Sec: Bad security test

1d1970b5 · Laurent Destailleur · a2c9d5bd · 1d1970b5 · 1d1970b5
Commit 1d1970b5 authored 10 years ago by Laurent Destailleur
--- a/htdocs/public/test/test_arrays.php
+++ b/htdocs/public/test/test_arrays.php
@@ -4,11 +4,14 @@ define("NOCSRFCHECK",1);	// We accept to go on this page from external web site.


 require '../../main.inc.php';
-if ($_SERVER['HTTP_HOST'] != 'localhost')
+
+if ($_SERVER['REMOTE_ADDR'] != '127.0.0.1')
 {
-	print "Page available only with url  http://localhost/...";
+	print "Page available only frome remote address 127.0.0.1";
 	exit;
 }
+
+
 $usedolheader=0;	// 1 = Test inside a dolibarr page, 0 = Use hard coded header



--- a/htdocs/public/test/test_forms.php
+++ b/htdocs/public/test/test_forms.php
@@ -6,9 +6,9 @@ define('REQUIRE_JQUERY_MULTISELECT','select2');
 require '../../main.inc.php';
 include_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';

-if ($_SERVER['HTTP_HOST'] != 'localhost')
+if ($_SERVER['REMOTE_ADDR'] != '127.0.0.1')
 {
-	print "Page available only with url  http://localhost/...";
+	print "Page available only frome remote address 127.0.0.1";
 	exit;
 }