diff options
author | nikrou <nikrou@piwigo.org> | 2006-01-15 12:52:55 +0000 |
---|---|---|
committer | nikrou <nikrou@piwigo.org> | 2006-01-15 12:52:55 +0000 |
commit | 9d6404ad36375079e815979bd4bf476a5195df5e (patch) | |
tree | 4e4724a9f86cdc91d31419ac5b2a2489b858a70b /admin/cat_list.php | |
parent | 6d45ca83efc0f28bb00ecab1a9b4964279cc26b5 (diff) |
Improve security of sessions:
- use only cookies to store session id on client side
- use default php session system with database handler to store sessions on server side
git-svn-id: http://piwigo.org/svn/branches/branch-1_5@1003 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r-- | admin/cat_list.php | 21 |
1 files changed, 8 insertions, 13 deletions
diff --git a/admin/cat_list.php b/admin/cat_list.php index 3c8e1e8d2..f5e3e834e 100644 --- a/admin/cat_list.php +++ b/admin/cat_list.php @@ -65,7 +65,7 @@ function save_categories_order($categories) $categories = array(); $base_url = PHPWG_ROOT_PATH.'admin.php?page=cat_list'; -$navigation = '<a class="" href="'.add_session_id($base_url).'">'; +$navigation = '<a class="" href="'.$base_url.'">'; $navigation.= $lang['home']; $navigation.= '</a>'; @@ -238,7 +238,7 @@ else $template->assign_vars(array( 'CATEGORIES_NAV'=>$navigation, 'NEXT_RANK'=>$next_rank, - 'F_ACTION'=>add_session_id($form_action), + 'F_ACTION'=>$form_action, 'L_ADD_VIRTUAL'=>$lang['cat_add'], 'L_SUBMIT'=>$lang['submit'], @@ -317,14 +317,9 @@ foreach ($categories as $category) 'ID'=>$category['id'], 'RANK'=>$category['rank']*10, - 'U_JUMPTO'=> - add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$category['id']), - - 'U_CHILDREN'=> - add_session_id($cat_list_url.'&parent_id='.$category['id']), - - 'U_EDIT'=> - add_session_id($base_url.'cat_modify&cat_id='.$category['id']) + 'U_JUMPTO'=>PHPWG_ROOT_PATH.'category.php?cat='.$category['id'], + 'U_CHILDREN'=>$cat_list_url.'&parent_id='.$category['id'], + 'U_EDIT'=>$base_url.'cat_modify&cat_id='.$category['id'] ) ); @@ -333,7 +328,7 @@ foreach ($categories as $category) $template->assign_block_vars( 'category.delete', array( - 'URL'=>add_session_id($self_url.'&delete='.$category['id']) + 'URL'=>$self_url.'&delete='.$category['id'] ) ); } @@ -343,7 +338,7 @@ foreach ($categories as $category) $template->assign_block_vars( 'category.elements', array( - 'URL'=>add_session_id($base_url.'element_set&cat='.$category['id']) + 'URL'=>$base_url.'element_set&cat='.$category['id'] ) ); } @@ -353,7 +348,7 @@ foreach ($categories as $category) $template->assign_block_vars( 'category.permissions', array( - 'URL'=>add_session_id($base_url.'cat_perm&cat='.$category['id']) + 'URL'=>$base_url.'cat_perm&cat='.$category['id'] ) ); } |