From 6717089705236eb15e640628f045cc9a74c16c70 Mon Sep 17 00:00:00 2001
From: rvelices <rv-github@modusoptimus.com>
Date: Thu, 25 Mar 2010 05:59:35 +0000
Subject: - fix cat_modify  * missing token in url  * double icon display -
 simplified func check_pwg_token

git-svn-id: http://piwigo.org/svn/trunk@5335 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 admin/cat_modify.php                         | 13 ++++++-------
 admin/themes/default/template/cat_modify.tpl |  2 +-
 include/functions.inc.php                    | 20 +++++++-------------
 3 files changed, 14 insertions(+), 21 deletions(-)

diff --git a/admin/cat_modify.php b/admin/cat_modify.php
index 039317285..cf1556a1f 100644
--- a/admin/cat_modify.php
+++ b/admin/cat_modify.php
@@ -26,7 +26,6 @@ if (!defined('PHPWG_ROOT_PATH'))
   die('Hacking attempt!');
 }
 
-include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
 include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
 
 // +-----------------------------------------------------------------------+
@@ -289,7 +288,7 @@ if ($category['is_virtual'])
 {
   $template->assign(
     array(
-      'U_DELETE' => $self_url.'&amp;delete='.$category['id'],
+      'U_DELETE' => $self_url.'&amp;delete='.$category['id'].'&amp;pwg_token='.get_pwg_token(),
       )
     );
 }
@@ -344,12 +343,12 @@ for ($i=0; $i<3; $i++) // 3 fields
       'FIELD' => array(''),
       'DIRECTION' => array('ASC'),
     );
-  
+
   if ( isset($matches[1][$i]) )
   {
     $tpl_image_order_select['FIELD'] = array($matches[1][$i]);
   }
-  
+
   if (isset($matches[2][$i]) and strcasecmp($matches[2][$i],'DESC')==0)
   {
     $tpl_image_order_select['DIRECTION'] = array('DESC');
@@ -450,7 +449,7 @@ if (isset($_POST['submitEmail']) and !empty($_POST['group']))
 {
   set_make_full_url();
 
-  /* TODO: if $category['representative_picture_id'] 
+  /* TODO: if $category['representative_picture_id']
     is empty find child representative_picture_id */
   if (!empty($category['representative_picture_id']))
   {
@@ -474,7 +473,7 @@ SELECT id, file, path, tn_ext
                       .'" class="thumblnk"><img src="'.get_thumbnail_url($element).'"></a>';
     }
   }
-  
+
   if (!isset($img_url))
   {
     $img_url = '';
@@ -512,7 +511,7 @@ SELECT
   WHERE id = '.$_POST['group'].'
 ;';
   list($group_name) = pwg_db_fetch_row(pwg_query($query));
-  
+
   array_push(
     $page['infos'],
     sprintf(
diff --git a/admin/themes/default/template/cat_modify.tpl b/admin/themes/default/template/cat_modify.tpl
index 1878da75c..348683003 100644
--- a/admin/themes/default/template/cat_modify.tpl
+++ b/admin/themes/default/template/cat_modify.tpl
@@ -21,7 +21,7 @@
   <li><a href="{$U_MANAGE_PERMISSIONS}" title="{'Permissions'|@translate}"><img src="{$ROOT_URL}{$themeconf.admin_icon_dir}/category_Permissions.png" class="button" alt="{'Permissions'|@translate}"></a></li>
   {/if}
   {if isset($U_DELETE) }
-  <li><a href="{$U_DELETE}" title="{'Are you sure?'|@translate|@escape:'javascript'}');"><img src="{$ROOT_URL}{$themeconf.admin_icon_dir}/category_delete.png" class="button" alt="{'delete'|@translate}" onclick="return confirm('{'Are you sure?'|@translate|@escape:'javascript'}');"><img src="{$ROOT_URL}{$themeconf.admin_icon_dir}/category_delete.png" class="button" alt="{'delete'|@translate}"></a></li>
+  <li><a href="{$U_DELETE}" title="{'delete'|@translate}"><img src="{$ROOT_URL}{$themeconf.admin_icon_dir}/category_delete.png" class="button" alt="{'delete'|@translate}" onclick="return confirm('{'Are you sure?'|@translate|@escape:javascript}');"></a></li>
   {/if}
 </ul>
 
diff --git a/include/functions.inc.php b/include/functions.inc.php
index 8a34990fa..5d095eaa1 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -1453,21 +1453,15 @@ function get_icon($date, $is_child_date = false)
  */
 function check_pwg_token()
 {
-  $valid_token = get_pwg_token();
-  $given_token = null;
-
-  if (!empty($_POST['pwg_token']))
-  {
-    $given_token = $_POST['pwg_token'];
-  }
-  elseif (!empty($_GET['pwg_token']))
-  {
-    $given_token = $_GET['pwg_token'];
-  }
-  if ($given_token != $valid_token)
+  if (!empty($_REQUEST['pwg_token']))
   {
-    access_denied();
+    if (get_pwg_token() != $_REQUEST['pwg_token'])
+    {
+      access_denied();
+    }
   }
+  else
+    bad_request('missing token');
 }
 
 function get_pwg_token()
-- 
cgit v1.2.3