From 66d2cd6ec2e61dac3ccd0003294370d8035dc900 Mon Sep 17 00:00:00 2001
From: patdenice <patdenice@piwigo.org>
Date: Sat, 27 Mar 2010 17:32:45 +0000
Subject: Add token to themes installation. Only webmasters can install new
 plugins, themes or languages.

git-svn-id: http://piwigo.org/svn/trunk@5406 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 admin/plugins_update.php | 45 ++++++++++++++++++++++++++-------------------
 1 file changed, 26 insertions(+), 19 deletions(-)

(limited to 'admin/plugins_update.php')

diff --git a/admin/plugins_update.php b/admin/plugins_update.php
index 07876ca18..332c97cb4 100644
--- a/admin/plugins_update.php
+++ b/admin/plugins_update.php
@@ -37,30 +37,37 @@ $plugins = new plugins();
 //-----------------------------------------------------------automatic upgrade
 if (isset($_GET['plugin']) and isset($_GET['revision']) and !is_adviser())
 {
-  check_pwg_token();
-  
-  $plugin_id = $_GET['plugin'];
-  $revision = $_GET['revision'];
-
-  if (isset($plugins->db_plugins_by_id[$plugin_id])
-    and $plugins->db_plugins_by_id[$plugin_id]['state'] == 'active')
+  if (!is_webmaster())
   {
-    $plugins->perform_action('deactivate', $plugin_id);
-
-    redirect($base_url
-      . '&revision=' . $revision
-      . '&plugin=' . $plugin_id
-      . '&pwg_token='.get_pwg_token()
-      . '&reactivate=true');
+    array_push($page['errors'], l10n('Webmaster status is required.'));
   }
+  else
+  {
+    check_pwg_token();
+    
+    $plugin_id = $_GET['plugin'];
+    $revision = $_GET['revision'];
 
-  $upgrade_status = $plugins->extract_plugin_files('upgrade', $revision, $plugin_id);
+    if (isset($plugins->db_plugins_by_id[$plugin_id])
+      and $plugins->db_plugins_by_id[$plugin_id]['state'] == 'active')
+    {
+      $plugins->perform_action('deactivate', $plugin_id);
 
-  if (isset($_GET['reactivate']))
-  {
-    $plugins->perform_action('activate', $plugin_id);
+      redirect($base_url
+        . '&revision=' . $revision
+        . '&plugin=' . $plugin_id
+        . '&pwg_token='.get_pwg_token()
+        . '&reactivate=true');
+    }
+
+    $upgrade_status = $plugins->extract_plugin_files('upgrade', $revision, $plugin_id);
+
+    if (isset($_GET['reactivate']))
+    {
+      $plugins->perform_action('activate', $plugin_id);
+    }
+    redirect($base_url.'&plugin='.$plugin_id.'&upgradestatus='.$upgrade_status);
   }
-  redirect($base_url.'&plugin='.$plugin_id.'&upgradestatus='.$upgrade_status);
 }
 
 //--------------------------------------------------------------upgrade result
-- 
cgit v1.2.3