adam/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-06-02 04:15:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add token to themes installation.

Browse Source 
Only webmasters can install new plugins, themes or languages.

git-svn-id: http://piwigo.org/svn/trunk@5406 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
patdenice
2010-03-27 17:32:45 +00:00
parent 0b38088a7e
commit 66d2cd6ec2
6 changed files with 70 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files
admin/languages_new.php
+10 -3
View File
@@ -58,11 +58,18 @@ if (!is_writable($languages_dir))
if (isset($_GET['revision']) and !is_adviser())
{
check_pwg_token();
if (!is_webmaster())
{
array_push($page['errors'], l10n('Webmaster status is required.'));
}
else
{
check_pwg_token();
$install_status = $languages->extract_language_files('install', $_GET['revision']);
$install_status = $languages->extract_language_files('install', $_GET['revision']);
redirect($base_url.'&installstatus='.$install_status);
redirect($base_url.'&installstatus='.$install_status);
}
}
// +-----------------------------------------------------------------------+
admin/plugins_new.php
+11 -4
View File
@@ -36,13 +36,20 @@ $base_url = get_root_url().'admin.php?page='.$page['page'].'&order='.$order;
$plugins = new plugins();
//------------------------------------------------------automatic installation
if (isset($_GET['revision']) and isset($_GET['extension']) and !is_adviser())
if (isset($_GET['revision']) and isset($_GET['extension']))
{
check_pwg_token();
if (!is_webmaster())
{
array_push($page['errors'], l10n('Webmaster status is required.'));
}
else
{
check_pwg_token();
$install_status = $plugins->extract_plugin_files('install', $_GET['revision'], $_GET['extension']);
$install_status = $plugins->extract_plugin_files('install', $_GET['revision'], $_GET['extension']);
redirect($base_url.'&installstatus='.$install_status);
redirect($base_url.'&installstatus='.$install_status);
}
}
//--------------------------------------------------------------install result
admin/plugins_update.php
+27 -20
View File
@@ -37,30 +37,37 @@ $plugins = new plugins();
//-----------------------------------------------------------automatic upgrade
if (isset($_GET['plugin']) and isset($_GET['revision']) and !is_adviser())
{
check_pwg_token();
$plugin_id = $_GET['plugin'];
$revision = $_GET['revision'];
if (isset($plugins->db_plugins_by_id[$plugin_id])
and $plugins->db_plugins_by_id[$plugin_id]['state'] == 'active')
if (!is_webmaster())
{
$plugins->perform_action('deactivate', $plugin_id);
redirect($base_url
. '&revision=' . $revision
. '&plugin=' . $plugin_id
. '&pwg_token='.get_pwg_token()
. '&reactivate=true');
array_push($page['errors'], l10n('Webmaster status is required.'));
}
$upgrade_status = $plugins->extract_plugin_files('upgrade', $revision, $plugin_id);
if (isset($_GET['reactivate']))
else
{
$plugins->perform_action('activate', $plugin_id);
check_pwg_token();
$plugin_id = $_GET['plugin'];
$revision = $_GET['revision'];
if (isset($plugins->db_plugins_by_id[$plugin_id])
and $plugins->db_plugins_by_id[$plugin_id]['state'] == 'active')
{
$plugins->perform_action('deactivate', $plugin_id);
redirect($base_url
. '&revision=' . $revision
. '&plugin=' . $plugin_id
. '&pwg_token='.get_pwg_token()
. '&reactivate=true');
}
$upgrade_status = $plugins->extract_plugin_files('upgrade', $revision, $plugin_id);
if (isset($_GET['reactivate']))
{
$plugins->perform_action('activate', $plugin_id);
}
redirect($base_url.'&plugin='.$plugin_id.'&upgradestatus='.$upgrade_status);
}
redirect($base_url.'&plugin='.$plugin_id.'&upgradestatus='.$upgrade_status);
}
//--------------------------------------------------------------upgrade result
admin/themes_new.php
+17 -7
View File
@@ -53,15 +53,24 @@ if (!is_writable($themes_dir))
// | perform installation |
// +-----------------------------------------------------------------------+
if (isset($_GET['revision']) and isset($_GET['extension']) and !is_adviser())
if (isset($_GET['revision']) and isset($_GET['extension']))
{
$install_status = $themes->extract_theme_files(
'install',
$_GET['revision'],
$_GET['extension']
);
if (!is_webmaster())
{
array_push($page['errors'], l10n('Webmaster status is required.'));
}
else
{
check_pwg_token();
redirect($base_url.'&installstatus='.$install_status);
$install_status = $themes->extract_theme_files(
'install',
$_GET['revision'],
$_GET['extension']
);
redirect($base_url.'&installstatus='.$install_status);
}
}
// +-----------------------------------------------------------------------+
@@ -112,6 +121,7 @@ if ($themes->get_server_themes(true)) // only new themes
$url_auto_install = htmlentities($base_url)
. '&revision=' . $theme['revision_id']
. '&extension=' . $theme['extension_id']
. '&pwg_token='.get_pwg_token()
;
$template->append(
language/en_UK/admin.lang.php
+1
View File
@@ -759,4 +759,5 @@ $lang['Select:'] = 'Select:';
$lang['None'] = 'None';
$lang['Invert'] = 'Invert';
$lang['Impossible to deactivate this theme, you need at least one theme.'] = 'Impossible to deactivate this theme, you need at least one theme.';
$lang['Webmaster status is required.'] = 'Webmaster status is required.';
?>
language/fr_FR/admin.lang.php
+1
View File
@@ -762,4 +762,5 @@ $lang['Select:'] = 'Sélectionner :';
$lang['None'] = 'Rien';
$lang['Invert'] = 'Inverser';
$lang['Impossible to deactivate this theme, you need at least one theme.'] = 'Impossible de désactiver ce thème, il doit rester au moins un thème activé.';
$lang['Webmaster status is required.'] = 'Vous devez avoir le status de "webmaster".';
?>