iarv/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-05-05 13:02:48 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add token to themes installation.

Browse Source 
Only webmasters can install new plugins, themes or languages.

git-svn-id: http://piwigo.org/svn/trunk@5406 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
patdenice
2010-03-27 17:32:45 +00:00
parent 0b38088a7e
commit 66d2cd6ec2
6 changed files with 70 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
admin/plugins_update.php
View File

@@ -37,30 +37,37 @@ $plugins = new plugins();
//-----------------------------------------------------------automatic upgrade
if (isset($_GET['plugin']) and isset($_GET['revision']) and !is_adviser())
{
check_pwg_token();
$plugin_id = $_GET['plugin'];
$revision = $_GET['revision'];
if (isset($plugins->db_plugins_by_id[$plugin_id])
and $plugins->db_plugins_by_id[$plugin_id]['state'] == 'active')
if (!is_webmaster())
{
$plugins->perform_action('deactivate', $plugin_id);
redirect($base_url
. '&revision=' . $revision
. '&plugin=' . $plugin_id
. '&pwg_token='.get_pwg_token()
. '&reactivate=true');
array_push($page['errors'], l10n('Webmaster status is required.'));
}
$upgrade_status = $plugins->extract_plugin_files('upgrade', $revision, $plugin_id);
if (isset($_GET['reactivate']))
else
{
$plugins->perform_action('activate', $plugin_id);
check_pwg_token();
$plugin_id = $_GET['plugin'];
$revision = $_GET['revision'];
if (isset($plugins->db_plugins_by_id[$plugin_id])
and $plugins->db_plugins_by_id[$plugin_id]['state'] == 'active')
{
$plugins->perform_action('deactivate', $plugin_id);
redirect($base_url
. '&revision=' . $revision
. '&plugin=' . $plugin_id
. '&pwg_token='.get_pwg_token()
. '&reactivate=true');
}
$upgrade_status = $plugins->extract_plugin_files('upgrade', $revision, $plugin_id);
if (isset($_GET['reactivate']))
{
$plugins->perform_action('activate', $plugin_id);
}
redirect($base_url.'&plugin='.$plugin_id.'&upgradestatus='.$upgrade_status);
}
redirect($base_url.'&plugin='.$plugin_id.'&upgradestatus='.$upgrade_status);
}
//--------------------------------------------------------------upgrade result