[geeklog-cvs] geeklog: Security token is only need once in this form / list
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Sat Oct 3 13:35:13 EDT 2009
details: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/a8311a63ee0c
changeset: 7350:a8311a63ee0c
user: Dirk Haun <dirk at haun-online.de>
date: Sat Oct 03 16:27:35 2009 +0200
description:
Security token is only need once in this form / list
diffstat:
system/lib-admin.php | 101 ++++++++++++++++++++++++++++----------------------
1 files changed, 57 insertions(+), 44 deletions(-)
diffs (115 lines):
diff -r 97dcb0f29746 -r a8311a63ee0c system/lib-admin.php
--- a/system/lib-admin.php Sat Oct 03 16:23:00 2009 +0200
+++ b/system/lib-admin.php Sat Oct 03 16:27:35 2009 +0200
@@ -987,54 +987,67 @@
{
global $_CONF, $_TABLES, $LANG_ADMIN, $LANG33, $_IMAGE_TYPE;
+ static $added_token;
+
$retval = '';
- switch($fieldname) {
- case 'edit':
- $retval = COM_createLink($icon_arr['edit'],
- "{$_CONF['site_admin_url']}/syndication.php?mode=edit&fid={$A['fid']}");
- break;
- case 'type':
- if ($A['type'] == 'article') {
- $retval = $LANG33[55];
- } else {
- $retval = ucwords($A['type']);
- }
- break;
- case 'format':
- $retval = str_replace ('-' , ' ', ucwords ($A['format']));
- break;
- case 'updated':
- $retval = strftime ($_CONF['daytime'], $A['date']);
- break;
- case 'is_enabled':
- if ($A['is_enabled'] == 1) {
- $switch = ' checked="checked"';
- } else {
- $switch = '';
- }
- $retval = "<input type=\"checkbox\" name=\"enabledfeeds[]\" "
- . "onclick=\"submit()\" value=\"{$A['fid']}\"$switch" . XHTML . ">";
+ switch ($fieldname) {
+ case 'edit':
+ $retval = COM_createLink($icon_arr['edit'],
+ "{$_CONF['site_admin_url']}/syndication.php?mode=edit&fid={$A['fid']}");
+ break;
+
+ case 'type':
+ if ($A['type'] == 'article') {
+ $retval = $LANG33[55];
+ } else {
+ $retval = ucwords($A['type']);
+ }
+ break;
+
+ case 'format':
+ $retval = str_replace('-' , ' ', ucwords($A['format']));
+ break;
+
+ case 'updated':
+ $retval = strftime($_CONF['daytime'], $A['date']);
+ break;
+
+ case 'is_enabled':
+ if ($A['is_enabled'] == 1) {
+ $switch = ' checked="checked"';
+ } else {
+ $switch = '';
+ }
+ $retval = "<input type=\"checkbox\" name=\"enabledfeeds[]\" "
+ . "onclick=\"submit()\" value=\"{$A['fid']}\"$switch" . XHTML . ">";
+ if (! isset($added_token)) {
$retval .= "<input type=\"hidden\" name=\"" . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . ">";
- break;
- case 'header_tid':
- if ($A['header_tid'] == 'all') {
- $retval = $LANG33[43];
- } elseif ($A['header_tid'] == 'none') {
- $retval = $LANG33[44];
- } else {
- $retval = DB_getItem ($_TABLES['topics'], 'topic',
- "tid = '{$A['header_tid']}'");
- }
- break;
- case 'filename':
- $url = SYND_getFeedUrl ();
- $retval = COM_createLink($A['filename'], $url . $A['filename']);
- break;
- default:
- $retval = $fieldvalue;
- break;
+ $added_token = true;
+ }
+ break;
+
+ case 'header_tid':
+ if ($A['header_tid'] == 'all') {
+ $retval = $LANG33[43];
+ } elseif ($A['header_tid'] == 'none') {
+ $retval = $LANG33[44];
+ } else {
+ $retval = DB_getItem($_TABLES['topics'], 'topic',
+ "tid = '{$A['header_tid']}'");
+ }
+ break;
+
+ case 'filename':
+ $url = SYND_getFeedUrl();
+ $retval = COM_createLink($A['filename'], $url . $A['filename']);
+ break;
+
+ default:
+ $retval = $fieldvalue;
+ break;
}
+
return $retval;
}
More information about the geeklog-cvs
mailing list