From 7ebe0a99169f2a143ccb20da5d1918a99ccaaf7d Mon Sep 17 00:00:00 2001
From: Unknwon <u@gogs.io>
Date: Thu, 22 Dec 2016 19:19:56 -0500
Subject: Fix vulnerabilities reported in #3959

---
 routers/user/setting.go | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'routers/user/setting.go')

diff --git a/routers/user/setting.go b/routers/user/setting.go
index 35bff326..9d09646c 100644
--- a/routers/user/setting.go
+++ b/routers/user/setting.go
@@ -280,7 +280,10 @@ func SettingsEmailPost(ctx *context.Context, form auth.AddEmailForm) {
 }
 
 func DeleteEmail(ctx *context.Context) {
-	if err := models.DeleteEmailAddress(&models.EmailAddress{ID: ctx.QueryInt64("id")}); err != nil {
+	if err := models.DeleteEmailAddress(&models.EmailAddress{
+		ID:  ctx.QueryInt64("id"),
+		UID: ctx.User.ID,
+	}); err != nil {
 		ctx.Handle(500, "DeleteEmail", err)
 		return
 	}
@@ -409,7 +412,7 @@ func SettingsApplicationsPost(ctx *context.Context, form auth.NewAccessTokenForm
 }
 
 func SettingsDeleteApplication(ctx *context.Context) {
-	if err := models.DeleteAccessTokenByID(ctx.QueryInt64("id")); err != nil {
+	if err := models.DeleteAccessTokenByUserID(ctx.User.ID, ctx.QueryInt64("id")); err != nil {
 		ctx.Flash.Error("DeleteAccessTokenByID: " + err.Error())
 	} else {
 		ctx.Flash.Success(ctx.Tr("settings.delete_token_success"))
-- 
cgit v1.2.3