diff options
author | Gabriel Pérez-Cerezo <gabriel@gpcf.eu> | 2020-03-06 23:24:34 +0100 |
---|---|---|
committer | Gabriel Pérez-Cerezo <gabriel@gpcf.eu> | 2020-03-06 23:24:34 +0100 |
commit | 83060e9e85be790f64fcf51def1f024699a46d2d (patch) | |
tree | 2f91f7ab71e330ce784630daf0bcee29efa9b750 /munin-grapher.pl | |
parent | e98a3debe01248b290a65c083f0f83cae323f9bc (diff) | |
download | smartshop-83060e9e85be790f64fcf51def1f024699a46d2d.tar.gz smartshop-83060e9e85be790f64fcf51def1f024699a46d2d.tar.bz2 smartshop-83060e9e85be790f64fcf51def1f024699a46d2d.zip |
[Security] Only allow unlimited shop creation if player is allowed
The previous code assumed that the limit toggle button cannot be
pressed by non-creative players. However, this is easily possible with
a specially crafted client, that submits this field. The fix checks if
the player really has creative before switching a shop to unlimited
mode.
Diffstat (limited to 'munin-grapher.pl')
0 files changed, 0 insertions, 0 deletions