mirror of
https://github.com/e107inc/e107.git
synced 2025-03-14 01:19:44 +01:00
Token checks added.
This commit is contained in:
parent
6020de66e1
commit
2682aeaa27
@ -10,7 +10,10 @@
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
if(!empty($_POST) && !isset($_POST['e-token']))
|
||||
{
|
||||
$_POST['e-token'] = '';
|
||||
}
|
||||
require_once(__DIR__.'/../class2.php');
|
||||
|
||||
if (!getperms('4'))
|
||||
@ -534,7 +537,7 @@ class banlist_ui extends e_admin_ui
|
||||
</table>
|
||||
<div class='buttons-bar center'>
|
||||
".$frm->admin_button('update_ban_prefs', LAN_UPDATE, 'update')."
|
||||
<input type='hidden' name='e-token' value='".e_TOKEN."' />
|
||||
<input type='hidden' name='e-token' value='".defset('e_TOKEN')."' />
|
||||
</div>
|
||||
</fieldset>
|
||||
</form>
|
||||
@ -651,7 +654,7 @@ class banlist_ui extends e_admin_ui
|
||||
</table>
|
||||
<div class='buttons-bar center'>
|
||||
".$frm->admin_button('update_ban_options', LAN_UPDATE, 'update')."
|
||||
<input type='hidden' name='e-token' value='".e_TOKEN."' />
|
||||
<input type='hidden' name='e-token' value='".defset('e_TOKEN')."' />
|
||||
</div>
|
||||
</fieldset>
|
||||
<fieldset id='core-banlist-options-ban'>
|
||||
@ -666,7 +669,7 @@ class banlist_ui extends e_admin_ui
|
||||
<td>".BANLAN_75."</td>
|
||||
<td>
|
||||
".$frm->admin_button('remove_expired_bans', BANLAN_76, 'delete')."
|
||||
<input type='hidden' name='e-token' value='".e_TOKEN."' />
|
||||
<input type='hidden' name='e-token' value='".defset('e_TOKEN')."' />
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
|
@ -10,6 +10,10 @@
|
||||
*
|
||||
*/
|
||||
|
||||
if(!empty($_POST) && !isset($_POST['e-token']))
|
||||
{
|
||||
$_POST['e-token'] = '';
|
||||
}
|
||||
require_once(__DIR__."/../class2.php");
|
||||
|
||||
if (!getperms("C"))
|
||||
@ -205,6 +209,7 @@ $text = "
|
||||
'empty_browsercache' => CACLAN_27,
|
||||
))."
|
||||
".$frm->admin_button('trigger_empty_cache', LAN_DELETE, 'delete')."
|
||||
<input type='hidden' name='e-token' value='" . defset('e_TOKEN') . "' />
|
||||
</div>
|
||||
</fieldset>
|
||||
</form>";
|
||||
|
@ -10,7 +10,10 @@
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
if(!empty($_POST) && !isset($_POST['e-token']))
|
||||
{
|
||||
$_POST['e-token'] = '';
|
||||
}
|
||||
require_once(__DIR__.'/../class2.php');
|
||||
if (!getperms("F"))
|
||||
{
|
||||
@ -157,6 +160,7 @@ class emotec
|
||||
</table>
|
||||
<div class='buttons-bar center'>
|
||||
" . $frm->admin_button('active', 'active', 'update', LAN_UPDATE) . "
|
||||
<input type='hidden' name='e-token' value='" . defset('e_TOKEN') . "' />
|
||||
</div>
|
||||
<fieldset>
|
||||
</form>
|
||||
@ -228,7 +232,7 @@ class emotec
|
||||
}
|
||||
|
||||
$text .= $frm->admin_button('XMLPack_' . $pack, 'submit', 'default', EMOLAN_28);
|
||||
$text .= "
|
||||
$text .= "<input type='hidden' name='e-token' value='" . defset('e_TOKEN') . "' />
|
||||
</td>
|
||||
</tr>
|
||||
";
|
||||
|
@ -9,7 +9,10 @@
|
||||
* URL and front controller Management
|
||||
*
|
||||
*/
|
||||
|
||||
if(!empty($_POST) && !isset($_POST['e-token']))
|
||||
{
|
||||
$_POST['e-token'] = '';
|
||||
}
|
||||
require_once(__DIR__.'/../class2.php');
|
||||
if (!getperms('K'))
|
||||
{
|
||||
@ -328,7 +331,9 @@ class eurl_admin_ui extends e_admin_controller_ui
|
||||
}
|
||||
|
||||
$text .= "<div class='buttons-bar center'>".$frm->button('saveSimpleSef',LAN_SAVE, 'submit')."</div>";
|
||||
$text .= $frm->token();
|
||||
$text .= $frm->close();
|
||||
|
||||
$text .= "</div>";
|
||||
return $text;
|
||||
}
|
||||
@ -444,7 +449,8 @@ class eurl_admin_ui extends e_admin_controller_ui
|
||||
</tbody>
|
||||
</table>
|
||||
<div class='buttons-bar center'>
|
||||
".$form->admin_button('update', LAN_UPDATE, 'update')."
|
||||
".$form->admin_button('update', LAN_UPDATE, 'update').
|
||||
$form->token()."
|
||||
</div>
|
||||
</fieldset>
|
||||
</form>
|
||||
@ -564,7 +570,8 @@ class eurl_admin_ui extends e_admin_controller_ui
|
||||
</tbody>
|
||||
</table>
|
||||
<div class='buttons-bar center'>
|
||||
".$form->admin_button('update', LAN_UPDATE, 'update')."
|
||||
".$form->admin_button('update', LAN_UPDATE, 'update').
|
||||
$form->token()."
|
||||
</div>
|
||||
</fieldset>
|
||||
</form>
|
||||
|
@ -9,7 +9,10 @@
|
||||
* Search Administration
|
||||
*
|
||||
*/
|
||||
|
||||
if(!empty($_POST) && !isset($_POST['e-token']))
|
||||
{
|
||||
$_POST['e-token'] = '';
|
||||
}
|
||||
require_once(__DIR__.'/../class2.php');
|
||||
if (!getperms('X'))
|
||||
{
|
||||
@ -277,6 +280,7 @@ if ($query[0] == 'settings')
|
||||
</table>
|
||||
<div class='buttons-bar center'>
|
||||
".$frm->admin_button('update_prefs', LAN_UPDATE, 'update')."
|
||||
<input type='hidden' name='e-token' value='" . defset('e_TOKEN') . "' />
|
||||
</div>
|
||||
</fieldset>
|
||||
</form>
|
||||
@ -348,6 +352,7 @@ elseif ($query[0] == 'edit')
|
||||
</table>
|
||||
<div class='buttons-bar center'>
|
||||
".$frm->admin_button('update_handler', 'no-value', 'update', LAN_UPDATE)."
|
||||
<input type='hidden' name='e-token' value='" . defset('e_TOKEN') . "' />
|
||||
</div>
|
||||
</fieldset>
|
||||
</form>
|
||||
@ -520,6 +525,7 @@ else
|
||||
</table>
|
||||
<div class='buttons-bar center'>
|
||||
".$frm->admin_button('update_main','no-value','update',LAN_UPDATE)."
|
||||
<input type='hidden' name='e-token' value='" . defset('e_TOKEN') . "' />
|
||||
</div>
|
||||
</fieldset>
|
||||
</form>
|
||||
|
@ -1,7 +1,10 @@
|
||||
<?php
|
||||
|
||||
// Generated e107 Plugin Admin Area
|
||||
|
||||
if(!empty($_POST) && !isset($_POST['e-token']))
|
||||
{
|
||||
$_POST['e-token'] = '';
|
||||
}
|
||||
require_once(__DIR__.'/../../class2.php');
|
||||
if (!getperms('P'))
|
||||
{
|
||||
@ -443,9 +446,10 @@ class social_ui extends e_admin_ui
|
||||
$ret .= "<div class='buttons-bar center'>
|
||||
|
||||
".$frm->button('save_social_pages',1,'submit',LAN_SAVE)."
|
||||
|
||||
|
||||
</div>";
|
||||
|
||||
$ret .= $frm->token();
|
||||
$ret .= $frm->close();
|
||||
|
||||
return $ret;
|
||||
@ -467,6 +471,7 @@ class social_ui extends e_admin_ui
|
||||
$text .= $this->generateSocialLoginForm($var);
|
||||
|
||||
$text .= "<div class='buttons-bar center'>".$frm->button('save_social_logins',1,'submit',LAN_ADD)."</div>";
|
||||
$text .= $frm->token();
|
||||
$text .= $frm->close();
|
||||
|
||||
return $text;
|
||||
@ -563,6 +568,7 @@ class social_ui extends e_admin_ui
|
||||
|
||||
</div>";
|
||||
|
||||
$ret .= $frm->token();
|
||||
$ret .= $frm->close();
|
||||
|
||||
return $ret;
|
||||
|
Loading…
x
Reference in New Issue
Block a user