Changeset 4540 for extensions/PWG_Stuffs/modules/LastComs/main.inc.php
- Timestamp:
- Dec 21, 2009, 2:21:29 PM (14 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/PWG_Stuffs/modules/LastComs/main.inc.php
r4539 r4540 11 11 { 12 12 check_status(ACCESS_ADMINISTRATOR); 13 check_pwg_token(); 13 14 $query = ' 14 15 DELETE FROM ' . COMMENTS_TABLE . ' … … 22 23 { 23 24 check_status(ACCESS_ADMINISTRATOR); 25 check_pwg_token(); 24 26 $query = ' 25 27 UPDATE ' . COMMENTS_TABLE . ' … … 154 156 { 155 157 $url = get_root_url().'index.php'.get_query_string_diff(array('delete','validate')); 156 $tpl_comment['U_DELETE'] = add_url_params($url, 157 array('delete'=>$comment['comment_id'])158 158 $tpl_comment['U_DELETE'] = add_url_params($url, array( 159 'delete' => $comment['comment_id'], 160 'pwg_token' => get_pwg_token())); 159 161 160 if ($comment['validated'] != 'true')162 if ($comment['validated'] != 'true') 161 163 { 162 $tpl_comment['U_VALIDATE'] = add_url_params($url, 163 array('validate'=>$comment['comment_id'])164 164 $tpl_comment['U_VALIDATE'] = add_url_params($url, array( 165 'validate' => $comment['comment_id'], 166 'pwg_token' => get_pwg_token())); 165 167 } 166 168 } … … 172 174 $tpl_comment['U_EDIT'] = add_url_params(get_root_url() . 'index.php', array( 173 175 CE_ACTION => CE_ACTION_EDIT, 174 CE_ID => $comment['comment_id'])); 176 CE_ID => $comment['comment_id'], 177 'pwg_token' => get_pwg_token())); 175 178 } 176 179 array_push($block['comments'], $tpl_comment);
Note: See TracChangeset
for help on using the changeset viewer.