Skip to content
Permalink
Browse files Browse the repository at this point in the history
Token fixes.
  • Loading branch information
CaMer0n committed Mar 2, 2017
1 parent 84b1ec2 commit 7a3e3d9
Show file tree
Hide file tree
Showing 4 changed files with 26 additions and 5 deletions.
9 changes: 8 additions & 1 deletion e107_admin/frontpage.php
Expand Up @@ -18,6 +18,10 @@
* @version $Id$;
*/

if(!empty($_POST) && !isset($_POST['e-token']))
{
$_POST['e-token'] = '';
}
require_once ('../class2.php');
if(! getperms('G'))
{
Expand Down Expand Up @@ -392,6 +396,7 @@ function select_class(&$fp_settings, $show_button = TRUE)
$show_legend = $show_button ? " class='e-hideme'" : '';
$text = "
<form method='post' action='".e_SELF."'>
<input type='hidden' name='e-token' value='".e_TOKEN."' />
<fieldset id='frontpage-settings'>
<legend{$show_legend}>".FRTLAN_13."</legend>
Expand Down Expand Up @@ -494,7 +499,9 @@ function edit_rule($rule_info)
// <legend class='e-hideme'>".($rule_info['order'] ? FRTLAN_46 : FRTLAN_42)."</legend>

$text = "
<form method='post' action='".e_SELF."'>";
<form method='post' action='".e_SELF."'>
<input type='hidden' name='e-token' value='".e_TOKEN."' />
";

$text .= '<ul class="nav nav-tabs" id="myTabs">
<li class="active"><a data-toggle="tab" href="#home">'.FRTLAN_49.'</a></li>
Expand Down
5 changes: 5 additions & 0 deletions e107_admin/meta.php
Expand Up @@ -10,6 +10,10 @@
*
*
*/
if(!empty($_POST) && !isset($_POST['e-token']))
{
$_POST['e-token'] = '';
}
require_once("../class2.php");

if (!getperms("T"))
Expand Down Expand Up @@ -128,6 +132,7 @@
<div class='buttons-bar center'>".
$frm->admin_button('metasubmit','no-value','update', LAN_UPDATE)."
</div>
<input type='hidden' name='e-token' value='".e_TOKEN."' />
</fieldset>
</form>
";
Expand Down
12 changes: 8 additions & 4 deletions e107_admin/plugin.php
Expand Up @@ -212,7 +212,6 @@ public function init()
}



if($this->getMode()=== 'avail')
{
$this->listQry = "SELECT * FROM `#plugin` WHERE plugin_installflag = 0 AND plugin_category != 'menu' ";
Expand Down Expand Up @@ -397,7 +396,10 @@ function uninstallPage()

$post = e107::getParser()->filter($_POST);


if(empty($_POST['e-token']))
{
return false;
}

// $id = e107::getPlugin

Expand Down Expand Up @@ -811,13 +813,15 @@ private function pluginConfirmUninstall($plug_vars)
*/
// $frm->admin_button($name, $value, $action = 'submit', $label = '', $options = array());

$text .= "</div>


$text .= "<input type='hidden' name='e-token' value='".e_TOKEN."' /></div>
</fieldset>
</form>
";

return $text;
e107::getRender()->tablerender(EPL_ADLAN_63.SEP.$tp->toHtml($plug_vars['@attributes']['name'], "", "defs,emotes_off, no_make_clickable"),$mes->render(). $text);
// e107::getRender()->tablerender(EPL_ADLAN_63.SEP.$tp->toHtml($plug_vars['@attributes']['name'], "", "defs,emotes_off, no_make_clickable"),$mes->render(). $text);

}
/*
Expand Down
5 changes: 5 additions & 0 deletions e107_admin/prefs.php
Expand Up @@ -10,6 +10,10 @@
*
*/

if(!empty($_POST) && !isset($_POST['e-token']))
{
$_POST['e-token'] = '';
}
require_once ("../class2.php");

if(isset($_POST['newver']))
Expand Down Expand Up @@ -309,6 +313,7 @@ function sendTest()
$text = "
<div id='core-prefs'>
<form class='admin-menu' method='post' action='".e_SELF."' autocomplete='off'>
<input type='hidden' name='e-token' value='".e_TOKEN."' />
<fieldset id='core-prefs-main'>
<legend>".PRFLAN_1."</legend>
<table class='table adminform'>
Expand Down

0 comments on commit 7a3e3d9

Please sign in to comment.