aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2011-01-19 14:59:49 +0000
committerplegall <plg@piwigo.org>2011-01-19 14:59:49 +0000
commit90106b67948d52921c884f74aace02ab39b0a5d8 (patch)
tree75d8e811a9528acb10edeb406d5fc62eb32d1c32
parent0a44acdd8a4bc050b943e0d915f46b2db7e86250 (diff)
feature 1289 updated: add pwg_token on the delete_orphan_tags maintenance action
(and all other maintenace actions as well) git-svn-id: http://piwigo.org/svn/trunk@8765 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r--admin/maintenance.php30
1 files changed, 18 insertions, 12 deletions
diff --git a/admin/maintenance.php b/admin/maintenance.php
index d9e7b113d..1199af948 100644
--- a/admin/maintenance.php
+++ b/admin/maintenance.php
@@ -31,8 +31,14 @@ include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
// +-----------------------------------------------------------------------+
// | Check Access and exit when user status is not ok |
// +-----------------------------------------------------------------------+
+
check_status(ACCESS_ADMINISTRATOR);
+if (isset($_GET['action']))
+{
+ check_pwg_token();
+}
+
// +-----------------------------------------------------------------------+
// | actions |
// +-----------------------------------------------------------------------+
@@ -132,21 +138,21 @@ DELETE
$template->set_filenames(array('maintenance'=>'maintenance.tpl'));
-$start_url = get_root_url().'admin.php?page=maintenance&amp;action=';
+$url_format = get_root_url().'admin.php?page=maintenance&amp;action=%s&amp;pwg_token='.get_pwg_token();
$template->assign(
array(
- 'U_MAINT_CATEGORIES' => $start_url.'categories',
- 'U_MAINT_IMAGES' => $start_url.'images',
- 'U_MAINT_ORPHAN_TAGS' => $start_url.'delete_orphan_tags',
- 'U_MAINT_HISTORY_DETAIL' => $start_url.'history_detail',
- 'U_MAINT_HISTORY_SUMMARY' => $start_url.'history_summary',
- 'U_MAINT_SESSIONS' => $start_url.'sessions',
- 'U_MAINT_FEEDS' => $start_url.'feeds',
- 'U_MAINT_DATABASE' => $start_url.'database',
- 'U_MAINT_C13Y' => $start_url.'c13y',
- 'U_MAINT_SEARCH' => $start_url.'search',
- 'U_MAINT_COMPILED_TEMPLATES' => $start_url.'compiled-templates',
+ 'U_MAINT_CATEGORIES' => sprintf($url_format, 'categories'),
+ 'U_MAINT_IMAGES' => sprintf($url_format, 'images'),
+ 'U_MAINT_ORPHAN_TAGS' => sprintf($url_format, 'delete_orphan_tags'),
+ 'U_MAINT_HISTORY_DETAIL' => sprintf($url_format, 'history_detail'),
+ 'U_MAINT_HISTORY_SUMMARY' => sprintf($url_format, 'history_summary'),
+ 'U_MAINT_SESSIONS' => sprintf($url_format, 'sessions'),
+ 'U_MAINT_FEEDS' => sprintf($url_format, 'feeds'),
+ 'U_MAINT_DATABASE' => sprintf($url_format, 'database'),
+ 'U_MAINT_C13Y' => sprintf($url_format, 'c13y'),
+ 'U_MAINT_SEARCH' => sprintf($url_format, 'search'),
+ 'U_MAINT_COMPILED_TEMPLATES' => sprintf($url_format, 'compiled-templates'),
'U_HELP' => get_root_url().'admin/popuphelp.php?page=maintenance',
)
);