[geeklog-cvs] geeklog: Security token is only need once in this form / list
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Sat Oct 3 13:35:14 EDT 2009
details: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/d9d8f9519bcc
changeset: 7351:d9d8f9519bcc
user: Dirk Haun <dirk at haun-online.de>
date: Sat Oct 03 16:32:24 2009 +0200
description:
Security token is only need once in this form / list
diffstat:
system/lib-admin.php | 67 +++++++++++++++++++--------------
1 files changed, 38 insertions(+), 29 deletions(-)
diffs (82 lines):
diff -r a8311a63ee0c -r d9d8f9519bcc system/lib-admin.php
--- a/system/lib-admin.php Sat Oct 03 16:27:35 2009 +0200
+++ b/system/lib-admin.php Sat Oct 03 16:32:24 2009 +0200
@@ -1221,40 +1221,49 @@
{
global $_CONF, $LANG_TRB;
+ static $added_token;
+
$retval = '';
switch($fieldname) {
- case "edit":
- $retval = COM_createLink($icon_arr['edit'],
- "{$_CONF['site_admin_url']}/trackback.php?mode=editservice&service_id={$A['pid']}");
- break;
- case "name":
- $retval = COM_createLink($A['name'], $A['site_url']);
- break;
- case "method":
- if ($A['method'] == 'weblogUpdates.ping') {
- $retval = $LANG_TRB['ping_standard'];
- } else if ($A['method'] == 'weblogUpdates.extendedPing') {
- $retval = $LANG_TRB['ping_extended'];
- } else {
- $retval = '<span class="warningsmall">' .
- $LANG_TRB['ping_unknown'] . '</span>';
- }
- break;
- case "is_enabled":
- if ($A['is_enabled'] == 1) {
- $switch = ' checked="checked"';
- } else {
- $switch = '';
- }
- $retval = "<input type=\"checkbox\" name=\"changedservices[]\" "
- . "onclick=\"submit()\" value=\"{$A['pid']}\"$switch" . XHTML . ">";
+ case 'edit':
+ $retval = COM_createLink($icon_arr['edit'],
+ "{$_CONF['site_admin_url']}/trackback.php?mode=editservice&service_id={$A['pid']}");
+ break;
+
+ case 'name':
+ $retval = COM_createLink($A['name'], $A['site_url']);
+ break;
+
+ case 'method':
+ if ($A['method'] == 'weblogUpdates.ping') {
+ $retval = $LANG_TRB['ping_standard'];
+ } else if ($A['method'] == 'weblogUpdates.extendedPing') {
+ $retval = $LANG_TRB['ping_extended'];
+ } else {
+ $retval = '<span class="warningsmall">' . $LANG_TRB['ping_unknown']
+ . '</span>';
+ }
+ break;
+
+ case 'is_enabled':
+ if ($A['is_enabled'] == 1) {
+ $switch = ' checked="checked"';
+ } else {
+ $switch = '';
+ }
+ $retval = "<input type=\"checkbox\" name=\"changedservices[]\" "
+ . "onclick=\"submit()\" value=\"{$A['pid']}\"$switch" . XHTML . ">";
+ if (! isset($added_token)) {
$retval .= "<input type=\"hidden\" name=\"" . CSRF_TOKEN
. "\" value=\"{$token}\"" . XHTML . ">";
- break;
- default:
- $retval = $fieldvalue;
- break;
+ $added_token = true;
+ }
+ break;
+
+ default:
+ $retval = $fieldvalue;
+ break;
}
return $retval;
More information about the geeklog-cvs
mailing list