diff options
author | plegall <plg@piwigo.org> | 2011-01-19 14:59:49 +0000 |
---|---|---|
committer | plegall <plg@piwigo.org> | 2011-01-19 14:59:49 +0000 |
commit | 90106b67948d52921c884f74aace02ab39b0a5d8 (patch) | |
tree | 75d8e811a9528acb10edeb406d5fc62eb32d1c32 /admin | |
parent | 0a44acdd8a4bc050b943e0d915f46b2db7e86250 (diff) |
feature 1289 updated: add pwg_token on the delete_orphan_tags maintenance action
(and all other maintenace actions as well)
git-svn-id: http://piwigo.org/svn/trunk@8765 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r-- | admin/maintenance.php | 30 |
1 files changed, 18 insertions, 12 deletions
diff --git a/admin/maintenance.php b/admin/maintenance.php index d9e7b113d..1199af948 100644 --- a/admin/maintenance.php +++ b/admin/maintenance.php @@ -31,8 +31,14 @@ include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); // +-----------------------------------------------------------------------+ // | Check Access and exit when user status is not ok | // +-----------------------------------------------------------------------+ + check_status(ACCESS_ADMINISTRATOR); +if (isset($_GET['action'])) +{ + check_pwg_token(); +} + // +-----------------------------------------------------------------------+ // | actions | // +-----------------------------------------------------------------------+ @@ -132,21 +138,21 @@ DELETE $template->set_filenames(array('maintenance'=>'maintenance.tpl')); -$start_url = get_root_url().'admin.php?page=maintenance&action='; +$url_format = get_root_url().'admin.php?page=maintenance&action=%s&pwg_token='.get_pwg_token(); $template->assign( array( - 'U_MAINT_CATEGORIES' => $start_url.'categories', - 'U_MAINT_IMAGES' => $start_url.'images', - 'U_MAINT_ORPHAN_TAGS' => $start_url.'delete_orphan_tags', - 'U_MAINT_HISTORY_DETAIL' => $start_url.'history_detail', - 'U_MAINT_HISTORY_SUMMARY' => $start_url.'history_summary', - 'U_MAINT_SESSIONS' => $start_url.'sessions', - 'U_MAINT_FEEDS' => $start_url.'feeds', - 'U_MAINT_DATABASE' => $start_url.'database', - 'U_MAINT_C13Y' => $start_url.'c13y', - 'U_MAINT_SEARCH' => $start_url.'search', - 'U_MAINT_COMPILED_TEMPLATES' => $start_url.'compiled-templates', + 'U_MAINT_CATEGORIES' => sprintf($url_format, 'categories'), + 'U_MAINT_IMAGES' => sprintf($url_format, 'images'), + 'U_MAINT_ORPHAN_TAGS' => sprintf($url_format, 'delete_orphan_tags'), + 'U_MAINT_HISTORY_DETAIL' => sprintf($url_format, 'history_detail'), + 'U_MAINT_HISTORY_SUMMARY' => sprintf($url_format, 'history_summary'), + 'U_MAINT_SESSIONS' => sprintf($url_format, 'sessions'), + 'U_MAINT_FEEDS' => sprintf($url_format, 'feeds'), + 'U_MAINT_DATABASE' => sprintf($url_format, 'database'), + 'U_MAINT_C13Y' => sprintf($url_format, 'c13y'), + 'U_MAINT_SEARCH' => sprintf($url_format, 'search'), + 'U_MAINT_COMPILED_TEMPLATES' => sprintf($url_format, 'compiled-templates'), 'U_HELP' => get_root_url().'admin/popuphelp.php?page=maintenance', ) ); |