mirror of
https://github.com/Piwigo/Piwigo.git
synced 2026-07-03 16:32:22 +02:00
merge r27810 from branch 2.6 to trunk
bug 3055: add security pwg_token on API methods introduced in Piwigo 2.6 (pwg.groups.addUser, pwg.groups.deleteUser, pwg.groups.setInfo, pwg.users.add, pwg.users.setInfo, pwg.permissions.add, pwg.permissions.remove) git-svn-id: http://piwigo.org/svn/trunk@27811 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
@@ -772,6 +772,7 @@ function ws_addDefaultMethods( $arr )
|
||||
'name' => array('flags'=>WS_PARAM_OPTIONAL),
|
||||
'is_default' => array('flags'=>WS_PARAM_OPTIONAL,
|
||||
'type'=>WS_TYPE_BOOL),
|
||||
'pwg_token' => array(),
|
||||
),
|
||||
'Updates a group. Leave a field blank to keep the current value.',
|
||||
$ws_functions_root . 'pwg.groups.php',
|
||||
@@ -785,6 +786,7 @@ function ws_addDefaultMethods( $arr )
|
||||
'group_id' => array('type'=>WS_TYPE_ID),
|
||||
'user_id' => array('flags'=>WS_PARAM_FORCE_ARRAY,
|
||||
'type'=>WS_TYPE_ID),
|
||||
'pwg_token' => array(),
|
||||
),
|
||||
'Adds one or more users to a group.',
|
||||
$ws_functions_root . 'pwg.groups.php',
|
||||
@@ -798,6 +800,7 @@ function ws_addDefaultMethods( $arr )
|
||||
'group_id' => array('type'=>WS_TYPE_ID),
|
||||
'user_id' => array('flags'=>WS_PARAM_FORCE_ARRAY,
|
||||
'type'=>WS_TYPE_ID),
|
||||
'pwg_token' => array(),
|
||||
),
|
||||
'Removes one or more users from a group.',
|
||||
$ws_functions_root . 'pwg.groups.php',
|
||||
@@ -850,6 +853,7 @@ enabled_high, registration_date, registration_date_string, registration_date_sin
|
||||
'password_confirm' => array('flags'=>WS_PARAM_OPTIONAL),
|
||||
'email' => array('default'=>null),
|
||||
'send_password_by_mail' => array('default'=>false, 'type'=>WS_TYPE_BOOL),
|
||||
'pwg_token' => array(),
|
||||
),
|
||||
'Registers a new user.',
|
||||
$ws_functions_root . 'pwg.users.php',
|
||||
@@ -899,6 +903,7 @@ enabled_high, registration_date, registration_date_string, registration_date_sin
|
||||
'type'=>WS_TYPE_BOOL),
|
||||
'enabled_high' => array('flags'=>WS_PARAM_OPTIONAL,
|
||||
'type'=>WS_TYPE_BOOL),
|
||||
'pwg_token' => array(),
|
||||
),
|
||||
'Updates a user. Leave a field blank to keep the current value.
|
||||
<br>"username", "password" and "email" are ignored if "user_id" is an array.
|
||||
@@ -936,6 +941,7 @@ enabled_high, registration_date, registration_date_string, registration_date_sin
|
||||
'type'=>WS_TYPE_ID),
|
||||
'recursive' => array('default'=>false,
|
||||
'type'=>WS_TYPE_BOOL),
|
||||
'pwg_token' => array(),
|
||||
),
|
||||
'Adds permissions to an album.',
|
||||
$ws_functions_root . 'pwg.permissions.php',
|
||||
@@ -952,6 +958,7 @@ enabled_high, registration_date, registration_date_string, registration_date_sin
|
||||
'type'=>WS_TYPE_ID),
|
||||
'user_id' => array('flags'=>WS_PARAM_FORCE_ARRAY|WS_PARAM_OPTIONAL,
|
||||
'type'=>WS_TYPE_ID),
|
||||
'pwg_token' => array(),
|
||||
),
|
||||
'Removes permissions from an album.',
|
||||
$ws_functions_root . 'pwg.permissions.php',
|
||||
|
||||
Reference in New Issue
Block a user