[geeklog-cvs] Geeklog-1.x/public_html/admin/plugins/staticpages index.php, 1.91, 1.92
Michael Jervis
mjervis at qs1489.pair.com
Sat May 3 11:09:15 EDT 2008
Update of /cvsroot/geeklog/Geeklog-1.x/public_html/admin/plugins/staticpages
In directory qs1489.pair.com:/tmp/cvs-serv3704/public_html/admin/plugins/staticpages
Modified Files:
index.php
Log Message:
Static pages, moderation, configration - Security hardenning.
Index: index.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/public_html/admin/plugins/staticpages/index.php,v
retrieving revision 1.91
retrieving revision 1.92
diff -C2 -d -r1.91 -r1.92
*** index.php 15 Mar 2008 20:37:34 -0000 1.91
--- index.php 3 May 2008 15:09:13 -0000 1.92
***************
*** 371,374 ****
--- 371,376 ----
COM_endBlock (COM_getBlockTemplate ('_admin_block', 'footer')));
$sp_template->set_var( 'xhtml', XHTML );
+ $sp_template->set_var( 'gltoken_name', CSRF_TOKEN );
+ $sp_template->set_var( 'gltoken', SEC_createToken() );
$retval .= $sp_template->parse('output','form');
}
***************
*** 552,556 ****
$display = '';
! if (($mode == $LANG_ADMIN['delete']) && !empty ($LANG_ADMIN['delete'])) {
if (empty ($sp_id) || (is_numeric ($sp_id) && ($sp_id == 0))) {
COM_errorLog ('Attempted to delete static page sp_id=' . $sp_id);
--- 554,558 ----
$display = '';
! if (($mode == $LANG_ADMIN['delete']) && !empty ($LANG_ADMIN['delete']) && SEC_checkToken()) {
if (empty ($sp_id) || (is_numeric ($sp_id) && ($sp_id == 0))) {
COM_errorLog ('Attempted to delete static page sp_id=' . $sp_id);
***************
*** 577,581 ****
$display = COM_refresh ($_CONF['site_admin_url'] . '/index.php');
}
! } else if (($mode == $LANG_ADMIN['save']) && !empty ($LANG_ADMIN['save'])) {
if (!empty ($sp_id)) {
if (!isset ($_POST['sp_onmenu'])) {
--- 579,583 ----
$display = COM_refresh ($_CONF['site_admin_url'] . '/index.php');
}
! } else if (($mode == $LANG_ADMIN['save']) && !empty ($LANG_ADMIN['save']) && SEC_checkToken()) {
if (!empty ($sp_id)) {
if (!isset ($_POST['sp_onmenu'])) {
More information about the geeklog-cvs
mailing list