aboutsummaryrefslogtreecommitdiffstats
path: root/admin
diff options
context:
space:
mode:
Diffstat (limited to 'admin')
-rw-r--r--admin/cat_list.php21
-rw-r--r--admin/cat_modify.php14
-rw-r--r--admin/cat_move.php2
-rw-r--r--admin/cat_options.php2
-rw-r--r--admin/cat_perm.php5
-rw-r--r--admin/comments.php6
-rw-r--r--admin/configuration.php2
-rw-r--r--admin/element_set_unit.php4
-rw-r--r--admin/group_list.php3
-rw-r--r--admin/group_perm.php2
-rw-r--r--admin/intro.php10
-rw-r--r--admin/maintenance.php10
-rw-r--r--admin/picture_modify.php6
-rw-r--r--admin/remote_site.php12
-rw-r--r--admin/stats.php10
-rw-r--r--admin/thumbnail.php2
-rw-r--r--admin/user_list.php6
-rw-r--r--admin/user_perm.php2
-rw-r--r--admin/waiting.php2
19 files changed, 73 insertions, 48 deletions
diff --git a/admin/cat_list.php b/admin/cat_list.php
index f5e3e834e..3c8e1e8d2 100644
--- a/admin/cat_list.php
+++ b/admin/cat_list.php
@@ -65,7 +65,7 @@ function save_categories_order($categories)
$categories = array();
$base_url = PHPWG_ROOT_PATH.'admin.php?page=cat_list';
-$navigation = '<a class="" href="'.$base_url.'">';
+$navigation = '<a class="" href="'.add_session_id($base_url).'">';
$navigation.= $lang['home'];
$navigation.= '</a>';
@@ -238,7 +238,7 @@ else
$template->assign_vars(array(
'CATEGORIES_NAV'=>$navigation,
'NEXT_RANK'=>$next_rank,
- 'F_ACTION'=>$form_action,
+ 'F_ACTION'=>add_session_id($form_action),
'L_ADD_VIRTUAL'=>$lang['cat_add'],
'L_SUBMIT'=>$lang['submit'],
@@ -317,9 +317,14 @@ foreach ($categories as $category)
'ID'=>$category['id'],
'RANK'=>$category['rank']*10,
- 'U_JUMPTO'=>PHPWG_ROOT_PATH.'category.php?cat='.$category['id'],
- 'U_CHILDREN'=>$cat_list_url.'&amp;parent_id='.$category['id'],
- 'U_EDIT'=>$base_url.'cat_modify&amp;cat_id='.$category['id']
+ 'U_JUMPTO'=>
+ add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$category['id']),
+
+ 'U_CHILDREN'=>
+ add_session_id($cat_list_url.'&amp;parent_id='.$category['id']),
+
+ 'U_EDIT'=>
+ add_session_id($base_url.'cat_modify&amp;cat_id='.$category['id'])
)
);
@@ -328,7 +333,7 @@ foreach ($categories as $category)
$template->assign_block_vars(
'category.delete',
array(
- 'URL'=>$self_url.'&amp;delete='.$category['id']
+ 'URL'=>add_session_id($self_url.'&amp;delete='.$category['id'])
)
);
}
@@ -338,7 +343,7 @@ foreach ($categories as $category)
$template->assign_block_vars(
'category.elements',
array(
- 'URL'=>$base_url.'element_set&amp;cat='.$category['id']
+ 'URL'=>add_session_id($base_url.'element_set&amp;cat='.$category['id'])
)
);
}
@@ -348,7 +353,7 @@ foreach ($categories as $category)
$template->assign_block_vars(
'category.permissions',
array(
- 'URL'=>$base_url.'cat_perm&amp;cat='.$category['id']
+ 'URL'=>add_session_id($base_url.'cat_perm&amp;cat='.$category['id'])
)
);
}
diff --git a/admin/cat_modify.php b/admin/cat_modify.php
index 8291e9030..0d82c13d4 100644
--- a/admin/cat_modify.php
+++ b/admin/cat_modify.php
@@ -171,11 +171,13 @@ $template->assign_vars(array(
'L_SUBMIT'=>$lang['submit'],
'L_SET_RANDOM_REPRESENTANT'=>$lang['cat_representant'],
- 'U_JUMPTO'=>PHPWG_ROOT_PATH.'category.php?cat='.$category['id'],
- 'U_CHILDREN'=>$cat_list_url.'&amp;parent_id='.$category['id'],
+ 'U_JUMPTO'=>
+ add_session_id(PHPWG_ROOT_PATH.'category.php?cat='.$category['id']),
+ 'U_CHILDREN'=>
+ add_session_id($cat_list_url.'&amp;parent_id='.$category['id']),
'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_modify',
- 'F_ACTION'=>$form_action
+ 'F_ACTION'=>add_session_id($form_action)
));
@@ -184,7 +186,7 @@ if ('private' == $category['status'])
$template->assign_block_vars(
'permissions',
array(
- 'URL'=>$base_url.'cat_perm&amp;cat='.$category['id']
+ 'URL'=>add_session_id($base_url.'cat_perm&amp;cat='.$category['id'])
)
);
}
@@ -195,7 +197,7 @@ if ($category['nb_images'] > 0)
$template->assign_block_vars(
'elements',
array(
- 'URL'=>$base_url.'element_set&amp;cat='.$category['id']
+ 'URL'=>add_session_id($base_url.'element_set&amp;cat='.$category['id'])
)
);
}
@@ -265,7 +267,7 @@ else
$template->assign_block_vars(
'delete',
array(
- 'URL'=>$self_url.'&amp;delete='.$category['id']
+ 'URL'=>add_session_id($self_url.'&amp;delete='.$category['id'])
)
);
diff --git a/admin/cat_move.php b/admin/cat_move.php
index 0d030dca0..7760b6494 100644
--- a/admin/cat_move.php
+++ b/admin/cat_move.php
@@ -68,7 +68,7 @@ $template->set_filenames(
$template->assign_vars(
array(
- 'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=cat_move',
+ 'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=cat_move'),
)
);
diff --git a/admin/cat_options.php b/admin/cat_options.php
index a43a4ec61..f8ca7527b 100644
--- a/admin/cat_options.php
+++ b/admin/cat_options.php
@@ -153,7 +153,7 @@ $template->assign_vars(
'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_options',
- 'F_ACTION'=>$base_url.$page['section']
+ 'F_ACTION'=>add_session_id($base_url.$page['section'])
)
);
diff --git a/admin/cat_perm.php b/admin/cat_perm.php
index 95e9edaa9..f0c961103 100644
--- a/admin/cat_perm.php
+++ b/admin/cat_perm.php
@@ -207,7 +207,10 @@ $template->assign_vars(
'admin.php?page=cat_modify&amp;cat_id='
),
'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=cat_perm',
- 'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=cat_perm&amp;cat='.$page['cat']
+ 'F_ACTION' =>
+ add_session_id(
+ PHPWG_ROOT_PATH.'admin.php?page=cat_perm&amp;cat='.$page['cat']
+ )
)
);
diff --git a/admin/comments.php b/admin/comments.php
index ef366c783..53d498c84 100644
--- a/admin/comments.php
+++ b/admin/comments.php
@@ -117,7 +117,7 @@ $template->set_filenames(array('comments'=>'admin/comments.tpl'));
$template->assign_vars(
array(
- 'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=comments'
+ 'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=comments')
)
);
@@ -141,8 +141,10 @@ while ($row = mysql_fetch_array($result))
'comment',
array(
'U_PICTURE' =>
+ add_session_id(
PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
- '&amp;image_id='.$row['image_id'],
+ '&amp;image_id='.$row['image_id']
+ ),
'ID' => $row['id'],
'TN_SRC' => get_thumbnail_src($row['path'], @$row['tn_ext']),
'AUTHOR' => $row['author'],
diff --git a/admin/configuration.php b/admin/configuration.php
index 5861ac495..f038800f4 100644
--- a/admin/configuration.php
+++ b/admin/configuration.php
@@ -149,7 +149,7 @@ $template->assign_vars(
'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=configuration',
- 'F_ACTION'=>$action
+ 'F_ACTION'=>add_session_id($action)
));
switch ($page['section'])
diff --git a/admin/element_set_unit.php b/admin/element_set_unit.php
index f3bf12bbd..fbffe99dd 100644
--- a/admin/element_set_unit.php
+++ b/admin/element_set_unit.php
@@ -222,8 +222,10 @@ SELECT id,path,tn_ext,name,date_creation,comment,keywords,author,file
!empty($row['name']) ?
$row['name'] : get_name_from_file($row['file']),
'U_EDIT' =>
+ add_session_id(
PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
- '&amp;image_id='.$row['id'],
+ '&amp;image_id='.$row['id']
+ ),
'ID' => $row['id'],
'FILENAME' => $row['path'],
'TN_SRC' => $src,
diff --git a/admin/group_list.php b/admin/group_list.php
index 0a9946fe5..7bc08b3f4 100644
--- a/admin/group_list.php
+++ b/admin/group_list.php
@@ -124,7 +124,8 @@ $template->set_filenames(array('group_list' => 'admin/group_list.tpl'));
$template->assign_vars(
array(
- 'F_ADD_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=group_list'
+ 'F_ADD_ACTION' =>
+ add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_list')
)
);
diff --git a/admin/group_perm.php b/admin/group_perm.php
index 2c474eb89..5c974008e 100644
--- a/admin/group_perm.php
+++ b/admin/group_perm.php
@@ -140,9 +140,11 @@ $template->assign_vars(
'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'],
'F_ACTION' =>
+ add_session_id(
PHPWG_ROOT_PATH.
'admin.php?page=group_perm&amp;group_id='.
$page['group']
+ )
)
);
diff --git a/admin/intro.php b/admin/intro.php
index 45e34a439..d7beec762 100644
--- a/admin/intro.php
+++ b/admin/intro.php
@@ -177,8 +177,10 @@ $template->assign_vars(
'DB_USERS' => sprintf(l10n('%d users'), $nb_users),
'DB_GROUPS' => sprintf(l10n('%d groups'), $nb_groups),
'DB_COMMENTS' => sprintf(l10n('%d comments'), $nb_comments),
- 'U_CHECK_UPGRADE' => PHPWG_ROOT_PATH.'admin.php?action=check_upgrade',
- 'U_PHPINFO' => PHPWG_ROOT_PATH.'admin.php?action=phpinfo'
+ 'U_CHECK_UPGRADE' =>
+ add_session_id(PHPWG_ROOT_PATH.'admin.php?action=check_upgrade'),
+ 'U_PHPINFO' =>
+ add_session_id(PHPWG_ROOT_PATH.'admin.php?action=phpinfo')
)
);
@@ -215,7 +217,7 @@ if ($nb_waiting > 0)
$template->assign_block_vars(
'waiting',
array(
- 'URL' => PHPWG_ROOT_PATH.'admin.php?page=waiting',
+ 'URL' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=waiting'),
'INFO' => sprintf(l10n('%d waiting for validation'), $nb_waiting)
)
);
@@ -234,7 +236,7 @@ if ($nb_comments > 0)
$template->assign_block_vars(
'unvalidated',
array(
- 'URL' => PHPWG_ROOT_PATH.'admin.php?page=comments',
+ 'URL' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=comments'),
'INFO' => sprintf(l10n('%d waiting for validation'), $nb_comments)
)
);
diff --git a/admin/maintenance.php b/admin/maintenance.php
index 067f1ff82..ec45196db 100644
--- a/admin/maintenance.php
+++ b/admin/maintenance.php
@@ -98,11 +98,11 @@ $start_url = PHPWG_ROOT_PATH.'admin.php?page=maintenance&amp;action=';
$template->assign_vars(
array(
- 'U_MAINT_CATEGORIES' => $start_url.'categories',
- 'U_MAINT_IMAGES' => $start_url.'images',
- 'U_MAINT_HISTORY' => $start_url.'history',
- 'U_MAINT_SESSIONS' => $start_url.'sessions',
- 'U_MAINT_FEEDS' => $start_url.'feeds',
+ 'U_MAINT_CATEGORIES' => add_session_id($start_url.'categories'),
+ 'U_MAINT_IMAGES' => add_session_id($start_url.'images'),
+ 'U_MAINT_HISTORY' => add_session_id($start_url.'history'),
+ 'U_MAINT_SESSIONS' => add_session_id($start_url.'sessions'),
+ 'U_MAINT_FEEDS' => add_session_id($start_url.'feeds'),
'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=maintenance',
)
);
diff --git a/admin/picture_modify.php b/admin/picture_modify.php
index 097857ec5..a8fa2b953 100644
--- a/admin/picture_modify.php
+++ b/admin/picture_modify.php
@@ -195,10 +195,12 @@ $template->set_filenames(
$template->assign_vars(
array(
'U_SYNC' =>
+ add_session_id(
PHPWG_ROOT_PATH.'admin.php?page=picture_modify'.
'&amp;image_id='.$_GET['image_id'].
(isset($_GET['cat_id']) ? '&amp;cat_id='.$_GET['cat_id'] : '').
- '&amp;sync_metadata=1',
+ '&amp;sync_metadata=1'
+ ),
'PATH'=>$row['path'],
@@ -228,8 +230,10 @@ $template->assign_vars(
stripslashes($_POST['description']) : @$row['comment'],
'F_ACTION' =>
+ add_session_id(
PHPWG_ROOT_PATH.'admin.php'
.get_query_string_diff(array('sync_metadata'))
+ )
)
);
diff --git a/admin/remote_site.php b/admin/remote_site.php
index 1ce1813a2..fb778084f 100644
--- a/admin/remote_site.php
+++ b/admin/remote_site.php
@@ -515,7 +515,7 @@ $template->assign_vars(
'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=remote_site',
- 'F_ACTION'=>PHPWG_ROOT_PATH.'admin.php?page=remote_site'
+ 'F_ACTION'=>add_session_id(PHPWG_ROOT_PATH.'admin.php?page=remote_site')
)
);
@@ -686,7 +686,7 @@ else
'local',
array(
'URL' => $url,
- 'U_UPDATE' => $base_url.'local_update'
+ 'U_UPDATE' => add_session_id($base_url.'local_update')
)
);
@@ -731,10 +731,10 @@ while ($row = mysql_fetch_array($result))
'sites.site',
array(
'NAME' => $row['galleries_url'],
- 'U_GENERATE' => $base_url.'generate',
- 'U_UPDATE' => $base_url.'update',
- 'U_CLEAN' => $base_url.'clean',
- 'U_DELETE' => $base_url.'delete'
+ 'U_GENERATE' => add_session_id($base_url.'generate'),
+ 'U_UPDATE' => add_session_id($base_url.'update'),
+ 'U_CLEAN' => add_session_id($base_url.'clean'),
+ 'U_DELETE' => add_session_id($base_url.'delete')
)
);
}
diff --git a/admin/stats.php b/admin/stats.php
index 02d7ec5d8..1a821a476 100644
--- a/admin/stats.php
+++ b/admin/stats.php
@@ -62,7 +62,7 @@ if (isset($_GET['day']) && isset($_GET['month']) && isset($_GET['year']) )
$date_of_day=$_GET['day'].' '.$lang['month'][$_GET['month']].' '.$_GET['year'];
$title_page=$lang['stats_day_title'].' du '.$date_of_day;
$url_back = PHPWG_ROOT_PATH."admin.php?page=stats";
- $url_back = $url_back;
+ $url_back = add_session_id($url_back);
$title_details='<a href='.$url_back.'>'.$lang['stats_day_title'].'</a>';
$title_day = $date_of_day;
}
@@ -71,7 +71,7 @@ elseif ( isset($_GET['month']) && isset($_GET['year']) )
$date_of_day=$lang['month'][$_GET['month']].' '.$_GET['year'];
$title_page=$lang['stats_month_title'].' : '.$date_of_day;
$url_back = PHPWG_ROOT_PATH."admin.php?page=stats";
- $url_back = $url_back;
+ $url_back = add_session_id($url_back);
$title_details='<a href='.$url_back.'>'.$lang['stats_day_title'].'</a>';
$title_day=$lang['today'];
}
@@ -105,7 +105,7 @@ $template->assign_vars(array(
'L_STAT_FILE'=>$lang['stats_file'],
'L_STAT_PICTURE'=>$lang['stats_picture'],
- 'IMG_REPORT'=>$url_img
+ 'IMG_REPORT'=>add_session_id($url_img)
));
//---------------------------------------------------------------- log history
@@ -141,7 +141,7 @@ while ( $row = mysql_fetch_array( $result ) )
.'&amp;day='.$row['d']
;
- $value = '<a href="'.$url.'">';
+ $value = '<a href="'.add_session_id($url).'">';
$value.= $row['d'].' ('.$week_day.')';
$value.= "</a>";
}
@@ -160,7 +160,7 @@ while ( $row = mysql_fetch_array( $result ) )
.'&amp;month='.$row['m']
;
- $value = '<a href="'.$url.'">';
+ $value = '<a href="'.add_session_id($url).'">';
$value.= $lang['month'][$row['m']].' '.$row['y'];
$value.= "</a>";
}
diff --git a/admin/thumbnail.php b/admin/thumbnail.php
index 88ffdc952..5193388d7 100644
--- a/admin/thumbnail.php
+++ b/admin/thumbnail.php
@@ -358,7 +358,7 @@ if (count($remainings) > 0)
$template->assign_block_vars(
'params',
array(
- 'F_ACTION'=>$form_url,
+ 'F_ACTION'=>add_session_id($form_url),
$gdlabel=>'checked="checked"',
$nlabel=>'checked="checked"',
'WIDTH_TN'=>$width,
diff --git a/admin/user_list.php b/admin/user_list.php
index 3eaac6d70..e51c8e583 100644
--- a/admin/user_list.php
+++ b/admin/user_list.php
@@ -424,7 +424,7 @@ while ($row = mysql_fetch_array($result))
$template->set_filenames(array('user_list'=>'admin/user_list.tpl'));
-$base_url = PHPWG_ROOT_PATH.'admin.php?page=user_list';
+$base_url = add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_list');
if (isset($_GET['start']) and is_numeric($_GET['start']))
{
@@ -790,8 +790,8 @@ foreach ($page['filtered_users'] as $num => $local_user)
'CLASS' => ($num % 2 == 1) ? 'row2' : 'row1',
'ID' => $local_user['id'],
'CHECKED' => $checked,
- 'U_MOD' => $profile_url.$local_user['id'],
- 'U_PERM' => $perm_url.$local_user['id'],
+ 'U_MOD' => add_session_id($profile_url.$local_user['id']),
+ 'U_PERM' => add_session_id($perm_url.$local_user['id']),
'USERNAME' => $local_user['username'],
'STATUS' => $lang['user_status_'.$local_user['status']],
'EMAIL' => isset($local_user['email']) ? $local_user['email'] : '',
diff --git a/admin/user_perm.php b/admin/user_perm.php
index 91ade3618..400678ce2 100644
--- a/admin/user_perm.php
+++ b/admin/user_perm.php
@@ -133,9 +133,11 @@ $template->assign_vars(
'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'],
'F_ACTION' =>
+ add_session_id(
PHPWG_ROOT_PATH.
'admin.php?page=user_perm'.
'&amp;user_id='.$page['user']
+ )
)
);
diff --git a/admin/waiting.php b/admin/waiting.php
index 647fcafe2..7c8e05b51 100644
--- a/admin/waiting.php
+++ b/admin/waiting.php
@@ -148,7 +148,7 @@ $template->assign_vars(array(
'L_RESET'=>$lang['reset'],
'L_DELETE'=>$lang['delete'],
- 'F_ACTION'=>str_replace( '&', '&amp;', $_SERVER['REQUEST_URI'])
+ 'F_ACTION'=>add_session_id(str_replace( '&', '&amp;', $_SERVER['REQUEST_URI'] ))
));
//---------------------------------------------------------------- form display
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-18 14:02:50 +0000