Changeset 4540


Ignore:
Timestamp:
12/21/09 14:21:29 (10 years ago)
Author:
patdenice
Message:

[Plugin] [PWG Stuffs]
Implement check_pwg_token for last comments block.

Location:
extensions/PWG_Stuffs
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • extensions/PWG_Stuffs/admin/functions.inc.php

    r3609 r4540  
    55        $dir = opendir(STUFFS_PATH . 'modules/'); 
    66    while ($file = readdir($dir)) { 
    7         if ($file != '.' and $file != '..') { 
     7        if ($file != '.' and $file != '..' and $file != '.svn') { 
    88            $path = STUFFS_PATH . 'modules/' . $file; 
    99            if (is_dir($path) and !is_link($path)) { 
  • extensions/PWG_Stuffs/modules/LastComs/main.inc.php

    r4539 r4540  
    1111{ 
    1212    check_status(ACCESS_ADMINISTRATOR); 
     13    check_pwg_token(); 
    1314    $query = ' 
    1415DELETE FROM ' . COMMENTS_TABLE . ' 
     
    2223{ 
    2324    check_status(ACCESS_ADMINISTRATOR); 
     25    check_pwg_token(); 
    2426    $query = ' 
    2527UPDATE ' . COMMENTS_TABLE . ' 
     
    154156    { 
    155157      $url = get_root_url().'index.php'.get_query_string_diff(array('delete','validate')); 
    156       $tpl_comment['U_DELETE'] = add_url_params($url, 
    157                           array('delete'=>$comment['comment_id']) 
    158                          ); 
     158      $tpl_comment['U_DELETE'] = add_url_params($url, array( 
     159            'delete' => $comment['comment_id'], 
     160            'pwg_token' => get_pwg_token())); 
    159161 
    160       if ($comment['validated'] != 'true') 
     162            if ($comment['validated'] != 'true') 
    161163      { 
    162         $tpl_comment['U_VALIDATE'] = add_url_params($url, 
    163                             array('validate'=>$comment['comment_id']) 
    164                            ); 
     164        $tpl_comment['U_VALIDATE'] = add_url_params($url, array( 
     165            'validate' => $comment['comment_id'], 
     166            'pwg_token' => get_pwg_token())); 
    165167      } 
    166168    } 
     
    172174      $tpl_comment['U_EDIT'] = add_url_params(get_root_url() . 'index.php', array( 
    173175            CE_ACTION => CE_ACTION_EDIT, 
    174             CE_ID => $comment['comment_id'])); 
     176            CE_ID => $comment['comment_id'], 
     177            'pwg_token' => get_pwg_token())); 
    175178    } 
    176179    array_push($block['comments'], $tpl_comment); 
  • extensions/PWG_Stuffs/template/LastComs.tpl

    r4539 r4540  
    3232      {/if} 
    3333      <span class="author">{$comment.AUTHOR}</span> - <span class="date">{$comment.DATE}</span> 
    34       {if !empty($comment.U_EDIT)}- <a href="{$comment.U_EDIT}">{'ce_edit_tool'|@translate}{/if} 
     34      {if !empty($comment.U_EDIT)}- <a href="{$comment.U_EDIT}">{'ce_edit_tool'|@translate}</a>{/if} 
    3535      <blockquote>{$comment.CONTENT}</blockquote> 
    3636    </div> 
Note: See TracChangeset for help on using the changeset viewer.