Changeset 5406


Ignore:
Timestamp:
Mar 27, 2010, 6:32:45 PM (14 years ago)
Author:
patdenice
Message:

Add token to themes installation.
Only webmasters can install new plugins, themes or languages.

Location:
trunk
Files:
6 edited

Legend:

Unmodified
Added
Removed

  • trunk/admin/languages_new.php

    r5371 r5406  
    5959if (isset($_GET['revision']) and !is_adviser())
    6060{
    61   check_pwg_token();
     61  if (!is_webmaster())
     62  {
     63    array_push($page['errors'], l10n('Webmaster status is required.'));
     64  }
     65  else
     66  {
     67    check_pwg_token();
    6268
    63   $install_status = $languages->extract_language_files('install', $_GET['revision']);
    64  
    65   redirect($base_url.'&installstatus='.$install_status);
     69    $install_status = $languages->extract_language_files('install', $_GET['revision']);
     70
     71    redirect($base_url.'&installstatus='.$install_status);
     72  }
    6673}
    6774

  • trunk/admin/plugins_new.php

    r5367 r5406  
    3737
    3838//------------------------------------------------------automatic installation
    39 if (isset($_GET['revision']) and isset($_GET['extension']) and !is_adviser())
     39if (isset($_GET['revision']) and isset($_GET['extension']))
    4040{
    41   check_pwg_token();
    42  
    43   $install_status = $plugins->extract_plugin_files('install', $_GET['revision'], $_GET['extension']);
     41  if (!is_webmaster())
     42  {
     43    array_push($page['errors'], l10n('Webmaster status is required.'));
     44  }
     45  else
     46  {
     47    check_pwg_token();
     48   
     49    $install_status = $plugins->extract_plugin_files('install', $_GET['revision'], $_GET['extension']);
    4450
    45   redirect($base_url.'&installstatus='.$install_status);
     51    redirect($base_url.'&installstatus='.$install_status);
     52  }
    4653}
    4754

  • trunk/admin/plugins_update.php

    r5367 r5406  
    3838if (isset($_GET['plugin']) and isset($_GET['revision']) and !is_adviser())
    3939{
    40   check_pwg_token();
    41  
    42   $plugin_id = $_GET['plugin'];
    43   $revision = $_GET['revision'];
     40  if (!is_webmaster())
     41  {
     42    array_push($page['errors'], l10n('Webmaster status is required.'));
     43  }
     44  else
     45  {
     46    check_pwg_token();
     47   
     48    $plugin_id = $_GET['plugin'];
     49    $revision = $_GET['revision'];
    4450
    45   if (isset($plugins->db_plugins_by_id[$plugin_id])
    46     and $plugins->db_plugins_by_id[$plugin_id]['state'] == 'active')
    47   {
    48     $plugins->perform_action('deactivate', $plugin_id);
     51    if (isset($plugins->db_plugins_by_id[$plugin_id])
     52      and $plugins->db_plugins_by_id[$plugin_id]['state'] == 'active')
     53    {
     54      $plugins->perform_action('deactivate', $plugin_id);
    4955
    50     redirect($base_url
    51       . '&revision=' . $revision
    52       . '&plugin=' . $plugin_id
    53       . '&pwg_token='.get_pwg_token()
    54       . '&reactivate=true');
     56      redirect($base_url
     57        . '&revision=' . $revision
     58        . '&plugin=' . $plugin_id
     59        . '&pwg_token='.get_pwg_token()
     60        . '&reactivate=true');
     61    }
     62
     63    $upgrade_status = $plugins->extract_plugin_files('upgrade', $revision, $plugin_id);
     64
     65    if (isset($_GET['reactivate']))
     66    {
     67      $plugins->perform_action('activate', $plugin_id);
     68    }
     69    redirect($base_url.'&plugin='.$plugin_id.'&upgradestatus='.$upgrade_status);
    5570  }
    56 
    57   $upgrade_status = $plugins->extract_plugin_files('upgrade', $revision, $plugin_id);
    58 
    59   if (isset($_GET['reactivate']))
    60   {
    61     $plugins->perform_action('activate', $plugin_id);
    62   }
    63   redirect($base_url.'&plugin='.$plugin_id.'&upgradestatus='.$upgrade_status);
    6471}
    6572

  • trunk/admin/themes_new.php

    r5153 r5406  
    5454// +-----------------------------------------------------------------------+
    5555
    56 if (isset($_GET['revision']) and isset($_GET['extension']) and !is_adviser())
     56if (isset($_GET['revision']) and isset($_GET['extension']))
    5757{
    58   $install_status = $themes->extract_theme_files(
    59     'install',
    60     $_GET['revision'],
    61     $_GET['extension']
    62     );
    63  
    64   redirect($base_url.'&installstatus='.$install_status);
     58  if (!is_webmaster())
     59  {
     60    array_push($page['errors'], l10n('Webmaster status is required.'));
     61  }
     62  else
     63  {
     64    check_pwg_token();
     65
     66    $install_status = $themes->extract_theme_files(
     67      'install',
     68      $_GET['revision'],
     69      $_GET['extension']
     70      );
     71   
     72    redirect($base_url.'&installstatus='.$install_status);
     73  }
    6574}
    6675
     
    113122      . '&revision=' . $theme['revision_id']
    114123      . '&extension=' . $theme['extension_id']
     124      . '&pwg_token='.get_pwg_token()
    115125      ;
    116126

  • trunk/language/en_UK/admin.lang.php

    r5382 r5406  
    760760$lang['Invert'] = 'Invert';
    761761$lang['Impossible to deactivate this theme, you need at least one theme.'] = 'Impossible to deactivate this theme, you need at least one theme.';
     762$lang['Webmaster status is required.'] = 'Webmaster status is required.';
    762763?>

  • trunk/language/fr_FR/admin.lang.php

    r5395 r5406  
    763763$lang['Invert'] = 'Inverser';
    764764$lang['Impossible to deactivate this theme, you need at least one theme.'] = 'Impossible de désactiver ce thème, il doit rester au moins un thème activé.';
     765$lang['Webmaster status is required.'] = 'Vous devez avoir le status de "webmaster".';
    765766?>
Note: See TracChangeset for help on using the changeset viewer.