Added tokens to some links.

2025-08-01 20:30:39 +02:00 · 2022-01-01 13:05:17 -08:00
parent cfa36ccb45
commit 7de11ed496
4 changed files with 60 additions and 15 deletions
--- a/e107_admin/language.php
+++ b/e107_admin/language.php
@@ -212,6 +212,13 @@ if(!empty($_GET['iframe']))
 		function DownloadPage()
 		{
 			if(empty($_GET['e-token']))
 			{
 				e107::getMessage()->addError("Invalid Token"); // Debug - no need for translation.
 				return LAN_ERROR;
 			}
 			$this->loadPackInfo();
 			$lan = $this->getId();
@@ -425,7 +432,7 @@ if(!empty($_GET['iframe']))
 						<td><a href='".$value['authorURL']."'>".$value['author']."</a></td>";*/
-				$url = 'language.php?mode=main&action=download&id='.$value['name']; // $value['url']
+				$url = 'language.php?mode=main&action=download&e-token='.e_TOKEN.'id='.$value['name']; // $value['url']
 				$text .= "
 					<td class='text-left'>".$value['date']."</td>
--- a/e107_admin/plugin.php
+++ b/e107_admin/plugin.php
@@ -362,7 +362,7 @@ class plugin_ui extends e_admin_ui
 			{
 				$plg->load($path);
 				$name = $plg->getName();
-				$url = e_ADMIN."plugin.php?mode=installed&action=upgrade&path=".$path;
+				$url = e_ADMIN."plugin.php?mode=installed&action=upgrade&path=".$path."&e-token=".e_TOKEN;
 				$text .= "<li class='media'>
 				<div class='media-left'>
 					<a href='".$url."'>".$plg->getIcon(32)."</a>
@@ -384,6 +384,12 @@ class plugin_ui extends e_admin_ui
 		function installPage()
 		{
 			if(empty($this->getQuery('e-token')))
 			{
 				e107::getMessage()->addError("Invalid Token"); // Debug - no need for translation.
 				$this->redirectAction('list');
 			}
 			$id = $this->getQuery('path');
 			$text = e107::getPlugin()->install($id);
@@ -438,6 +444,11 @@ class plugin_ui extends e_admin_ui
 		function uninstallPage()
 		{
 			if(empty($this->getQuery('e-token')))
 			{
 				e107::getMessage()->addError("Invalid Token"); // Debug - no need for translation.
 				$this->redirectAction('list');
 			}
 			$id = $this->getQuery('path');
@@ -483,6 +494,14 @@ class plugin_ui extends e_admin_ui
 		function repairPage()
 		{
 			if(empty($this->getQuery('e-token')))
 			{
 				e107::getMessage()->addError("Invalid Token"); // Debug - no need for translation.
 				$this->redirectAction('list');
 				return null;
 			}
 			$id = $this->getQuery('path');
 			$this->repair($id);
@@ -499,7 +518,7 @@ class plugin_ui extends e_admin_ui
 			}
 			e107::getSingleton('e107plugin')->refresh($id);
-			e107::getLog()->add('PLUGMAN_04', $id, E_LOG_INFORMATIVE, '');
+			e107::getLog()->add('PLUGMAN_04', $id);
 			e107::getMessage()->addSuccess("Repair Complete (".$id.")"); // Repair Complete ([x])
@@ -526,6 +545,12 @@ class plugin_ui extends e_admin_ui
 		function upgradePage()
 		{
 			if(empty($this->getQuery('e-token')))
 			{
 				e107::getMessage()->addError("Invalid Token"); // Debug - no need for translation.
 				$this->redirectAction('list');
 			}
 			$this->pluginUpgrade();
 		}
@@ -1009,13 +1034,13 @@ class plugin_form_ui extends e_admin_form_ui
 		if($var['plugin_install_required'] == true)
 		{
-			if($var['plugin_installflag'])
+			if(!empty($var['plugin_installflag']))
 			{
-				$text .= ($var['plugin_installflag'] ? "<a class='btn btn-default' href=\"" . e_SELF . "?mode=".$mode."&action=uninstall&path={$var['plugin_path']}\" title='" . EPL_ADLAN_1 . "'  >" . ADMIN_UNINSTALLPLUGIN_ICON . "</a>" : "<a class='btn' href=\"" . e_SELF . "?install.{$var['plugin_id']}\" title='" . EPL_ADLAN_0 . "' >" . ADMIN_INSTALLPLUGIN_ICON . "</a>");
+				$text .= "<a class='btn btn-default' href=\"" . e_SELF . "?mode=".$mode."&action=uninstall&path=".$var['plugin_path']."&e-token=".e_TOKEN."\" title='" . EPL_ADLAN_1 . "'  >" . ADMIN_UNINSTALLPLUGIN_ICON . "</a>";
 			}
 			else
 			{
-				$text .= "<a class='btn btn-default' href=\"" . e_SELF . "?mode=installed&action=install&path={$var['plugin_path']}\" title='" . EPL_ADLAN_0 . "' >" . ADMIN_INSTALLPLUGIN_ICON . "</a>";
+				$text .= "<a class='btn btn-default' href=\"" . e_SELF . "?mode=installed&action=install&path=".$var['plugin_path']."&e-token=".e_TOKEN."\" title='" . EPL_ADLAN_0 . "' >" . ADMIN_INSTALLPLUGIN_ICON . "</a>";
 			}
 		}
@@ -1037,17 +1062,17 @@ class plugin_form_ui extends e_admin_form_ui
 		if($var['plugin_version'] != $var['plugin_version_file'] && $var['plugin_installflag'])
 		{
-			$text .= "<a class='btn btn-default' href='" . e_SELF . "?mode=".$mode."&action=upgrade&path={$var['plugin_path']}' title=\"" . EPL_UPGRADE . " v" . $var['plugin_version_file'] . "\" >" . ADMIN_UPGRADEPLUGIN_ICON . "</a>";
+			$text .= "<a class='btn btn-default' href='" . e_SELF . "?mode=".$mode."&action=upgrade&path=".$var['plugin_path']."&e-token=".e_TOKEN."' title=\"" . EPL_UPGRADE . " v" . $var['plugin_version_file'] . "\" >" . ADMIN_UPGRADEPLUGIN_ICON . "</a>";
 		}
 		if($var['plugin_installflag'])
 		{
-			$text .= "<a class='btn btn-default' href='" . e_SELF . "?mode=".$mode."&action=repair&path={$var['plugin_path']}' title='" . LAN_REPAIR_PLUGIN_SETTINGS . "'> " . ADMIN_REPAIRPLUGIN_ICON . "</a>";
+			$text .= "<a class='btn btn-default' href='" . e_SELF . "?mode=".$mode."&action=repair&path=".$var['plugin_path']."&e-token=".e_TOKEN."' title='" . LAN_REPAIR_PLUGIN_SETTINGS . "'> " . ADMIN_REPAIRPLUGIN_ICON . "</a>";
 		}
 		if($var['plugin_installflag'] && is_dir($_path . ".git"))
 		{
-			$text .= "<a class='plugin-manager btn btn-default' href='" . e_SELF . "?mode=".$mode."&action=pull&path={$var['plugin_path']}' title='" . LAN_SYNC_WITH_GIT_REPO . "'> " . ADMIN_GITSYNC_ICON . "</a>";
+			$text .= "<a class='plugin-manager btn btn-default' href='" . e_SELF . "?mode=".$mode."&action=pull&path=".$var['plugin_path']."&e-token=".e_TOKEN."' title='" . LAN_SYNC_WITH_GIT_REPO . "'> " . ADMIN_GITSYNC_ICON . "</a>";
 		}
@@ -1140,12 +1165,16 @@ class plugin_online_ui extends e_admin_ui
 		// Modal Download.
 		public function downloadPage()
 		{
 			if(empty($_GET['e-token']))
 			{
 				echo e107::getMessage()->addError("Invalid Token")->render('default', 'error');
 				return null;
 			}
 			$frm = e107::getForm();
 			$mes = e107::getMessage();
 			$tp = e107::getParser();
 		//	print_a($_GET);
 			$string =  base64_decode($_GET['src']);
 			parse_str($string, $data);
@@ -1192,7 +1221,7 @@ class plugin_online_ui extends e_admin_ui
 				$upgradable =  e107::getPlug()->getUpgradableList();
 				if(!empty($upgradable[$pluginFolder]))
 				{
-					$mes->addSuccess("<a target='_top' href='".e_ADMIN."plugin.php?mode=installed&action=upgrade&id=".$pluginFolder."' class='btn btn-primary'>".LAN_UPDATE."</a>");
+					$mes->addSuccess("<a target='_top' href='".e_ADMIN."plugin.php?mode=installed&action=upgrade&id=".$pluginFolder."&e-token=".e_TOKEN."' class='btn btn-primary'>".LAN_UPDATE."</a>");
 				}
 				echo $mes->render('default', 'success');
@@ -2540,6 +2569,9 @@ class pluginBuilder
 			$mes = e107::getMessage();
 			$tp = e107::getParser();
 			$newDir = [];
 			$lanDir = [];
 			$plugFolders = $fl->get_dirs(e_PLUGIN);	
 			foreach($plugFolders as $dir)
 			{
--- a/e107_admin/theme.php
+++ b/e107_admin/theme.php
@@ -660,6 +660,12 @@ class theme_admin_ui extends e_admin_ui
 		public function DownloadPage()
 		{
 			if(empty($_GET['e-token']))
 			{
 				return e107::getMessage()->addError('Invalid Token')->render('default', 'error');
 			}
 			$frm = e107::getForm();
 			$mes = e107::getMessage();
 			$string =  base64_decode($_GET['src']);
@@ -1175,7 +1181,7 @@ class theme_admin_form_ui extends e_admin_form_ui
 		if(!empty($theme['price'])) // Premium Theme
 		{
 			$LAN_DOWNLOAD = LAN_PURCHASE."/".LAN_DOWNLOAD;
-			$downloadUrl = e_SELF.'?mode=main&action=download&src='.base64_encode($d); // no iframe.
+			$downloadUrl = e_SELF.'?mode=main&action=download&e-token='.e_TOKEN.'&src='.base64_encode($d); // no iframe.
 			$mainTarget = '_blank';
 			$mainClass = '';
 			$modalCaption = ' '.LAN_PURCHASE.' '.$theme['name']." ".$theme['version'];
@@ -1183,7 +1189,7 @@ class theme_admin_form_ui extends e_admin_form_ui
 		else // Free Theme
 		{
 			$LAN_DOWNLOAD = LAN_DOWNLOAD;
-			$downloadUrl = e_SELF.'?mode=main&iframe=1&action=download&src='.base64_encode($d);//$url.'&amp;action=download';
+			$downloadUrl = e_SELF.'?mode=main&iframe=1&action=download&e-token='.e_TOKEN.'&src='.base64_encode($d);//$url.'&amp;action=download';
 			$mainTarget = '_self';
 			$mainClass = 'e-modal';
 			$modalCaption =  ' '.LAN_DOWNLOADING.' '.$theme['name']." ".$theme['version'];
--- a/e107_handlers/e_marketplace.php
+++ b/e107_handlers/e_marketplace.php
@@ -262,7 +262,7 @@ class e_marketplace
 		//	if(deftrue('e_DEBUG_PLUGMANAGER'))
 			{
-				$url = e_ADMIN.'plugin.php?mode=online&action=download&src='.base64_encode($d);
+				$url = e_ADMIN.'plugin.php?mode=online&action=download&e-token='.e_TOKEN.'&src='.base64_encode($d);
 			}
 		//	else
 			{
@@ -282,7 +282,7 @@ class e_marketplace
 			);
 			$d = http_build_query($srcData,false,'&');
-			$url = e_ADMIN.'theme.php?mode=main&action=download&src='.base64_encode($d);//$url.'&amp;action=download';
+			$url = e_ADMIN.'theme.php?mode=main&action=download&e-token='.e_TOKEN.'&src='.base64_encode($d);//$url.'&amp;action=download';
 		}