From 66d2cd6ec2e61dac3ccd0003294370d8035dc900 Mon Sep 17 00:00:00 2001 From: patdenice Date: Sat, 27 Mar 2010 17:32:45 +0000 Subject: Add token to themes installation. Only webmasters can install new plugins, themes or languages. git-svn-id: http://piwigo.org/svn/trunk@5406 68402e56-0260-453c-a942-63ccdbb3a9ee --- admin/plugins_new.php | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) (limited to 'admin/plugins_new.php') diff --git a/admin/plugins_new.php b/admin/plugins_new.php index d699e57d9..8fa3e0ac9 100644 --- a/admin/plugins_new.php +++ b/admin/plugins_new.php @@ -36,13 +36,20 @@ $base_url = get_root_url().'admin.php?page='.$page['page'].'&order='.$order; $plugins = new plugins(); //------------------------------------------------------automatic installation -if (isset($_GET['revision']) and isset($_GET['extension']) and !is_adviser()) +if (isset($_GET['revision']) and isset($_GET['extension'])) { - check_pwg_token(); - - $install_status = $plugins->extract_plugin_files('install', $_GET['revision'], $_GET['extension']); + if (!is_webmaster()) + { + array_push($page['errors'], l10n('Webmaster status is required.')); + } + else + { + check_pwg_token(); + + $install_status = $plugins->extract_plugin_files('install', $_GET['revision'], $_GET['extension']); - redirect($base_url.'&installstatus='.$install_status); + redirect($base_url.'&installstatus='.$install_status); + } } //--------------------------------------------------------------install result -- cgit v1.2.3