diff options
author | patdenice <patdenice@piwigo.org> | 2010-03-27 17:32:45 +0000 |
---|---|---|
committer | patdenice <patdenice@piwigo.org> | 2010-03-27 17:32:45 +0000 |
commit | 66d2cd6ec2e61dac3ccd0003294370d8035dc900 (patch) | |
tree | efd87d6a7975143fe25563e2a7f15d25c9dc5031 | |
parent | 0b38088a7e860bbfe64c5b2726859607eb086d2d (diff) |
Add token to themes installation.
Only webmasters can install new plugins, themes or languages.
git-svn-id: http://piwigo.org/svn/trunk@5406 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r-- | admin/languages_new.php | 15 | ||||
-rw-r--r-- | admin/plugins_new.php | 17 | ||||
-rw-r--r-- | admin/plugins_update.php | 45 | ||||
-rw-r--r-- | admin/themes_new.php | 26 | ||||
-rw-r--r-- | language/en_UK/admin.lang.php | 1 | ||||
-rw-r--r-- | language/fr_FR/admin.lang.php | 1 |
6 files changed, 69 insertions, 36 deletions
diff --git a/admin/languages_new.php b/admin/languages_new.php index a4e68fac5..f80ee33ee 100644 --- a/admin/languages_new.php +++ b/admin/languages_new.php @@ -58,11 +58,18 @@ if (!is_writable($languages_dir)) if (isset($_GET['revision']) and !is_adviser()) { - check_pwg_token(); + if (!is_webmaster()) + { + array_push($page['errors'], l10n('Webmaster status is required.')); + } + else + { + check_pwg_token(); - $install_status = $languages->extract_language_files('install', $_GET['revision']); - - redirect($base_url.'&installstatus='.$install_status); + $install_status = $languages->extract_language_files('install', $_GET['revision']); + + redirect($base_url.'&installstatus='.$install_status); + } } // +-----------------------------------------------------------------------+ diff --git a/admin/plugins_new.php b/admin/plugins_new.php index d699e57d9..8fa3e0ac9 100644 --- a/admin/plugins_new.php +++ b/admin/plugins_new.php @@ -36,13 +36,20 @@ $base_url = get_root_url().'admin.php?page='.$page['page'].'&order='.$order; $plugins = new plugins(); //------------------------------------------------------automatic installation -if (isset($_GET['revision']) and isset($_GET['extension']) and !is_adviser()) +if (isset($_GET['revision']) and isset($_GET['extension'])) { - check_pwg_token(); - - $install_status = $plugins->extract_plugin_files('install', $_GET['revision'], $_GET['extension']); + if (!is_webmaster()) + { + array_push($page['errors'], l10n('Webmaster status is required.')); + } + else + { + check_pwg_token(); + + $install_status = $plugins->extract_plugin_files('install', $_GET['revision'], $_GET['extension']); - redirect($base_url.'&installstatus='.$install_status); + redirect($base_url.'&installstatus='.$install_status); + } } //--------------------------------------------------------------install result diff --git a/admin/plugins_update.php b/admin/plugins_update.php index 07876ca18..332c97cb4 100644 --- a/admin/plugins_update.php +++ b/admin/plugins_update.php @@ -37,30 +37,37 @@ $plugins = new plugins(); //-----------------------------------------------------------automatic upgrade if (isset($_GET['plugin']) and isset($_GET['revision']) and !is_adviser()) { - check_pwg_token(); - - $plugin_id = $_GET['plugin']; - $revision = $_GET['revision']; - - if (isset($plugins->db_plugins_by_id[$plugin_id]) - and $plugins->db_plugins_by_id[$plugin_id]['state'] == 'active') + if (!is_webmaster()) { - $plugins->perform_action('deactivate', $plugin_id); - - redirect($base_url - . '&revision=' . $revision - . '&plugin=' . $plugin_id - . '&pwg_token='.get_pwg_token() - . '&reactivate=true'); + array_push($page['errors'], l10n('Webmaster status is required.')); } + else + { + check_pwg_token(); + + $plugin_id = $_GET['plugin']; + $revision = $_GET['revision']; - $upgrade_status = $plugins->extract_plugin_files('upgrade', $revision, $plugin_id); + if (isset($plugins->db_plugins_by_id[$plugin_id]) + and $plugins->db_plugins_by_id[$plugin_id]['state'] == 'active') + { + $plugins->perform_action('deactivate', $plugin_id); - if (isset($_GET['reactivate'])) - { - $plugins->perform_action('activate', $plugin_id); + redirect($base_url + . '&revision=' . $revision + . '&plugin=' . $plugin_id + . '&pwg_token='.get_pwg_token() + . '&reactivate=true'); + } + + $upgrade_status = $plugins->extract_plugin_files('upgrade', $revision, $plugin_id); + + if (isset($_GET['reactivate'])) + { + $plugins->perform_action('activate', $plugin_id); + } + redirect($base_url.'&plugin='.$plugin_id.'&upgradestatus='.$upgrade_status); } - redirect($base_url.'&plugin='.$plugin_id.'&upgradestatus='.$upgrade_status); } //--------------------------------------------------------------upgrade result diff --git a/admin/themes_new.php b/admin/themes_new.php index 2c11cf6a7..d5403b117 100644 --- a/admin/themes_new.php +++ b/admin/themes_new.php @@ -53,15 +53,24 @@ if (!is_writable($themes_dir)) // | perform installation | // +-----------------------------------------------------------------------+ -if (isset($_GET['revision']) and isset($_GET['extension']) and !is_adviser()) +if (isset($_GET['revision']) and isset($_GET['extension'])) { - $install_status = $themes->extract_theme_files( - 'install', - $_GET['revision'], - $_GET['extension'] - ); - - redirect($base_url.'&installstatus='.$install_status); + if (!is_webmaster()) + { + array_push($page['errors'], l10n('Webmaster status is required.')); + } + else + { + check_pwg_token(); + + $install_status = $themes->extract_theme_files( + 'install', + $_GET['revision'], + $_GET['extension'] + ); + + redirect($base_url.'&installstatus='.$install_status); + } } // +-----------------------------------------------------------------------+ @@ -112,6 +121,7 @@ if ($themes->get_server_themes(true)) // only new themes $url_auto_install = htmlentities($base_url) . '&revision=' . $theme['revision_id'] . '&extension=' . $theme['extension_id'] + . '&pwg_token='.get_pwg_token() ; $template->append( diff --git a/language/en_UK/admin.lang.php b/language/en_UK/admin.lang.php index 1ca66483a..044feefa6 100644 --- a/language/en_UK/admin.lang.php +++ b/language/en_UK/admin.lang.php @@ -759,4 +759,5 @@ $lang['Select:'] = 'Select:'; $lang['None'] = 'None'; $lang['Invert'] = 'Invert'; $lang['Impossible to deactivate this theme, you need at least one theme.'] = 'Impossible to deactivate this theme, you need at least one theme.'; +$lang['Webmaster status is required.'] = 'Webmaster status is required.'; ?> diff --git a/language/fr_FR/admin.lang.php b/language/fr_FR/admin.lang.php index 38ad4417b..31e52ed0e 100644 --- a/language/fr_FR/admin.lang.php +++ b/language/fr_FR/admin.lang.php @@ -762,4 +762,5 @@ $lang['Select:'] = 'Sélectionner :'; $lang['None'] = 'Rien'; $lang['Invert'] = 'Inverser'; $lang['Impossible to deactivate this theme, you need at least one theme.'] = 'Impossible de désactiver ce thème, il doit rester au moins un thème activé.'; +$lang['Webmaster status is required.'] = 'Vous devez avoir le status de "webmaster".'; ?> |