Changeset 4540 for extensions/PWG_Stuffs/modules/LastComs/main.inc.php

Timestamp:

Dec 21, 2009, 2:21:29 PM (14 years ago)

Author:

patdenice

Message:

[Plugin] [PWG Stuffs]
Implement check_pwg_token for last comments block.

File:

• extensions/PWG_Stuffs/modules/LastComs/main.inc.php (modified) (4 diffs)

extensions/PWG_Stuffs/modules/LastComs/main.inc.php

@@ -11 +11 @@
 {
     check_status(ACCESS_ADMINISTRATOR);
+    check_pwg_token();
     $query = '
 DELETE FROM ' . COMMENTS_TABLE . '
@@ -22 +23 @@
 {
     check_status(ACCESS_ADMINISTRATOR);
+    check_pwg_token();
     $query = '
 UPDATE ' . COMMENTS_TABLE . '
@@ -154 +156 @@
     {
       $url = get_root_url().'index.php'.get_query_string_diff(array('delete','validate'));
-      $tpl_comment['U_DELETE'] = add_url_params($url,
-                          array('delete'=>$comment['comment_id'])
-                         );
+      $tpl_comment['U_DELETE'] = add_url_params($url, array(
+            'delete' => $comment['comment_id'],
+            'pwg_token' => get_pwg_token()));
 
-      if ($comment['validated'] != 'true')
+            if ($comment['validated'] != 'true')
       {
-        $tpl_comment['U_VALIDATE'] = add_url_params($url,
-                            array('validate'=>$comment['comment_id'])
-                           );
+        $tpl_comment['U_VALIDATE'] = add_url_params($url, array(
+            'validate' => $comment['comment_id'],
+            'pwg_token' => get_pwg_token()));
       }
     }
@@ -172 +174 @@
       $tpl_comment['U_EDIT'] = add_url_params(get_root_url() . 'index.php', array(
             CE_ACTION => CE_ACTION_EDIT,
-            CE_ID => $comment['comment_id']));
+            CE_ID => $comment['comment_id'],
+            'pwg_token' => get_pwg_token()));
     }
     array_push($block['comments'], $tpl_comment);