- Timestamp:
- Jan 15, 2006, 2:49:29 PM (18 years ago)
- Location:
- branches/branch-1_5
- Files:
-
- 42 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/branch-1_5/about.php
r1003 r1005 46 46 $template->assign_vars( 47 47 array( 48 'U_HOME' => PHPWG_ROOT_PATH.'category.php'48 'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php') 49 49 ) 50 50 ); -
branches/branch-1_5/admin.php
r1003 r1005 66 66 $template->assign_vars( 67 67 array( 68 'U_HISTORY'=> $link_start.'stats',69 'U_FAQ'=> $link_start.'help',70 'U_SITES'=> $link_start.'remote_site',71 'U_MAINTENANCE'=> $link_start.'maintenance',72 'U_CONFIG_GENERAL'=> $conf_link.'general',73 'U_CONFIG_COMMENTS'=> $conf_link.'comments',74 'U_CONFIG_DISPLAY'=> $conf_link.'default',75 'U_CATEGORIES'=> $link_start.'cat_list',76 'U_MOVE'=> $link_start.'cat_move',77 'U_CAT_UPLOAD'=> $opt_link.'upload',78 'U_CAT_COMMENTS'=> $opt_link.'comments',79 'U_CAT_VISIBLE'=> $opt_link.'visible',80 'U_CAT_STATUS'=> $opt_link.'status',81 'U_CAT_OPTIONS'=> $link_start.'cat_options',82 'U_CAT_UPDATE'=> $link_start.'update',83 'U_WAITING'=> $link_start.'waiting',84 'U_COMMENTS'=> $link_start.'comments',85 'U_CADDIE'=> $link_start.'element_set&cat=caddie',86 'U_THUMBNAILS'=> $link_start.'thumbnail',87 'U_USERS'=> $link_start.'user_list',88 'U_GROUPS'=> $link_start.'group_list',89 'U_ADMIN'=> PHPWG_ROOT_PATH.'admin.php',90 'U_RETURN'=> PHPWG_ROOT_PATH.'category.php'68 'U_HISTORY'=>add_session_id($link_start.'stats' ), 69 'U_FAQ'=>add_session_id($link_start.'help' ), 70 'U_SITES'=>add_session_id($link_start.'remote_site'), 71 'U_MAINTENANCE'=>add_session_id($link_start.'maintenance'), 72 'U_CONFIG_GENERAL'=>add_session_id($conf_link.'general' ), 73 'U_CONFIG_COMMENTS'=>add_session_id($conf_link.'comments' ), 74 'U_CONFIG_DISPLAY'=>add_session_id($conf_link.'default' ), 75 'U_CATEGORIES'=>add_session_id($link_start.'cat_list' ), 76 'U_MOVE'=>add_session_id($link_start.'cat_move' ), 77 'U_CAT_UPLOAD'=>add_session_id($opt_link.'upload'), 78 'U_CAT_COMMENTS'=>add_session_id($opt_link.'comments'), 79 'U_CAT_VISIBLE'=>add_session_id($opt_link.'visible'), 80 'U_CAT_STATUS'=>add_session_id($opt_link.'status'), 81 'U_CAT_OPTIONS'=>add_session_id($link_start.'cat_options'), 82 'U_CAT_UPDATE'=>add_session_id($link_start.'update'), 83 'U_WAITING'=>add_session_id($link_start.'waiting' ), 84 'U_COMMENTS'=>add_session_id($link_start.'comments' ), 85 'U_CADDIE'=>add_session_id($link_start.'element_set&cat=caddie'), 86 'U_THUMBNAILS'=>add_session_id($link_start.'thumbnail' ), 87 'U_USERS'=>add_session_id($link_start.'user_list' ), 88 'U_GROUPS'=>add_session_id($link_start.'group_list' ), 89 'U_ADMIN'=>add_session_id( PHPWG_ROOT_PATH.'admin.php' ), 90 'U_RETURN'=>add_session_id(PHPWG_ROOT_PATH.'category.php') 91 91 ) 92 92 ); … … 97 97 'representative', 98 98 array( 99 'URL' => $opt_link.'representative'99 'URL' => add_session_id($opt_link.'representative') 100 100 ) 101 101 ); -
branches/branch-1_5/admin/cat_list.php
r1003 r1005 66 66 67 67 $base_url = PHPWG_ROOT_PATH.'admin.php?page=cat_list'; 68 $navigation = '<a class="" href="'. $base_url.'">';68 $navigation = '<a class="" href="'.add_session_id($base_url).'">'; 69 69 $navigation.= $lang['home']; 70 70 $navigation.= '</a>'; … … 239 239 'CATEGORIES_NAV'=>$navigation, 240 240 'NEXT_RANK'=>$next_rank, 241 'F_ACTION'=> $form_action,241 'F_ACTION'=>add_session_id($form_action), 242 242 243 243 'L_ADD_VIRTUAL'=>$lang['cat_add'], … … 318 318 'RANK'=>$category['rank']*10, 319 319 320 'U_JUMPTO'=>PHPWG_ROOT_PATH.'category.php?cat='.$category['id'], 321 'U_CHILDREN'=>$cat_list_url.'&parent_id='.$category['id'], 322 'U_EDIT'=>$base_url.'cat_modify&cat_id='.$category['id'] 320 'U_JUMPTO'=> 321 add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$category['id']), 322 323 'U_CHILDREN'=> 324 add_session_id($cat_list_url.'&parent_id='.$category['id']), 325 326 'U_EDIT'=> 327 add_session_id($base_url.'cat_modify&cat_id='.$category['id']) 323 328 ) 324 329 ); … … 329 334 'category.delete', 330 335 array( 331 'URL'=> $self_url.'&delete='.$category['id']336 'URL'=>add_session_id($self_url.'&delete='.$category['id']) 332 337 ) 333 338 ); … … 339 344 'category.elements', 340 345 array( 341 'URL'=> $base_url.'element_set&cat='.$category['id']346 'URL'=>add_session_id($base_url.'element_set&cat='.$category['id']) 342 347 ) 343 348 ); … … 349 354 'category.permissions', 350 355 array( 351 'URL'=> $base_url.'cat_perm&cat='.$category['id']356 'URL'=>add_session_id($base_url.'cat_perm&cat='.$category['id']) 352 357 ) 353 358 ); -
branches/branch-1_5/admin/cat_modify.php
r1003 r1005 172 172 'L_SET_RANDOM_REPRESENTANT'=>$lang['cat_representant'], 173 173 174 'U_JUMPTO'=>PHPWG_ROOT_PATH.'category.php?cat='.$category['id'], 175 'U_CHILDREN'=>$cat_list_url.'&parent_id='.$category['id'], 174 'U_JUMPTO'=> 175 add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$category['id']), 176 'U_CHILDREN'=> 177 add_session_id($cat_list_url.'&parent_id='.$category['id']), 176 178 'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_modify', 177 179 178 'F_ACTION'=> $form_action180 'F_ACTION'=>add_session_id($form_action) 179 181 )); 180 182 … … 185 187 'permissions', 186 188 array( 187 'URL'=> $base_url.'cat_perm&cat='.$category['id']189 'URL'=>add_session_id($base_url.'cat_perm&cat='.$category['id']) 188 190 ) 189 191 ); … … 196 198 'elements', 197 199 array( 198 'URL'=> $base_url.'element_set&cat='.$category['id']200 'URL'=>add_session_id($base_url.'element_set&cat='.$category['id']) 199 201 ) 200 202 ); … … 266 268 'delete', 267 269 array( 268 'URL'=> $self_url.'&delete='.$category['id']270 'URL'=>add_session_id($self_url.'&delete='.$category['id']) 269 271 ) 270 272 ); -
branches/branch-1_5/admin/cat_move.php
r1003 r1005 69 69 $template->assign_vars( 70 70 array( 71 'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=cat_move',71 'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=cat_move'), 72 72 ) 73 73 ); -
branches/branch-1_5/admin/cat_options.php
r1003 r1005 154 154 'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_options', 155 155 156 'F_ACTION'=> $base_url.$page['section']156 'F_ACTION'=>add_session_id($base_url.$page['section']) 157 157 ) 158 158 ); -
branches/branch-1_5/admin/cat_perm.php
r1003 r1005 208 208 ), 209 209 'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_perm', 210 'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=cat_perm&cat='.$page['cat'] 210 'F_ACTION' => 211 add_session_id( 212 PHPWG_ROOT_PATH.'admin.php?page=cat_perm&cat='.$page['cat'] 213 ) 211 214 ) 212 215 ); -
branches/branch-1_5/admin/comments.php
r1003 r1005 118 118 $template->assign_vars( 119 119 array( 120 'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=comments'120 'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=comments') 121 121 ) 122 122 ); … … 142 142 array( 143 143 'U_PICTURE' => 144 add_session_id( 144 145 PHPWG_ROOT_PATH.'admin.php?page=picture_modify'. 145 '&image_id='.$row['image_id'], 146 '&image_id='.$row['image_id'] 147 ), 146 148 'ID' => $row['id'], 147 149 'TN_SRC' => get_thumbnail_src($row['path'], @$row['tn_ext']), -
branches/branch-1_5/admin/configuration.php
r1003 r1005 150 150 'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=configuration', 151 151 152 'F_ACTION'=> $action152 'F_ACTION'=>add_session_id($action) 153 153 )); 154 154 -
branches/branch-1_5/admin/element_set_unit.php
r1003 r1005 223 223 $row['name'] : get_name_from_file($row['file']), 224 224 'U_EDIT' => 225 add_session_id( 225 226 PHPWG_ROOT_PATH.'admin.php?page=picture_modify'. 226 '&image_id='.$row['id'], 227 '&image_id='.$row['id'] 228 ), 227 229 'ID' => $row['id'], 228 230 'FILENAME' => $row['path'], -
branches/branch-1_5/admin/group_list.php
r1003 r1005 125 125 $template->assign_vars( 126 126 array( 127 'F_ADD_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=group_list' 127 'F_ADD_ACTION' => 128 add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_list') 128 129 ) 129 130 ); -
branches/branch-1_5/admin/group_perm.php
r1003 r1005 141 141 142 142 'F_ACTION' => 143 add_session_id( 143 144 PHPWG_ROOT_PATH. 144 145 'admin.php?page=group_perm&group_id='. 145 146 $page['group'] 147 ) 146 148 ) 147 149 ); -
branches/branch-1_5/admin/intro.php
r1003 r1005 178 178 'DB_GROUPS' => sprintf(l10n('%d groups'), $nb_groups), 179 179 'DB_COMMENTS' => sprintf(l10n('%d comments'), $nb_comments), 180 'U_CHECK_UPGRADE' => PHPWG_ROOT_PATH.'admin.php?action=check_upgrade', 181 'U_PHPINFO' => PHPWG_ROOT_PATH.'admin.php?action=phpinfo' 180 'U_CHECK_UPGRADE' => 181 add_session_id(PHPWG_ROOT_PATH.'admin.php?action=check_upgrade'), 182 'U_PHPINFO' => 183 add_session_id(PHPWG_ROOT_PATH.'admin.php?action=phpinfo') 182 184 ) 183 185 ); … … 216 218 'waiting', 217 219 array( 218 'URL' => PHPWG_ROOT_PATH.'admin.php?page=waiting',220 'URL' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=waiting'), 219 221 'INFO' => sprintf(l10n('%d waiting for validation'), $nb_waiting) 220 222 ) … … 235 237 'unvalidated', 236 238 array( 237 'URL' => PHPWG_ROOT_PATH.'admin.php?page=comments',239 'URL' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=comments'), 238 240 'INFO' => sprintf(l10n('%d waiting for validation'), $nb_comments) 239 241 ) -
branches/branch-1_5/admin/maintenance.php
r1003 r1005 99 99 $template->assign_vars( 100 100 array( 101 'U_MAINT_CATEGORIES' => $start_url.'categories',102 'U_MAINT_IMAGES' => $start_url.'images',103 'U_MAINT_HISTORY' => $start_url.'history',104 'U_MAINT_SESSIONS' => $start_url.'sessions',105 'U_MAINT_FEEDS' => $start_url.'feeds',101 'U_MAINT_CATEGORIES' => add_session_id($start_url.'categories'), 102 'U_MAINT_IMAGES' => add_session_id($start_url.'images'), 103 'U_MAINT_HISTORY' => add_session_id($start_url.'history'), 104 'U_MAINT_SESSIONS' => add_session_id($start_url.'sessions'), 105 'U_MAINT_FEEDS' => add_session_id($start_url.'feeds'), 106 106 'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=maintenance', 107 107 ) -
branches/branch-1_5/admin/picture_modify.php
r1003 r1005 196 196 array( 197 197 'U_SYNC' => 198 add_session_id( 198 199 PHPWG_ROOT_PATH.'admin.php?page=picture_modify'. 199 200 '&image_id='.$_GET['image_id']. 200 201 (isset($_GET['cat_id']) ? '&cat_id='.$_GET['cat_id'] : ''). 201 '&sync_metadata=1', 202 '&sync_metadata=1' 203 ), 202 204 203 205 'PATH'=>$row['path'], … … 229 231 230 232 'F_ACTION' => 233 add_session_id( 231 234 PHPWG_ROOT_PATH.'admin.php' 232 235 .get_query_string_diff(array('sync_metadata')) 236 ) 233 237 ) 234 238 ); -
branches/branch-1_5/admin/remote_site.php
r1003 r1005 516 516 'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=remote_site', 517 517 518 'F_ACTION'=> PHPWG_ROOT_PATH.'admin.php?page=remote_site'518 'F_ACTION'=>add_session_id(PHPWG_ROOT_PATH.'admin.php?page=remote_site') 519 519 ) 520 520 ); … … 687 687 array( 688 688 'URL' => $url, 689 'U_UPDATE' => $base_url.'local_update'689 'U_UPDATE' => add_session_id($base_url.'local_update') 690 690 ) 691 691 ); … … 732 732 array( 733 733 'NAME' => $row['galleries_url'], 734 'U_GENERATE' => $base_url.'generate',735 'U_UPDATE' => $base_url.'update',736 'U_CLEAN' => $base_url.'clean',737 'U_DELETE' => $base_url.'delete'734 'U_GENERATE' => add_session_id($base_url.'generate'), 735 'U_UPDATE' => add_session_id($base_url.'update'), 736 'U_CLEAN' => add_session_id($base_url.'clean'), 737 'U_DELETE' => add_session_id($base_url.'delete') 738 738 ) 739 739 ); -
branches/branch-1_5/admin/stats.php
r1003 r1005 63 63 $title_page=$lang['stats_day_title'].' du '.$date_of_day; 64 64 $url_back = PHPWG_ROOT_PATH."admin.php?page=stats"; 65 $url_back = $url_back;65 $url_back = add_session_id($url_back); 66 66 $title_details='<a href='.$url_back.'>'.$lang['stats_day_title'].'</a>'; 67 67 $title_day = $date_of_day; … … 72 72 $title_page=$lang['stats_month_title'].' : '.$date_of_day; 73 73 $url_back = PHPWG_ROOT_PATH."admin.php?page=stats"; 74 $url_back = $url_back;74 $url_back = add_session_id($url_back); 75 75 $title_details='<a href='.$url_back.'>'.$lang['stats_day_title'].'</a>'; 76 76 $title_day=$lang['today']; … … 106 106 'L_STAT_PICTURE'=>$lang['stats_picture'], 107 107 108 'IMG_REPORT'=> $url_img108 'IMG_REPORT'=>add_session_id($url_img) 109 109 )); 110 110 … … 142 142 ; 143 143 144 $value = '<a href="'. $url.'">';144 $value = '<a href="'.add_session_id($url).'">'; 145 145 $value.= $row['d'].' ('.$week_day.')'; 146 146 $value.= "</a>"; … … 161 161 ; 162 162 163 $value = '<a href="'. $url.'">';163 $value = '<a href="'.add_session_id($url).'">'; 164 164 $value.= $lang['month'][$row['m']].' '.$row['y']; 165 165 $value.= "</a>"; -
branches/branch-1_5/admin/thumbnail.php
r1003 r1005 359 359 'params', 360 360 array( 361 'F_ACTION'=> $form_url,361 'F_ACTION'=>add_session_id($form_url), 362 362 $gdlabel=>'checked="checked"', 363 363 $nlabel=>'checked="checked"', -
branches/branch-1_5/admin/user_list.php
r1003 r1005 425 425 $template->set_filenames(array('user_list'=>'admin/user_list.tpl')); 426 426 427 $base_url = PHPWG_ROOT_PATH.'admin.php?page=user_list';427 $base_url = add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_list'); 428 428 429 429 if (isset($_GET['start']) and is_numeric($_GET['start'])) … … 791 791 'ID' => $local_user['id'], 792 792 'CHECKED' => $checked, 793 'U_MOD' => $profile_url.$local_user['id'],794 'U_PERM' => $perm_url.$local_user['id'],793 'U_MOD' => add_session_id($profile_url.$local_user['id']), 794 'U_PERM' => add_session_id($perm_url.$local_user['id']), 795 795 'USERNAME' => $local_user['username'], 796 796 'STATUS' => $lang['user_status_'.$local_user['status']], -
branches/branch-1_5/admin/user_perm.php
r1003 r1005 134 134 135 135 'F_ACTION' => 136 add_session_id( 136 137 PHPWG_ROOT_PATH. 137 138 'admin.php?page=user_perm'. 138 139 '&user_id='.$page['user'] 140 ) 139 141 ) 140 142 ); -
branches/branch-1_5/admin/waiting.php
r1003 r1005 149 149 'L_DELETE'=>$lang['delete'], 150 150 151 'F_ACTION'=> str_replace( '&', '&', $_SERVER['REQUEST_URI'])151 'F_ACTION'=>add_session_id(str_replace( '&', '&', $_SERVER['REQUEST_URI'] )) 152 152 )); 153 153 -
branches/branch-1_5/category.php
r1003 r1005 32 32 if ( isset( $_GET['act'] ) 33 33 and $_GET['act'] == 'logout' 34 and isset( $_COOKIE[ session_name()] ) )34 and isset( $_COOKIE['id'] ) ) 35 35 { 36 36 // cookie deletion if exists 37 $_SESSION = array(); 38 session_unset(); 39 session_destroy(); 40 setcookie(session_name(),'',0,'/'); 37 setcookie( 'id', '', 0, cookie_path() ); 41 38 $url = 'category.php'; 42 39 redirect( $url ); … … 167 164 'L_REMEMBER_ME' => $lang['remember_me'], 168 165 169 'F_IDENTIFY' => PHPWG_ROOT_PATH.'identification.php',166 'F_IDENTIFY' => add_session_id( PHPWG_ROOT_PATH.'identification.php' ), 170 167 'T_RECENT' => $icon_recent, 171 168 172 'U_HOME' => PHPWG_ROOT_PATH.'category.php',173 'U_REGISTER' => PHPWG_ROOT_PATH.'register.php',174 'U_LOST_PASSWORD' => PHPWG_ROOT_PATH.'password.php',169 'U_HOME' => add_session_id( PHPWG_ROOT_PATH.'category.php' ), 170 'U_REGISTER' => add_session_id( PHPWG_ROOT_PATH.'register.php' ), 171 'U_LOST_PASSWORD' => add_session_id(PHPWG_ROOT_PATH.'password.php'), 175 172 'U_LOGOUT' => PHPWG_ROOT_PATH.'category.php?act=logout', 176 'U_ADMIN'=> PHPWG_ROOT_PATH.'admin.php',177 'U_PROFILE'=> PHPWG_ROOT_PATH.'profile.php'173 'U_ADMIN'=>add_session_id( PHPWG_ROOT_PATH.'admin.php' ), 174 'U_PROFILE'=>add_session_id(PHPWG_ROOT_PATH.'profile.php') 178 175 ) 179 176 ); … … 202 199 'special_cat', 203 200 array( 204 'URL' => PHPWG_ROOT_PATH.'category.php?cat=fav',201 'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=fav'), 205 202 'TITLE' => $lang['favorite_cat_hint'], 206 203 'NAME' => $lang['favorite_cat'] … … 211 208 'special_cat', 212 209 array( 213 'URL' => PHPWG_ROOT_PATH.'category.php?cat=most_visited',210 'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=most_visited'), 214 211 'TITLE' => $lang['most_visited_cat_hint'], 215 212 'NAME' => $lang['most_visited_cat'] … … 221 218 'special_cat', 222 219 array( 223 'URL' => PHPWG_ROOT_PATH.'category.php?cat=best_rated',220 'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=best_rated'), 224 221 'TITLE' => $lang['best_rated_cat_hint'], 225 222 'NAME' => $lang['best_rated_cat'] … … 231 228 'special_cat', 232 229 array( 233 'URL' => PHPWG_ROOT_PATH.'random.php',230 'URL' => add_session_id(PHPWG_ROOT_PATH.'random.php'), 234 231 'TITLE' => $lang['random_cat_hint'], 235 232 'NAME' => $lang['random_cat'] … … 239 236 'special_cat', 240 237 array( 241 'URL' => PHPWG_ROOT_PATH.'category.php?cat=recent_pics',238 'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=recent_pics'), 242 239 'TITLE' => $lang['recent_pics_cat_hint'], 243 240 'NAME' => $lang['recent_pics_cat'] … … 247 244 'special_cat', 248 245 array( 249 'URL' => PHPWG_ROOT_PATH.'category.php?cat=recent_cats',246 'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=recent_cats'), 250 247 'TITLE' => $lang['recent_cats_cat_hint'], 251 248 'NAME' => $lang['recent_cats_cat'] … … 255 252 'special_cat', 256 253 array( 257 'URL' => PHPWG_ROOT_PATH.'category.php?cat=calendar',254 'URL' => add_session_id(PHPWG_ROOT_PATH.'category.php?cat=calendar'), 258 255 'TITLE' => $lang['calendar_hint'], 259 256 'NAME' => $lang['calendar'] … … 294 291 'TITLE'=>$lang['hint_search'], 295 292 'NAME'=>$lang['search'], 296 'U_SUMMARY'=> 'search.php',293 'U_SUMMARY'=>add_session_id( 'search.php' ), 297 294 )); 298 295 … … 301 298 'TITLE'=>$lang['hint_comments'], 302 299 'NAME'=>$lang['comments'], 303 'U_SUMMARY'=> 'comments.php',300 'U_SUMMARY'=>add_session_id( 'comments.php' ), 304 301 )); 305 302 … … 308 305 'TITLE'=>$lang['about_page_title'], 309 306 'NAME'=>$lang['About'], 310 'U_SUMMARY'=> 'about.php?'.str_replace( '&', '&', $_SERVER['QUERY_STRING'] )307 'U_SUMMARY'=>add_session_id( 'about.php?'.str_replace( '&', '&', $_SERVER['QUERY_STRING'] ) ) 311 308 )); 312 309 … … 317 314 'TITLE'=>l10n('notification'), 318 315 'NAME'=>l10n('Notification'), 319 'U_SUMMARY'=> PHPWG_ROOT_PATH.'notification.php'316 'U_SUMMARY'=>add_session_id(PHPWG_ROOT_PATH.'notification.php') 320 317 )); 321 318 … … 328 325 array( 329 326 'URL' => 327 add_session_id( 330 328 PHPWG_ROOT_PATH.'admin.php?page=cat_modify' 331 329 .'&cat_id='.$page['cat'] 330 ) 332 331 ) 333 332 ); … … 354 353 array( 355 354 'URL' => 355 add_session_id( 356 356 PHPWG_ROOT_PATH.'category.php' 357 357 .get_query_string_diff(array('caddie')).'&caddie=1') 358 ) 358 359 ); 359 360 } … … 383 384 $template->assign_block_vars( 384 385 'upload', 385 array('U_UPLOAD'=> $url)386 array('U_UPLOAD'=>add_session_id( $url )) 386 387 ); 387 388 } -
branches/branch-1_5/comments.php
r1003 r1005 229 229 'F_AUTHOR'=>@$_GET['author'], 230 230 231 'U_HOME' => PHPWG_ROOT_PATH.'category.php'231 'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php') 232 232 ) 233 233 ); … … 466 466 'TITLE_IMG'=>$name, 467 467 'I_THUMB'=>$thumbnail_src, 468 'U_THUMB'=> $url468 'U_THUMB'=>add_session_id($url) 469 469 )); 470 470 … … 478 478 'comment', 479 479 array( 480 'U_PICTURE' => $url,480 'U_PICTURE' => add_session_id($url), 481 481 'TN_SRC' => $thumbnail_src, 482 482 'AUTHOR' => $author, -
branches/branch-1_5/identification.php
r1003 r1005 52 52 $session_length = $conf['remember_me_length']; 53 53 } 54 session_start(); 55 $_SESSION['id'] = $row['id']; 56 redirect('category.php'); 54 $session_id = session_create($row['id'], $session_length); 55 redirect('category.php?id='.$session_id); 57 56 } 58 57 else … … 82 81 'L_REMEMBER_ME'=>$lang['remember_me'], 83 82 84 'U_REGISTER' => PHPWG_ROOT_PATH.'register.php',85 'U_LOST_PASSWORD' => PHPWG_ROOT_PATH.'password.php',86 'U_HOME' => PHPWG_ROOT_PATH.'category.php',83 'U_REGISTER' => add_session_id(PHPWG_ROOT_PATH.'register.php'), 84 'U_LOST_PASSWORD' => add_session_id(PHPWG_ROOT_PATH.'password.php'), 85 'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php'), 87 86 88 'F_LOGIN_ACTION' => PHPWG_ROOT_PATH.'identification.php'87 'F_LOGIN_ACTION' => add_session_id(PHPWG_ROOT_PATH.'identification.php') 89 88 )); 90 89 -
branches/branch-1_5/include/category_calendar.inc.php
r1003 r1005 68 68 $url = PHPWG_ROOT_PATH.'category.php?cat=calendar'; 69 69 $url.= '&year='.$calendar_year; 70 $url = add_session_id($url); 70 71 $years_nav_bar.= ' <a href="'.$url.'">'.$calendar_year.'</a>'; 71 72 } … … 124 125 $url.= $page['calendar_year'].'.'.sprintf('%02s', $calendar_month); 125 126 $months_nav_bar.= ' '; 126 $months_nav_bar.= '<a href="'. $url.'">';127 $months_nav_bar.= '<a href="'.add_session_id($url).'">'; 127 128 $months_nav_bar.= $lang['month'][(int)$calendar_month]; 128 129 $months_nav_bar.= '</a>'; … … 248 249 'IMAGE_TITLE'=>$thumbnail_title, 249 250 250 'U_IMG_LINK'=> $url_link251 'U_IMG_LINK'=>add_session_id($url_link) 251 252 ) 252 253 ); … … 308 309 'IMAGE_TITLE'=>$thumbnail_title, 309 310 310 'U_IMG_LINK'=> $url_link311 'U_IMG_LINK'=>add_session_id($url_link) 311 312 ) 312 313 ); … … 362 363 'IMAGE_TITLE'=>$thumbnail_title, 363 364 364 'U_IMG_LINK'=> $url_link365 'U_IMG_LINK'=>add_session_id($url_link) 365 366 ) 366 367 ); … … 436 437 'IMAGE_TITLE'=>$thumbnail_title, 437 438 438 'U_IMG_LINK'=> $url_link439 'U_IMG_LINK'=>add_session_id($url_link) 439 440 ) 440 441 ); -
branches/branch-1_5/include/category_default.inc.php
r1003 r1005 90 90 'IMAGE_TS' => get_icon($row['date_available']), 91 91 92 'U_IMG_LINK' => $url_link92 'U_IMG_LINK' => add_session_id($url_link) 93 93 ) 94 94 ); -
branches/branch-1_5/include/category_recent_cats.inc.php
r1003 r1005 79 79 'IMAGE_TITLE' => $lang['hint_category'], 80 80 81 'U_IMG_LINK' => $url_link81 'U_IMG_LINK' => add_session_id($url_link) 82 82 ) 83 83 ); -
branches/branch-1_5/include/category_subcats.inc.php
r1003 r1005 153 153 'IMAGE_TS' => get_icon(@$item['date_last']), 154 154 'U_IMG_LINK' => 155 PHPWG_ROOT_PATH.'category.php?cat='.$item['category']155 add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$item['category']) 156 156 ) 157 157 ); -
branches/branch-1_5/include/config_default.inc.php
r1003 r1005 257 257 // +-----------------------------------------------------------------------+ 258 258 259 // specifies to use cookie to store the session id on client side260 $conf['session_use_cookies'] = 1;261 262 // specifies to only use cookie to store the session id on client side263 $conf['session_use_only_cookies'] = 1;264 265 // do not use transparent session id support266 $conf['session_use_trans_sid'] = 0;267 268 // specifies the name of the session which is used as cookie name269 $conf['session_name'] = 'pwg_id';270 271 // comment the line below to use file handler for sessions.272 $conf['session_save_handler'] = 'db';273 274 259 // authorize_remembering : permits user to stay logged for a long time. It 275 260 // creates a cookie on client side. … … 282 267 // session_length : time of validity for normal session, in seconds. 283 268 $conf['session_length'] = 3600; 269 270 // session_id_size : a session identifier is compound of alphanumeric 271 // characters and is case sensitive. Each character is among 62 272 // possibilities. The number of possible sessions is 273 // 62^$conf['session_id_size']. 274 // 275 // 62^5 = 916,132,832 276 // 62^10 = 839,299,365,868,340,224 277 // 278 $conf['session_id_size'] = 10; 284 279 285 280 // +-----------------------------------------------------------------------+ -
branches/branch-1_5/include/functions_category.inc.php
r1003 r1005 48 48 { 49 49 echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />'; 50 echo '<a href=" ./category.php">';50 echo '<a href="'.add_session_id( './category.php' ).'">'; 51 51 echo $lang['thumbnails'].'</a></div>'; 52 52 exit(); -
branches/branch-1_5/include/functions_html.inc.php
r1003 r1005 83 83 { 84 84 $navbar.= '<a href="'; 85 $navbar.= $url.'&start=0';85 $navbar.= add_session_id($url.'&start=0'); 86 86 $navbar.= '" class="'.$link_class.'">'.$lang['first_page']; 87 87 $navbar.= '</a>'; … … 97 97 $previous = $start - $nb_element_page; 98 98 $navbar.= '<a href="'; 99 $navbar.= $url.'&start='.$previous;99 $navbar.= add_session_id( $url.'&start='.$previous ); 100 100 $navbar.= '" class="'.$link_class.'">'.$lang['previous_page']; 101 101 $navbar.= '</a>'; … … 110 110 { 111 111 $navbar.= ' <a href="'; 112 $navbar.= $url.'&start=0';112 $navbar.= add_session_id($url.'&start=0'); 113 113 $navbar.= '" class="'.$link_class.'">1</a>'; 114 114 if ($cur_page > $pages_around + 2) … … 131 131 $temp_start = ($i - 1) * $nb_element_page; 132 132 $navbar.= ' <a href="'; 133 $navbar.= $url.'&start='.$temp_start;133 $navbar.= add_session_id($url.'&start='.$temp_start); 134 134 $navbar.= '" class="'.$link_class.'">'.$i.'</a>'; 135 135 } … … 149 149 } 150 150 $navbar.= ' <a href="'; 151 $navbar.= $url.'&start='.$temp_start;151 $navbar.= add_session_id($url.'&start='.$temp_start); 152 152 $navbar.= '" class="'.$link_class.'">'.$maximum.'</a>'; 153 153 } … … 160 160 $next = $start + $nb_element_page; 161 161 $navbar.= '<a href="'; 162 $navbar.= $url.'&start='.$next;162 $navbar.= add_session_id( $url.'&start='.$next ); 163 163 $navbar.= '" class="'.$link_class.'">'.$lang['next_page'].'</a>'; 164 164 } … … 174 174 $temp_start = ($maximum - 1) * $nb_element_page; 175 175 $navbar.= '<a href="'; 176 $navbar.= $url.'&start='.$temp_start;176 $navbar.= add_session_id($url.'&start='.$temp_start); 177 177 $navbar.= '" class="'.$link_class.'">'.$lang['last_page']; 178 178 $navbar.= '</a>'; … … 243 243 { 244 244 $output.= '<a class=""'; 245 $output.= ' href="'. PHPWG_ROOT_PATH.$url.$id.'">';245 $output.= ' href="'.add_session_id(PHPWG_ROOT_PATH.$url.$id).'">'; 246 246 $output.= $name.'</a>'; 247 247 } … … 312 312 $output.= ' 313 313 <a class="" 314 href="'. PHPWG_ROOT_PATH.$url.$category_id.'">'.$name.'</a>';314 href="'.add_session_id(PHPWG_ROOT_PATH.$url.$category_id).'">'.$name.'</a>'; 315 315 } 316 316 } … … 371 371 $menu.= '>'; 372 372 373 $url = PHPWG_ROOT_PATH.'category.php?cat='.$category['id'];373 $url = add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$category['id']); 374 374 $menu.= "\n".'<a href="'.$url.'">'.$category['name'].'</a>'; 375 375 -
branches/branch-1_5/include/functions_session.inc.php
r1003 r1005 26 26 // +-----------------------------------------------------------------------+ 27 27 28 if (isset($conf['session_save_handler']) and ($conf['session_save_handler'] == 'db')) { 29 session_set_save_handler('pwg_session_open', 30 'pwg_session_close', 31 'pwg_session_read', 32 'pwg_session_write', 33 'pwg_session_destroy', 34 'pwg_session_gc' 35 ); 36 } 37 38 ini_set('session.use_cookies', $conf['session_use_cookies']); 39 ini_set('session.use_only_cookies', $conf['session_use_only_cookies']); 40 ini_set('session.use_trans_sid', $conf['session_use_trans_sid']); 41 ini_set('session.name', $conf['session_name']); 42 43 function pwg_session_open($path, $name) 44 { 45 return true; 46 } 47 48 function pwg_session_close() 49 { 50 pwg_session_gc(); 51 return true; 52 } 53 54 function pwg_session_read($session_id) 55 { 56 $query = "SELECT data FROM " . SESSIONS_TABLE; 57 $query .= " WHERE id = '$session_id'"; 58 $result = pwg_query($query); 59 if ($result) { 60 $row = mysql_fetch_assoc($result); 61 return $row['data']; 62 } else { 63 return ''; 64 } 65 } 66 67 function pwg_session_write($session_id, $data) 68 { 69 $query = "SELECT id FROM " . SESSIONS_TABLE; 70 $query .= " WHERE id = '$session_id'"; 71 $result = pwg_query($query); 72 if (mysql_num_rows($result)) { 73 $query = "UPDATE " . SESSIONS_TABLE . " SET expiration = now()"; 74 $query .= " WHERE id = '$session_id'"; 75 pwg_query($query); 76 } else { 77 $query = "INSERT INTO " . SESSIONS_TABLE . " (id,data,expiration)"; 78 $query .= " VALUES('$session_id','$data',now())"; 79 pwg_query($query); 80 } 81 return true; 82 } 83 84 function pwg_session_destroy($session_id) 85 { 86 $query = "DELETE FROM " . SESSIONS_TABLE; 87 $query .= " WHERE id = '$session_id'"; 88 pwg_query($query); 89 return true; 90 } 91 92 function pwg_session_gc() 28 // The function generate_key creates a string with pseudo random characters. 29 // the size of the string depends on the $conf['session_id_size']. 30 // Characters used are a-z A-Z and numerical values. Examples : 31 // "Er4Tgh6", "Rrp08P", "54gj" 32 // input : none (using global variable) 33 // output : $key 34 function generate_key($size) 93 35 { 94 36 global $conf; 95 37 96 $query = "DELETE FROM " . SESSIONS_TABLE; 97 $query .= " WHERE UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(expiration) > " . $conf['session_length']; 38 $md5 = md5(substr(microtime(), 2, 6)); 39 $init = ''; 40 for ( $i = 0; $i < strlen( $md5 ); $i++ ) 41 { 42 if ( is_numeric( $md5[$i] ) ) $init.= $md5[$i]; 43 } 44 $init = substr( $init, 0, 8 ); 45 mt_srand( $init ); 46 $key = ''; 47 for ( $i = 0; $i < $size; $i++ ) 48 { 49 $c = mt_rand( 0, 2 ); 50 if ( $c == 0 ) $key .= chr( mt_rand( 65, 90 ) ); 51 else if ( $c == 1 ) $key .= chr( mt_rand( 97, 122 ) ); 52 else $key .= mt_rand( 0, 9 ); 53 } 54 return $key; 55 } 56 57 /** 58 * create a new session and returns the session identifier 59 * 60 * - find a non-already-used session key 61 * - create a session in database 62 * - return session identifier 63 * 64 * @param int userid 65 * @param int session_lentgh : in seconds 66 * @return string 67 */ 68 function session_create($userid, $session_length) 69 { 70 global $conf; 71 72 // 1. searching an unused session key 73 $id_found = false; 74 while (!$id_found) 75 { 76 $generated_id = generate_key($conf['session_id_size']); 77 $query = ' 78 SELECT id 79 FROM '.SESSIONS_TABLE.' 80 WHERE id = \''.$generated_id.'\' 81 ;'; 82 $result = pwg_query($query); 83 if (mysql_num_rows($result) == 0) 84 { 85 $id_found = true; 86 } 87 } 88 // 3. inserting session in database 89 $query = ' 90 INSERT INTO '.SESSIONS_TABLE.' 91 (id,user_id,expiration) 92 VALUES 93 (\''.$generated_id.'\','.$userid.', 94 ADDDATE(NOW(), INTERVAL '.$session_length.' SECOND)) 95 ;'; 98 96 pwg_query($query); 99 return true; 97 98 $expiration = $session_length + time(); 99 setcookie('id', $generated_id, $expiration, cookie_path()); 100 101 return $generated_id; 102 } 103 104 // add_session_id adds the id of the session to the string given in 105 // parameter as $url. If the session id is the first parameter to the url, 106 // it is preceded by a '?', else it is preceded by a '&'. If the 107 // parameter $redirect is set to true, '&' is used instead of '&'. 108 function add_session_id( $url, $redirect = false ) 109 { 110 global $page, $user, $conf; 111 112 if ($user['is_the_guest'] 113 or $user['has_cookie'] 114 or $conf['apache_authentication']) 115 { 116 return $url; 117 } 118 119 if (preg_match('/\.php\?/', $url)) 120 { 121 $separator = $redirect ? '&' : '&'; 122 } 123 else 124 { 125 $separator = '?'; 126 } 127 128 return $url.$separator.'id='.$page['session_id']; 129 } 130 131 // cookie_path returns the path to use for the PhpWebGallery cookie. 132 // If PhpWebGallery is installed on : 133 // http://domain.org/meeting/gallery/category.php 134 // cookie_path will return : "/meeting/gallery" 135 function cookie_path() 136 { 137 return substr($_SERVER['PHP_SELF'],0,strrpos( $_SERVER['PHP_SELF'],'/')); 100 138 } 101 139 ?> -
branches/branch-1_5/include/page_header.php
r1003 r1005 62 62 array( 63 63 'REFRESH_TIME' => $refresh, 64 'U_REFRESH' => $url_link64 'U_REFRESH' => add_session_id( $url_link ) 65 65 )); 66 66 $template->assign_block_vars('refresh', array()); -
branches/branch-1_5/include/user.inc.php
r1003 r1005 27 27 28 28 // retrieving connected user informations 29 if (isset($_COOKIE[ session_name()]))29 if (isset($_COOKIE['id'])) 30 30 { 31 session_start(); 32 if (isset($_SESSION['id'])) 33 { 34 $user['id'] = $_SESSION['id']; 35 } 36 else 37 { 38 // session timeout 39 $user['id'] = $conf['guest_id']; 40 $user['is_the_guest'] = true; 41 } 42 } 43 else 31 $session_id = $_COOKIE['id']; 32 $user['has_cookie'] = true; 33 } 34 else if (isset($_GET['id'])) 44 35 { 45 $user['id'] = $conf['guest_id']; 46 $user['is_the_guest'] = true; 36 $session_id = $_GET['id']; 37 $user['has_cookie'] = false; 38 } 39 else 40 { 41 $user['has_cookie'] = false; 42 } 43 44 if (isset($session_id) 45 and ereg("^[0-9a-zA-Z]{".$conf['session_id_size']."}$", $session_id)) 46 { 47 $page['session_id'] = $session_id; 48 $query = ' 49 SELECT user_id,expiration,NOW() AS now 50 FROM '.SESSIONS_TABLE.' 51 WHERE id = \''.$page['session_id'].'\' 52 ;'; 53 $result = pwg_query($query); 54 if (mysql_num_rows($result) > 0) 55 { 56 $row = mysql_fetch_array($result); 57 if (strnatcmp($row['expiration'], $row['now']) < 0) 58 { 59 // deletion of the session from the database, because it is 60 // out-of-date 61 $delete_query = ' 62 DELETE FROM '.SESSIONS_TABLE.' 63 WHERE id = \''.$page['session_id'].'\' 64 ;'; 65 pwg_query($delete_query); 66 } 67 else 68 { 69 $user['id'] = $row['user_id']; 70 $user['is_the_guest'] = false; 71 } 72 } 73 } 74 if (!isset($user['id'])) 75 { 76 $user['id'] = $conf['guest_id']; 77 $user['is_the_guest'] = true; 47 78 } 48 79 -
branches/branch-1_5/notification.php
r1003 r1005 59 59 array( 60 60 'FEED_URL' => PHPWG_ROOT_PATH.'feed.php?feed='.$page['feed'], 61 'U_HOME' => PHPWG_ROOT_PATH.'category.php'61 'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php') 62 62 ) 63 63 ); -
branches/branch-1_5/password.php
r1003 r1005 177 177 $template->assign_vars( 178 178 array( 179 'U_HOME' => PHPWG_ROOT_PATH.'category.php'179 'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php') 180 180 ) 181 181 ); -
branches/branch-1_5/picture.php
r1003 r1005 83 83 { 84 84 echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />'; 85 echo '<a href="'. PHPWG_ROOT_PATH.'category.php'.'">';85 echo '<a href="'.add_session_id( PHPWG_ROOT_PATH.'category.php' ).'">'; 86 86 echo $lang['thumbnails'].'</a></div>'; 87 87 exit(); … … 330 330 // there is no favorite picture anymore we redirect the user to the 331 331 // category page 332 redirect($url_up); 332 $url = add_session_id($url_up); 333 redirect($url); 333 334 } 334 335 else if (!$has_prev) 335 336 { 336 337 $url = str_replace( '&', '&', $picture['next']['url'] ); 337 redirect( $url);338 $url = add_session_id( $url, true); 338 339 } 339 340 else 340 341 { 341 342 $url = str_replace('&', '&', $picture['prev']['url'] ); 342 redirect( $url);343 $url = add_session_id( $url, true); 343 344 } 344 345 redirect( $url ); … … 533 534 'L_UP_ALT' => $lang['home'], 534 535 535 'U_HOME' => (PHPWG_ROOT_PATH.'category.php'),536 'U_UP' => $url_up,537 'U_METADATA' => $url_metadata,538 'U_ADMIN' => $url_admin,539 'U_SLIDESHOW'=> $url_slide,540 'U_ADD_COMMENT' => str_replace( '&', '&', $_SERVER['REQUEST_URI'])536 'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php'), 537 'U_UP' => add_session_id($url_up), 538 'U_METADATA' => add_session_id($url_metadata), 539 'U_ADMIN' => add_session_id($url_admin), 540 'U_SLIDESHOW'=> add_session_id($url_slide), 541 'U_ADD_COMMENT' => add_session_id(str_replace( '&', '&', $_SERVER['REQUEST_URI'] )) 541 542 ) 542 543 ); … … 595 596 array( 596 597 'URL' => 598 add_session_id( 597 599 PHPWG_ROOT_PATH.'picture.php' 598 600 .get_query_string_diff(array('caddie')).'&caddie=1') 601 ) 599 602 ); 600 603 } … … 654 657 'TITLE_IMG' => $picture['prev']['name'], 655 658 'IMG' => $picture['prev']['thumbnail'], 656 'U_IMG' => $picture['prev']['url']659 'U_IMG' => add_session_id($picture['prev']['url']) 657 660 )); 658 661 } … … 665 668 'TITLE_IMG' => $picture['next']['name'], 666 669 'IMG' => $picture['next']['thumbnail'], 667 'U_IMG' => $picture['next']['url']670 'U_IMG' => add_session_id($picture['next']['url']) 668 671 )); 669 672 } … … 688 691 $infos['INFO_AUTHOR'] = 689 692 '<a href="'. 693 add_session_id( 690 694 PHPWG_ROOT_PATH.'category.php?cat=search'. 691 695 '&search=author:'.$picture['current']['author'] 692 .'">'.$picture['current']['author'].'</a>'; 696 ). 697 '">'.$picture['current']['author'].'</a>'; 693 698 } 694 699 else … … 702 707 $infos['INFO_CREATION_DATE'] = 703 708 '<a href="'. 709 add_session_id( 704 710 PHPWG_ROOT_PATH.'category.php?cat=search'. 705 711 '&search=date_creation:'.$picture['current']['date_creation'] 706 .'">'.format_date($picture['current']['date_creation']).'</a>'; 712 ). 713 '">'.format_date($picture['current']['date_creation']).'</a>'; 707 714 } 708 715 else … … 714 721 $infos['INFO_AVAILABILITY_DATE'] = 715 722 '<a href="'. 723 add_session_id( 716 724 PHPWG_ROOT_PATH.'category.php?cat=search'. 717 725 '&search=date_available:'. 718 726 substr($picture['current']['date_available'], 0, 10) 719 .'">'. 727 ). 728 '">'. 720 729 format_date($picture['current']['date_available'], 'mysql_datetime'). 721 730 '</a>'; … … 766 775 '/([^,]+)/', 767 776 '<a href="'. 777 add_session_id( 768 778 PHPWG_ROOT_PATH.'category.php?cat=search&search=keywords:$1' 769 .'">$1</a>', 779 ). 780 '">$1</a>', 770 781 $picture['current']['keywords'] 771 782 ); … … 891 902 892 903 $template->assign_block_vars('stop_slideshow', array( 893 'U_SLIDESHOW'=> $picture['current']['url']904 'U_SLIDESHOW'=>add_session_id( $picture['current']['url'] ) 894 905 )); 895 906 } … … 1044 1055 $template->assign_block_vars( 1045 1056 'comments.comment.delete', 1046 array('U_COMMENT_DELETE'=> $url.'&del='.$row['id']1057 array('U_COMMENT_DELETE'=>add_session_id( $url.'&del='.$row['id']) 1047 1058 )); 1048 1059 } -
branches/branch-1_5/profile.php
r1003 r1005 137 137 // redirection 138 138 $url = PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING']; 139 redirect( $url);139 redirect(add_session_id($url)); 140 140 } 141 141 } … … 199 199 'L_RETURN_HINT' => $lang['home_hint'], 200 200 201 'U_RETURN' => PHPWG_ROOT_PATH.'category.php',202 203 'F_ACTION'=> $url_action,201 'U_RETURN' => add_session_id(PHPWG_ROOT_PATH.'category.php'), 202 203 'F_ACTION'=>add_session_id($url_action), 204 204 )); 205 205 -
branches/branch-1_5/random.php
r1003 r1005 60 60 // +-----------------------------------------------------------------------+ 61 61 $url = PHPWG_ROOT_PATH.'category.php?cat=list&list='.implode(',', $ids); 62 redirect( $url);62 redirect(add_session_id($url)); 63 63 ?> -
branches/branch-1_5/register.php
r1003 r1005 77 77 'L_EMAIL' => $lang['mail_address'], 78 78 79 'U_HOME' => PHPWG_ROOT_PATH.'category.php',79 'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php'), 80 80 81 'F_ACTION' => 'register.php',81 'F_ACTION' => add_session_id('register.php'), 82 82 'F_LOGIN' => $login, 83 83 'F_EMAIL' => $email -
branches/branch-1_5/search.php
r1003 r1005 130 130 { 131 131 $url = 'category.php?cat=search&search='.$search_string; 132 $url = add_session_id($url, true); 132 133 redirect($url); 133 134 } … … 180 181 'TODAY_MONTH' => date('m', time()), 181 182 'TODAY_YEAR' => date('Y', time()), 182 'S_SEARCH_ACTION' => 'search.php',183 'S_SEARCH_ACTION' => add_session_id( 'search.php' ), 183 184 'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=search', 184 'U_HOME' => 'category.php'185 'U_HOME' => add_session_id( 'category.php' ) 185 186 ) 186 187 ); -
branches/branch-1_5/upload.php
r1003 r1005 126 126 { 127 127 echo '<div style="text-align:center;">'.$lang['upload_forbidden'].'<br />'; 128 echo '<a href=" ./category.php">';128 echo '<a href="'.add_session_id( './category.php' ).'">'; 129 129 echo $lang['thumbnails'].'</a></div>'; 130 130 exit(); … … 300 300 'L_MANDATORY' => $lang['mandatory'], 301 301 302 'F_ACTION' => $u_form,303 304 'U_RETURN' => PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING']302 'F_ACTION' => add_session_id( $u_form ), 303 304 'U_RETURN' => add_session_id(PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING']) 305 305 )); 306 306
Note: See TracChangeset
for help on using the changeset viewer.