mirror of
https://github.com/moodle/moodle.git
synced 2025-01-19 06:18:28 +01:00
Changed some sesskey behaviours SC#73 (admin part)
This commit is contained in:
stronk7
parent
7a0a2f49fc
commit
4530d4372a
@ -15,17 +15,13 @@
|
||||
error("Site isn't defined!");
|
||||
}
|
||||
|
||||
if (!confirm_sesskey()) {
|
||||
error(get_string('confirmsesskeybad', 'error'));
|
||||
}
|
||||
|
||||
//Initialise error variables
|
||||
$error = false;
|
||||
$sche_destination_error = "";
|
||||
|
||||
/// If data submitted, then process and store.
|
||||
|
||||
if ($config = data_submitted()) {
|
||||
if (($config = data_submitted()) && confirm_sesskey()) {
|
||||
|
||||
//First of all we check that everything is correct
|
||||
//Check for trailing slash and backslash in backup_sche_destination
|
||||
|
||||
@ -37,7 +37,7 @@
|
||||
$table->data[] = array("<strong><a href=\"filters.php\">". get_string('managefilters') .'</a></strong>',
|
||||
get_string('adminhelpmanagefilters'));
|
||||
if (!isset($CFG->disablescheduledbackups)) {
|
||||
$table->data[] = array("<strong><a href=\"backup.php?sesskey=$USER->sesskey\">".get_string("backup")."</a></strong>",
|
||||
$table->data[] = array("<strong><a href=\"backup.php\">".get_string("backup")."</a></strong>",
|
||||
get_string('adminhelpbackup'));
|
||||
}
|
||||
|
||||
|
||||
@ -16,10 +16,6 @@
|
||||
error("Only administrators can use this page!");
|
||||
}
|
||||
|
||||
if (!confirm_sesskey()) {
|
||||
error(get_string('confirmsesskeybad', 'error'));
|
||||
}
|
||||
|
||||
if (!$site = get_site()) {
|
||||
error("Site isn't defined!");
|
||||
}
|
||||
@ -86,22 +82,23 @@
|
||||
/// If data submitted, then process and store.
|
||||
|
||||
if (!empty($options)) {
|
||||
if ($config = data_submitted()) {
|
||||
if (($config = data_submitted()) && confirm_sesskey()) {
|
||||
unset($config->options);
|
||||
unset($config->sesskey);
|
||||
foreach ($config as $name => $value) {
|
||||
set_config($name, $value);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!empty($add) and !empty($uselect)) {
|
||||
if (!empty($add) and !empty($uselect) and confirm_sesskey()) {
|
||||
$selectedfilter = $uselect;
|
||||
if (!in_array($selectedfilter, $installedfilters)) {
|
||||
$installedfilters[] = $selectedfilter;
|
||||
set_config("textfilters", implode(',', $installedfilters));
|
||||
}
|
||||
|
||||
} else if (!empty($remove) and !empty($iselect)) {
|
||||
} else if (!empty($remove) and !empty($iselect) and confirm_sesskey()) {
|
||||
$selectedfilter = $iselect;
|
||||
foreach ($installedfilters as $key => $installedfilter) {
|
||||
if ($installedfilter == $selectedfilter) {
|
||||
@ -110,7 +107,7 @@
|
||||
}
|
||||
set_config("textfilters", implode(',', $installedfilters));
|
||||
|
||||
} else if ((!empty($up) or !empty($down)) and !empty($iselect)) {
|
||||
} else if ((!empty($up) or !empty($down)) and !empty($iselect) and confirm_sesskey()) {
|
||||
|
||||
if (!empty($up)) {
|
||||
if ($allfilters[$iselect]) {
|
||||
|
||||
@ -29,7 +29,6 @@
|
||||
$title = $strmissingstrings;
|
||||
$button = '<form target="'.$CFG->framename.'" method="get" action="'.$CFG->wwwroot.'/'.$CFG->admin.'/lang.php">'.
|
||||
'<input type="hidden" name="mode" value="compare" />'.
|
||||
'<input type="hidden" name="sesskey" value="'.$USER->sesskey.'" />'.
|
||||
'<input type="submit" value="'.$strcomparelanguage.'" /></form>';
|
||||
break;
|
||||
case "compare":
|
||||
@ -37,7 +36,6 @@
|
||||
$title = $strcomparelanguage;
|
||||
$button = '<form target="'.$CFG->framename.'" method="get" action="'.$CFG->wwwroot.'/'.$CFG->admin.'/lang.php">'.
|
||||
'<input type="hidden" name="mode" value="missing" />'.
|
||||
'<input type="hidden" name="sesskey" value="'.$USER->sesskey.'" />'.
|
||||
'<input type="submit" value="'.$strmissingstrings.'" /></form>';
|
||||
break;
|
||||
default:
|
||||
@ -62,8 +60,8 @@
|
||||
echo "</td><td>";
|
||||
echo popup_form ("$CFG->wwwroot/$CFG->admin/lang.php?lang=", $langs, "chooselang", $currlang, "", "", "", true);
|
||||
echo "</td></tr></table>";
|
||||
print_heading("<a href=\"lang.php?mode=missing&sesskey=$USER->sesskey\">$strmissingstrings</a>");
|
||||
print_heading("<a href=\"lang.php?mode=compare&sesskey=$USER->sesskey\">$strcomparelanguage</a>");
|
||||
print_heading("<a href=\"lang.php?mode=missing\">$strmissingstrings</a>");
|
||||
print_heading("<a href=\"lang.php?mode=compare\">$strcomparelanguage</a>");
|
||||
echo "<center><hr noshade=\"noshade\" size=\"1\" />";
|
||||
$options["lang"] = $currentlang;
|
||||
print_single_button("http://moodle.org/download/lang/", $options, get_string("latestlanguagepack"));
|
||||
@ -87,7 +85,7 @@
|
||||
}
|
||||
}
|
||||
|
||||
if ($mode == "missing" and confirm_sesskey()) {
|
||||
if ($mode == "missing") {
|
||||
// For each file, check that a counterpart exists, then check all the strings
|
||||
|
||||
foreach ($stringfiles as $file) {
|
||||
@ -153,15 +151,18 @@
|
||||
notice(get_string("languagegood"), "lang.php");
|
||||
}
|
||||
|
||||
} else if ($mode == "compare" and confirm_sesskey()) {
|
||||
} else if ($mode == "compare") {
|
||||
|
||||
if (isset($_POST['currentfile'])){ // Save a file
|
||||
if (!confirm_sesskey()) {
|
||||
error(get_string('confirmsesskeybad', 'error'));
|
||||
}
|
||||
$newstrings = $_POST;
|
||||
unset($newstrings['currentfile']);
|
||||
if (lang_save_file($langdir, $currentfile, $newstrings)) {
|
||||
notify(get_string("changessaved")." ($langdir/$currentfile)", "green");
|
||||
} else {
|
||||
error("Could not save the file '$currentfile'!", "lang.php?mode=compare&currentfile=$currentfile&sesskey=$USER->sesskey");
|
||||
error("Could not save the file '$currentfile'!", "lang.php?mode=compare&currentfile=$currentfile");
|
||||
}
|
||||
}
|
||||
|
||||
@ -173,7 +174,7 @@
|
||||
if ($file == $currentfile) {
|
||||
echo "<b>$file</b> ";
|
||||
} else {
|
||||
echo "<a href=\"lang.php?mode=compare¤tfile=$file&sesskey=$USER->sesskey\">$file</a> ";
|
||||
echo "<a href=\"lang.php?mode=compare¤tfile=$file\">$file</a> ";
|
||||
}
|
||||
}
|
||||
echo '</font></center>';
|
||||
@ -216,7 +217,6 @@
|
||||
|
||||
if ($editable) {
|
||||
echo "<form name=\"$currentfile\" action=\"lang.php\" method=\"post\">";
|
||||
echo '<input type="hidden" name="sesskey" value="'.$USER->sesskey.'" />';
|
||||
}
|
||||
echo "<table width=\"100%\" cellpadding=\"2\" cellspacing=\"3\" border=\"0\">";
|
||||
foreach ($enstring as $key => $envalue) {
|
||||
@ -266,6 +266,7 @@
|
||||
}
|
||||
if ($editable) {
|
||||
echo "<tr><td colspan=\"2\"> <td><br />";
|
||||
echo '<input type="hidden" name="sesskey" value="'.$USER->sesskey.'" />';
|
||||
echo " <input type=\"hidden\" name=\"currentfile\" value=\"$currentfile\">";
|
||||
echo " <input type=\"hidden\" name=\"mode\" value=\"compare\">";
|
||||
echo " <input type=\"submit\" name=\"update\" value=\"".get_string("savechanges").": $currentfile\">";
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user