Security update to edit_bmarks script

I have omitted a basic security script on edit_bmarks.php file. I failed to start a session and a script to direct the user if someone accessed the url direct. you could have entered this bookmarks/edit_bmark.php?id=27 and have access to it without logging in!! so please amend the script with the below at the very start


<?php # Script 0.5 - edit_bmark.php
// Allows user to edit current bookmark
// If no session value is present, redirect the user:
session_start(); // Access the existing session.

if (!isset($_SESSION['user_id'])) {
require_once ('includes/login_functions.inc.php');
$url = absolute_url();
header("Location: $url");
exit();
}

Also if you used this script for editing the bookmarks, it would have not worked correctly. I have now fixed it so please download source file right hand click and save as here.

Leave a Reply

Your email address will not be published. Required fields are marked *

To submit your comment, click the image below where it asks you to...
Clickcha - The One-Click Captcha