mirror/php-monstra
1
0
Fork 0
mirror of https://github.com/monstra-cms/monstra.git synced 2025-08-08 14:16:54 +02:00
Code Issues Releases Wiki Activity

Pages Plugin: csrf vulnerability resolved

Browse Source
This commit is contained in:
Awilum
2012-10-03 15:21:11 +03:00
parent 7b9f752701
commit 572925ddfa
2 changed files with 37 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/box/pages/views/backend/index.view.php
View File

@@ -69,7 +69,7 @@
<?php if ($page['parent'] == '') { ?>
<li><a href="index.php?id=pages&action=add_page&parent_page=<?php echo $page['slug']; ?>" title="<?php echo __('Create new page', 'pages'); ?>"><?php echo __('Add', 'pages'); ?></a></li>
<?php } ?>
<li><?php echo Html::anchor(__('Clone', 'pages'), 'index.php?id=pages&action=clone_page&name='.$page['slug'], array('title' => __('Clone', 'pages'))); ?></li>
<li><?php echo Html::anchor(__('Clone', 'pages'), 'index.php?id=pages&action=clone_page&name='.$page['slug'].'&token='.Security::token(), array('title' => __('Clone', 'pages'))); ?></li>
</ul>
<?php echo Html::anchor(__('Delete', 'pages'),
'index.php?id=pages&action=delete_page&name='.$page['slug'].'&token='.Security::token(),