b993690049f99bf8c1dff51c81c974370 (diff)
download: rpg-aea87c78e17f8e8f817852532e3498577f97f405.tar.gz
rpg-aea87c78e17f8e8f817852532e3498577f97f405.tar.bz2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/plugins/config/admin.php b/lib/plugins/config/admin.php
index f251eac7d..90b249202 100644
--- a/lib/plugins/config/admin.php
+++ b/lib/plugins/config/admin.php
@@ -58,8 +58,8 @@ class admin_plugin_config extends DokuWiki_Admin_Plugin {
       global $ID;
 
       if (!$this->_restore_session()) return $this->_close_session();
-      if (!checkSecurityToken()) return $this->_close_session();
       if (!isset($_REQUEST['save']) || ($_REQUEST['save'] != 1)) return $this->_close_session();
+      if (!checkSecurityToken()) return $this->_close_session();
 
       if (is_null($this->_config)) { $this->_config = new configuration($this->_file); }
author	Andreas Gohr <andi@splitbrain.org>	2007-09-08 16:23:00 +0200
committer	Andreas Gohr <andi@splitbrain.org>	2007-09-08 16:23:00 +0200
commit	aea87c78e17f8e8f817852532e3498577f97f405 (patch)
tree	7da62df2fac86b944c141b8b47e2e7bdab1dd74a /lib/plugins/config/admin.php
parent	32b1888b993690049f99bf8c1dff51c81c974370 (diff)
download	rpg-aea87c78e17f8e8f817852532e3498577f97f405.tar.gz rpg-aea87c78e17f8e8f817852532e3498577f97f405.tar.bz2