mirror of
https://github.com/monstra-cms/monstra.git
synced 2025-07-31 18:30:20 +02:00
CSRF detection text - updated #84
This commit is contained in:
Awilum
@@ -51,7 +51,7 @@ class BlocksAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Save fields
|
||||
@@ -106,7 +106,7 @@ class BlocksAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
if (Request::post('name')) $name = Request::post('name'); else $name = File::name(Request::get('filename'));
|
||||
if (Request::post('editor')) $content = Request::post('editor'); else $content = File::getContent($blocks_path.Request::get('filename').'.block.html');
|
||||
@@ -126,7 +126,7 @@ class BlocksAdmin extends Backend
|
||||
Notification::set('success', __('Block <i>:name</i> deleted', 'blocks', array(':name' => File::name(Request::get('filename')))));
|
||||
Request::redirect('index.php?id=blocks');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
@@ -87,7 +87,7 @@ class FilesmanagerAdmin extends Backend
|
||||
File::delete($files_path.Request::get('delete_file'));
|
||||
Request::redirect($site_url.'admin/index.php?id=filesmanager&path='.$path);
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Delete dir
|
||||
@@ -99,7 +99,7 @@ class FilesmanagerAdmin extends Backend
|
||||
Dir::delete($files_path.Request::get('delete_dir'));
|
||||
Request::redirect($site_url.'admin/index.php?id=filesmanager&path='.$path);
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Upload file
|
||||
@@ -115,7 +115,7 @@ class FilesmanagerAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Display view
|
||||
|
||||
@@ -86,7 +86,7 @@ class MenuAdmin extends Backend
|
||||
Request::redirect('index.php?id=menu');
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
}
|
||||
|
||||
@@ -148,7 +148,7 @@ class MenuAdmin extends Backend
|
||||
Request::redirect('index.php?id=menu');
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Display view
|
||||
|
||||
@@ -28,7 +28,7 @@ class PagesAdmin extends Backend
|
||||
$pages = new Table('pages');
|
||||
$pages->updateWhere('[slug="'.Request::post('slug').'"]', array('expand' => Request::post('expand')));
|
||||
Request::shutdown();
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -123,7 +123,7 @@ class PagesAdmin extends Backend
|
||||
// Redirect
|
||||
Request::redirect('index.php?id=pages');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
break;
|
||||
|
||||
@@ -198,7 +198,7 @@ class PagesAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
}
|
||||
|
||||
@@ -365,7 +365,7 @@ class PagesAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Get all pages
|
||||
@@ -487,7 +487,7 @@ class PagesAdmin extends Backend
|
||||
// Redirect
|
||||
Request::redirect('index.php?id=pages');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
break;
|
||||
|
||||
@@ -56,7 +56,7 @@ class PluginsAdmin extends Backend
|
||||
Request::redirect('index.php?id=plugins');
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Install new plugin
|
||||
@@ -88,7 +88,7 @@ class PluginsAdmin extends Backend
|
||||
|
||||
Request::redirect('index.php?id=plugins');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Delete plugin from server
|
||||
@@ -100,7 +100,7 @@ class PluginsAdmin extends Backend
|
||||
Dir::delete(PLUGINS . DS . basename(Request::get('delete_plugin_from_server'), '.manifest.xml'));
|
||||
Request::redirect('index.php?id=plugins');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -50,7 +50,7 @@ class SnippetsAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
// Save fields
|
||||
if (Request::post('name')) $name = Request::post('name'); else $name = '';
|
||||
@@ -104,7 +104,7 @@ class SnippetsAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
if (Request::post('name')) $name = Request::post('name'); else $name = File::name(Request::get('filename'));
|
||||
$content = File::getContent($snippets_path.Request::get('filename').'.snippet.php');
|
||||
@@ -124,7 +124,7 @@ class SnippetsAdmin extends Backend
|
||||
Notification::set('success', __('Snippet <i>:name</i> deleted', 'snippets', array(':name' => File::name(Request::get('filename')))));
|
||||
Request::redirect('index.php?id=snippets');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
@@ -74,7 +74,7 @@ class SystemAdmin extends Backend
|
||||
|
||||
Request::redirect('index.php?id=system');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
}
|
||||
|
||||
@@ -149,7 +149,7 @@ class SystemAdmin extends Backend
|
||||
Notification::set('success', __('Your changes have been saved.', 'system'));
|
||||
Request::redirect('index.php?id=system');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Its mean that you can add your own actions for this plugin
|
||||
|
||||
@@ -42,7 +42,7 @@ class ThemesAdmin extends Backend
|
||||
|
||||
Request::redirect('index.php?id=themes');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Save site theme
|
||||
@@ -57,7 +57,7 @@ class ThemesAdmin extends Backend
|
||||
|
||||
Request::redirect('index.php?id=themes');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Its mean that you can add your own actions for this plugin
|
||||
@@ -95,7 +95,7 @@ class ThemesAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Save fields
|
||||
@@ -135,7 +135,7 @@ class ThemesAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Save fields
|
||||
@@ -175,7 +175,7 @@ class ThemesAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Save fields
|
||||
@@ -215,7 +215,7 @@ class ThemesAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Save fields
|
||||
@@ -272,7 +272,7 @@ class ThemesAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
if (Request::post('name')) $name = Request::post('name'); else $name = File::name(Request::get('filename'));
|
||||
$content = File::getContent($chunk_path.Request::get('filename').'.chunk.php');
|
||||
@@ -328,7 +328,7 @@ class ThemesAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
if (Request::post('name')) $name = Request::post('name'); else $name = File::name(Request::get('filename'));
|
||||
$content = File::getContent($chunk_path.Request::get('filename').'.template.php');
|
||||
@@ -384,7 +384,7 @@ class ThemesAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
if (Request::post('name')) $name = Request::post('name'); else $name = File::name(Request::get('filename'));
|
||||
$content = File::getContent($style_path.Request::get('filename').'.css');
|
||||
@@ -440,7 +440,7 @@ class ThemesAdmin extends Backend
|
||||
}
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
if (Request::post('name')) $name = Request::post('name'); else $name = File::name(Request::get('filename'));
|
||||
$content = File::getContent($script_path.Request::get('filename').'.js');
|
||||
@@ -465,7 +465,7 @@ class ThemesAdmin extends Backend
|
||||
Notification::set('success', __('Chunk <i>:name</i> deleted', 'themes', array(':name' => File::name(Request::get('filename')))));
|
||||
Request::redirect('index.php?id=themes');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
break;
|
||||
|
||||
@@ -479,7 +479,7 @@ class ThemesAdmin extends Backend
|
||||
Notification::set('success', __('Styles <i>:name</i> deleted', 'themes', array(':name' => File::name(Request::get('filename')))));
|
||||
Request::redirect('index.php?id=themes');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
break;
|
||||
|
||||
@@ -493,7 +493,7 @@ class ThemesAdmin extends Backend
|
||||
Notification::set('success', __('Script <i>:name</i> deleted', 'themes', array(':name' => File::name(Request::get('filename')))));
|
||||
Request::redirect('index.php?id=themes');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
break;
|
||||
|
||||
|
||||
@@ -44,7 +44,7 @@ class UsersAdmin extends Backend
|
||||
Option::update('users_frontend_registration', $users_frontend_registration);
|
||||
Request::redirect('index.php?id=users');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Check for get actions
|
||||
@@ -90,7 +90,7 @@ class UsersAdmin extends Backend
|
||||
Request::redirect('index.php?id=users');
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Display view
|
||||
@@ -142,7 +142,7 @@ class UsersAdmin extends Backend
|
||||
}
|
||||
} else { }
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
}
|
||||
|
||||
@@ -156,7 +156,7 @@ class UsersAdmin extends Backend
|
||||
Request::redirect('index.php?id=users&action=edit&user_id='.Request::post('user_id'));
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
if ( ((int) Session::get('user_id') == (int) Request::get('user_id')) or (in_array(Session::get('user_role'), array('admin')) && count($user) != 0) ) {
|
||||
@@ -194,7 +194,7 @@ class UsersAdmin extends Backend
|
||||
Notification::set('success', __('User <i>:user</i> have been deleted.', 'users', array(':user' => $user['login'])));
|
||||
Request::redirect('index.php?id=users');
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -153,7 +153,7 @@ class Users extends Frontend
|
||||
Request::redirect(Option::get('siteurl').'users/'.Users::$users->lastId());
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
|
||||
// Display view
|
||||
@@ -239,7 +239,7 @@ class Users extends Frontend
|
||||
}
|
||||
} else { }
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
}
|
||||
|
||||
@@ -345,7 +345,7 @@ class Users extends Frontend
|
||||
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
}
|
||||
|
||||
@@ -391,7 +391,7 @@ class Users extends Frontend
|
||||
Notification::setNow('error', __('Wrong <b>username</b> or <b>password</b>', 'users'));
|
||||
}
|
||||
|
||||
} else { die('csrf detected!'); }
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user