| Index: branches/REL1_16/extensions/FlaggedRevs/specialpages/RevisionReview_body.php |
| — | — | @@ -185,6 +185,7 @@ |
| 186 | 186 | $tags = FlaggedRevs::getDimensions(); |
| 187 | 187 | // Make review interface object |
| 188 | 188 | $form = new RevisionReview(); |
| | 189 | + $editToken = ''; // edit token |
| 189 | 190 | // Each ajax url argument is of the form param|val. |
| 190 | 191 | // This means that there is no ugly order dependance. |
| 191 | 192 | foreach ( $args as $x => $arg ) { |
| — | — | @@ -235,9 +236,7 @@ |
| 236 | 237 | $form->retrieveNotes( $val ); |
| 237 | 238 | break; |
| 238 | 239 | case "wpEditToken": |
| 239 | | - if ( !$wgUser->matchEditToken( $val ) ) { |
| 240 | | - return '<err#>' . wfMsgExt( 'sessionfailure', 'parseinline' ); |
| 241 | | - } |
| | 240 | + $editToken = $val; |
| 242 | 241 | break; |
| 243 | 242 | default: |
| 244 | 243 | $p = preg_replace( '/^wp/', '', $par ); // kill any "wp" prefix |
| — | — | @@ -254,6 +253,10 @@ |
| 255 | 254 | if ( !$form->page ) { |
| 256 | 255 | return '<err#>' . wfMsgExt( 'revreview-failed', 'parseinline' ); |
| 257 | 256 | } |
| | 257 | + # Check session via user token |
| | 258 | + if ( !$wgUser->matchEditToken( $editToken ) ) { |
| | 259 | + return '<err#>' . wfMsgExt( 'sessionfailure', 'parseinline' ); |
| | 260 | + } |
| 258 | 261 | // Basic permission check |
| 259 | 262 | $permErrors = $form->page->getUserPermissionsErrors( 'review', $wgUser ); |
| 260 | 263 | if ( !$permErrors ) { |