From 5db04d50071892ad5dfdabaddbbcc60708936280 Mon Sep 17 00:00:00 2001 From: Awilum Date: Wed, 9 Jan 2013 22:27:01 +0200 Subject: [PATCH] CSRF detection text - updated #84 --- plugins/box/blocks/blocks.admin.php | 6 ++--- .../box/filesmanager/filesmanager.admin.php | 6 ++--- plugins/box/menu/menu.admin.php | 4 +-- plugins/box/pages/pages.admin.php | 10 +++---- plugins/box/plugins/plugins.admin.php | 6 ++--- plugins/box/snippets/snippets.admin.php | 6 ++--- plugins/box/system/system.admin.php | 4 +-- plugins/box/themes/themes.admin.php | 26 +++++++++---------- plugins/box/users/users.admin.php | 10 +++---- plugins/box/users/users.plugin.php | 8 +++--- 10 files changed, 43 insertions(+), 43 deletions(-) diff --git a/plugins/box/blocks/blocks.admin.php b/plugins/box/blocks/blocks.admin.php index bd92dd7..8f54983 100755 --- a/plugins/box/blocks/blocks.admin.php +++ b/plugins/box/blocks/blocks.admin.php @@ -51,7 +51,7 @@ class BlocksAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Save fields @@ -106,7 +106,7 @@ class BlocksAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } if (Request::post('name')) $name = Request::post('name'); else $name = File::name(Request::get('filename')); if (Request::post('editor')) $content = Request::post('editor'); else $content = File::getContent($blocks_path.Request::get('filename').'.block.html'); @@ -126,7 +126,7 @@ class BlocksAdmin extends Backend Notification::set('success', __('Block :name deleted', 'blocks', array(':name' => File::name(Request::get('filename'))))); Request::redirect('index.php?id=blocks'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } break; } diff --git a/plugins/box/filesmanager/filesmanager.admin.php b/plugins/box/filesmanager/filesmanager.admin.php index 0b19b5a..ea3e657 100755 --- a/plugins/box/filesmanager/filesmanager.admin.php +++ b/plugins/box/filesmanager/filesmanager.admin.php @@ -87,7 +87,7 @@ class FilesmanagerAdmin extends Backend File::delete($files_path.Request::get('delete_file')); Request::redirect($site_url.'admin/index.php?id=filesmanager&path='.$path); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Delete dir @@ -99,7 +99,7 @@ class FilesmanagerAdmin extends Backend Dir::delete($files_path.Request::get('delete_dir')); Request::redirect($site_url.'admin/index.php?id=filesmanager&path='.$path); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Upload file @@ -115,7 +115,7 @@ class FilesmanagerAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Display view diff --git a/plugins/box/menu/menu.admin.php b/plugins/box/menu/menu.admin.php index de7c30a..626054b 100644 --- a/plugins/box/menu/menu.admin.php +++ b/plugins/box/menu/menu.admin.php @@ -86,7 +86,7 @@ class MenuAdmin extends Backend Request::redirect('index.php?id=menu'); } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } @@ -148,7 +148,7 @@ class MenuAdmin extends Backend Request::redirect('index.php?id=menu'); } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Display view diff --git a/plugins/box/pages/pages.admin.php b/plugins/box/pages/pages.admin.php index 1f34154..afe604a 100755 --- a/plugins/box/pages/pages.admin.php +++ b/plugins/box/pages/pages.admin.php @@ -28,7 +28,7 @@ class PagesAdmin extends Backend $pages = new Table('pages'); $pages->updateWhere('[slug="'.Request::post('slug').'"]', array('expand' => Request::post('expand'))); Request::shutdown(); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } } @@ -123,7 +123,7 @@ class PagesAdmin extends Backend // Redirect Request::redirect('index.php?id=pages'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } break; @@ -198,7 +198,7 @@ class PagesAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } @@ -365,7 +365,7 @@ class PagesAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Get all pages @@ -487,7 +487,7 @@ class PagesAdmin extends Backend // Redirect Request::redirect('index.php?id=pages'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } break; diff --git a/plugins/box/plugins/plugins.admin.php b/plugins/box/plugins/plugins.admin.php index c624c0d..3463fdf 100755 --- a/plugins/box/plugins/plugins.admin.php +++ b/plugins/box/plugins/plugins.admin.php @@ -56,7 +56,7 @@ class PluginsAdmin extends Backend Request::redirect('index.php?id=plugins'); } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Install new plugin @@ -88,7 +88,7 @@ class PluginsAdmin extends Backend Request::redirect('index.php?id=plugins'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Delete plugin from server @@ -100,7 +100,7 @@ class PluginsAdmin extends Backend Dir::delete(PLUGINS . DS . basename(Request::get('delete_plugin_from_server'), '.manifest.xml')); Request::redirect('index.php?id=plugins'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } diff --git a/plugins/box/snippets/snippets.admin.php b/plugins/box/snippets/snippets.admin.php index a3f08c0..f7b0bc2 100755 --- a/plugins/box/snippets/snippets.admin.php +++ b/plugins/box/snippets/snippets.admin.php @@ -50,7 +50,7 @@ class SnippetsAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Save fields if (Request::post('name')) $name = Request::post('name'); else $name = ''; @@ -104,7 +104,7 @@ class SnippetsAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } if (Request::post('name')) $name = Request::post('name'); else $name = File::name(Request::get('filename')); $content = File::getContent($snippets_path.Request::get('filename').'.snippet.php'); @@ -124,7 +124,7 @@ class SnippetsAdmin extends Backend Notification::set('success', __('Snippet :name deleted', 'snippets', array(':name' => File::name(Request::get('filename'))))); Request::redirect('index.php?id=snippets'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } break; } diff --git a/plugins/box/system/system.admin.php b/plugins/box/system/system.admin.php index aec3d07..5cca46d 100755 --- a/plugins/box/system/system.admin.php +++ b/plugins/box/system/system.admin.php @@ -74,7 +74,7 @@ class SystemAdmin extends Backend Request::redirect('index.php?id=system'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } @@ -149,7 +149,7 @@ class SystemAdmin extends Backend Notification::set('success', __('Your changes have been saved.', 'system')); Request::redirect('index.php?id=system'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Its mean that you can add your own actions for this plugin diff --git a/plugins/box/themes/themes.admin.php b/plugins/box/themes/themes.admin.php index 6a364cb..0cd6d9b 100755 --- a/plugins/box/themes/themes.admin.php +++ b/plugins/box/themes/themes.admin.php @@ -42,7 +42,7 @@ class ThemesAdmin extends Backend Request::redirect('index.php?id=themes'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Save site theme @@ -57,7 +57,7 @@ class ThemesAdmin extends Backend Request::redirect('index.php?id=themes'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Its mean that you can add your own actions for this plugin @@ -95,7 +95,7 @@ class ThemesAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Save fields @@ -135,7 +135,7 @@ class ThemesAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Save fields @@ -175,7 +175,7 @@ class ThemesAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Save fields @@ -215,7 +215,7 @@ class ThemesAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Save fields @@ -272,7 +272,7 @@ class ThemesAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } if (Request::post('name')) $name = Request::post('name'); else $name = File::name(Request::get('filename')); $content = File::getContent($chunk_path.Request::get('filename').'.chunk.php'); @@ -328,7 +328,7 @@ class ThemesAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } if (Request::post('name')) $name = Request::post('name'); else $name = File::name(Request::get('filename')); $content = File::getContent($chunk_path.Request::get('filename').'.template.php'); @@ -384,7 +384,7 @@ class ThemesAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } if (Request::post('name')) $name = Request::post('name'); else $name = File::name(Request::get('filename')); $content = File::getContent($style_path.Request::get('filename').'.css'); @@ -440,7 +440,7 @@ class ThemesAdmin extends Backend } } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } if (Request::post('name')) $name = Request::post('name'); else $name = File::name(Request::get('filename')); $content = File::getContent($script_path.Request::get('filename').'.js'); @@ -465,7 +465,7 @@ class ThemesAdmin extends Backend Notification::set('success', __('Chunk :name deleted', 'themes', array(':name' => File::name(Request::get('filename'))))); Request::redirect('index.php?id=themes'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } break; @@ -479,7 +479,7 @@ class ThemesAdmin extends Backend Notification::set('success', __('Styles :name deleted', 'themes', array(':name' => File::name(Request::get('filename'))))); Request::redirect('index.php?id=themes'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } break; @@ -493,7 +493,7 @@ class ThemesAdmin extends Backend Notification::set('success', __('Script :name deleted', 'themes', array(':name' => File::name(Request::get('filename'))))); Request::redirect('index.php?id=themes'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } break; diff --git a/plugins/box/users/users.admin.php b/plugins/box/users/users.admin.php index 7cb0f10..fd1fa6c 100755 --- a/plugins/box/users/users.admin.php +++ b/plugins/box/users/users.admin.php @@ -44,7 +44,7 @@ class UsersAdmin extends Backend Option::update('users_frontend_registration', $users_frontend_registration); Request::redirect('index.php?id=users'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Check for get actions @@ -90,7 +90,7 @@ class UsersAdmin extends Backend Request::redirect('index.php?id=users'); } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Display view @@ -142,7 +142,7 @@ class UsersAdmin extends Backend } } else { } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } @@ -156,7 +156,7 @@ class UsersAdmin extends Backend Request::redirect('index.php?id=users&action=edit&user_id='.Request::post('user_id')); } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } if ( ((int) Session::get('user_id') == (int) Request::get('user_id')) or (in_array(Session::get('user_role'), array('admin')) && count($user) != 0) ) { @@ -194,7 +194,7 @@ class UsersAdmin extends Backend Notification::set('success', __('User :user have been deleted.', 'users', array(':user' => $user['login']))); Request::redirect('index.php?id=users'); - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } diff --git a/plugins/box/users/users.plugin.php b/plugins/box/users/users.plugin.php index 21b882f..777040b 100644 --- a/plugins/box/users/users.plugin.php +++ b/plugins/box/users/users.plugin.php @@ -153,7 +153,7 @@ class Users extends Frontend Request::redirect(Option::get('siteurl').'users/'.Users::$users->lastId()); } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Display view @@ -239,7 +239,7 @@ class Users extends Frontend } } else { } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } @@ -345,7 +345,7 @@ class Users extends Frontend } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } @@ -391,7 +391,7 @@ class Users extends Frontend Notification::setNow('error', __('Wrong username or password', 'users')); } - } else { die('csrf detected!'); } + } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } }