Changeset 5406 for trunk/admin/plugins_update.php

Timestamp:

Mar 27, 2010, 6:32:45 PM (14 years ago)

Author:

patdenice

Message:

Add token to themes installation.
Only webmasters can install new plugins, themes or languages.

File:

• trunk/admin/plugins_update.php (modified) (1 diff)

trunk/admin/plugins_update.php

@@ -38 +38 @@
 if (isset($_GET['plugin']) and isset($_GET['revision']) and !is_adviser())
 {
-  check_pwg_token();
-  
-  $plugin_id = $_GET['plugin'];
-  $revision = $_GET['revision'];
+  if (!is_webmaster())
+  {
+    array_push($page['errors'], l10n('Webmaster status is required.'));
+  }
+  else
+  {
+    check_pwg_token();
+    
+    $plugin_id = $_GET['plugin'];
+    $revision = $_GET['revision'];
 
-  if (isset($plugins->db_plugins_by_id[$plugin_id])
-    and $plugins->db_plugins_by_id[$plugin_id]['state'] == 'active')
-  {
-    $plugins->perform_action('deactivate', $plugin_id);
+    if (isset($plugins->db_plugins_by_id[$plugin_id])
+      and $plugins->db_plugins_by_id[$plugin_id]['state'] == 'active')
+    {
+      $plugins->perform_action('deactivate', $plugin_id);
 
-    redirect($base_url
-      . '&revision=' . $revision
-      . '&plugin=' . $plugin_id
-      . '&pwg_token='.get_pwg_token()
-      . '&reactivate=true');
+      redirect($base_url
+        . '&revision=' . $revision
+        . '&plugin=' . $plugin_id
+        . '&pwg_token='.get_pwg_token()
+        . '&reactivate=true');
+    }
+
+    $upgrade_status = $plugins->extract_plugin_files('upgrade', $revision, $plugin_id);
+
+    if (isset($_GET['reactivate']))
+    {
+      $plugins->perform_action('activate', $plugin_id);
+    }
+    redirect($base_url.'&plugin='.$plugin_id.'&upgradestatus='.$upgrade_status);
   }
-
-  $upgrade_status = $plugins->extract_plugin_files('upgrade', $revision, $plugin_id);
-
-  if (isset($_GET['reactivate']))
-  {
-    $plugins->perform_action('activate', $plugin_id);
-  }
-  redirect($base_url.'&plugin='.$plugin_id.'&upgradestatus='.$upgrade_status);
 }