- Timestamp:
- Mar 25, 2010, 6:59:35 AM (15 years ago)
- Location:
- trunk
- Files:
-
- 3 edited
-
admin/cat_modify.php (modified) (6 diffs)
-
admin/themes/default/template/cat_modify.tpl (modified) (1 diff)
-
include/functions.inc.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/admin/cat_modify.php
r5207 r5335 27 27 } 28 28 29 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');30 29 include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php'); 31 30 … … 290 289 $template->assign( 291 290 array( 292 'U_DELETE' => $self_url.'&delete='.$category['id'] ,291 'U_DELETE' => $self_url.'&delete='.$category['id'].'&pwg_token='.get_pwg_token(), 293 292 ) 294 293 ); … … 345 344 'DIRECTION' => array('ASC'), 346 345 ); 347 346 348 347 if ( isset($matches[1][$i]) ) 349 348 { 350 349 $tpl_image_order_select['FIELD'] = array($matches[1][$i]); 351 350 } 352 351 353 352 if (isset($matches[2][$i]) and strcasecmp($matches[2][$i],'DESC')==0) 354 353 { … … 451 450 set_make_full_url(); 452 451 453 /* TODO: if $category['representative_picture_id'] 452 /* TODO: if $category['representative_picture_id'] 454 453 is empty find child representative_picture_id */ 455 454 if (!empty($category['representative_picture_id'])) … … 475 474 } 476 475 } 477 476 478 477 if (!isset($img_url)) 479 478 { … … 513 512 ;'; 514 513 list($group_name) = pwg_db_fetch_row(pwg_query($query)); 515 514 516 515 array_push( 517 516 $page['infos'], -
trunk/admin/themes/default/template/cat_modify.tpl
r5123 r5335 22 22 {/if} 23 23 {if isset($U_DELETE) } 24 <li><a href="{$U_DELETE}" title="{' Are you sure?'|@translate|@escape:'javascript'}');"><img src="{$ROOT_URL}{$themeconf.admin_icon_dir}/category_delete.png" class="button" alt="{'delete'|@translate}" onclick="return confirm('{'Are you sure?'|@translate|@escape:'javascript'}');"><img src="{$ROOT_URL}{$themeconf.admin_icon_dir}/category_delete.png" class="button" alt="{'delete'|@translate}"></a></li>24 <li><a href="{$U_DELETE}" title="{'delete'|@translate}"><img src="{$ROOT_URL}{$themeconf.admin_icon_dir}/category_delete.png" class="button" alt="{'delete'|@translate}" onclick="return confirm('{'Are you sure?'|@translate|@escape:javascript}');"></a></li> 25 25 {/if} 26 26 </ul> -
trunk/include/functions.inc.php
r5306 r5335 1454 1454 function check_pwg_token() 1455 1455 { 1456 $valid_token = get_pwg_token(); 1457 $given_token = null; 1458 1459 if (!empty($_POST['pwg_token'])) 1460 { 1461 $given_token = $_POST['pwg_token']; 1462 } 1463 elseif (!empty($_GET['pwg_token'])) 1464 { 1465 $given_token = $_GET['pwg_token']; 1466 } 1467 if ($given_token != $valid_token) 1468 { 1469 access_denied(); 1470 } 1456 if (!empty($_REQUEST['pwg_token'])) 1457 { 1458 if (get_pwg_token() != $_REQUEST['pwg_token']) 1459 { 1460 access_denied(); 1461 } 1462 } 1463 else 1464 bad_request('missing token'); 1471 1465 } 1472 1466
Note: See TracChangeset
for help on using the changeset viewer.
