diff options
| author | Nathan Guse <nathaniel.guse@gmail.com> | 2013-09-05 13:56:57 -0500 |
|---|---|---|
| committer | Nathan Guse <nathaniel.guse@gmail.com> | 2013-09-05 13:56:57 -0500 |
| commit | e8ab8fe0bc7d087fe3c9b5d2a3e545f228bb3096 (patch) | |
| tree | 6a053afa0a156204112b480707608cac60770ac5 /phpBB/includes/acp/acp_styles.php | |
| parent | abaa53b0b295358efcf591587485c01a027cd5cb (diff) | |
| parent | dd86e8d0ae0179cf50076cdb1a8020266b6432a5 (diff) | |
| download | forums-e8ab8fe0bc7d087fe3c9b5d2a3e545f228bb3096.tar forums-e8ab8fe0bc7d087fe3c9b5d2a3e545f228bb3096.tar.gz forums-e8ab8fe0bc7d087fe3c9b5d2a3e545f228bb3096.tar.bz2 forums-e8ab8fe0bc7d087fe3c9b5d2a3e545f228bb3096.tar.xz forums-e8ab8fe0bc7d087fe3c9b5d2a3e545f228bb3096.zip | |
Merge branch 'develop' of github.com:phpbb/phpbb3 into ticket/8323
# By Joas Schilling (613) and others
# Via Andreas Fischer (214) and others
* 'develop' of github.com:phpbb/phpbb3: (2494 commits)
[ticket/11825] Move schema_data.php into includes/ instead of phpbb/
[ticket/11215] Remove unnecessary comment
[ticket/11755] MySQL upgrader out of date
[prep-release-3.0.12] Update Changelog for 3.0.12-RC3 release.
[prep-release-3.0.12] Bumping version number for 3.0.12-RC3.
[ticket/11823] Set up nginx server to match PHP files with characters after .php
[ticket/11812] Fix empty define
[ticket/11818] Update Symfony dependencies to 2.3.*
[ticket/11791] Load adm/ events from styles/adm/event/
[ticket/11215] Fix helper_url_test.php tests
[ticket/11215] Add newline back to .htaccess, fix wording
[ticket/11215] Update comment in .htaccess
[ticket/11215] Uncomment rewrite rules in .htaccess
[ticket/11215] Make controller helper url() method use correct format
[ticket/11215] Add commented-out URL rewrite capability to .htaccess
[ticket/11821] Fix comma usage next to "You are receiving this notification".
[ticket/11769] Allow using 0 as poster name
[ticket/11769] Allow '0' as username
[ticket/11215] Use new URL structure for controllers
[ticket/11215] Everything appears to be working...
...
Conflicts:
phpBB/includes/functions_privmsgs.php
Diffstat (limited to 'phpBB/includes/acp/acp_styles.php')
| -rw-r--r-- | phpBB/includes/acp/acp_styles.php | 25 |
1 files changed, 18 insertions, 7 deletions
diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index db77825ae7..094d84de40 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -68,13 +68,20 @@ class acp_styles $action = $this->request->variable('action', ''); $post_actions = array('install', 'activate', 'deactivate', 'uninstall'); + + if ($action && in_array($action, $post_actions) && !check_link_hash($request->variable('hash', ''), $action)) + { + trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); + } + foreach ($post_actions as $key) { - if (isset($_POST[$key])) + if ($this->request->is_set_post($key)) { $action = $key; } } + if ($action != '') { $this->s_hidden_fields['action'] = $action; @@ -137,11 +144,13 @@ class acp_styles */ protected function action_cache() { + global $db, $cache, $auth; + $this->cache->purge(); // Clear permissions $this->auth->acl_clear_prefetch(); - cache_moderators(); + phpbb_cache_moderators($db, $cache, $auth); add_log('admin', 'LOG_PURGE_CACHE'); @@ -919,21 +928,23 @@ class acp_styles 'L_ACTION' => $this->user->lang['DETAILS'] ); - // Activate + // Activate/Deactive + $action_name = ($style['style_active'] ? 'de' : '') . 'activate'; + $actions[] = array( - 'U_ACTION' => $this->u_action . '&action=' . ($style['style_active'] ? 'de' : '') . 'activate&id=' . $style['style_id'], + 'U_ACTION' => $this->u_action . '&action=' . $action_name . '&hash=' . generate_link_hash($action_name) . '&id=' . $style['style_id'], 'L_ACTION' => $this->user->lang['STYLE_' . ($style['style_active'] ? 'DE' : '') . 'ACTIVATE'] ); /* // Export $actions[] = array( - 'U_ACTION' => $this->u_action . '&action=export&id=' . $style['style_id'], + 'U_ACTION' => $this->u_action . '&action=export&hash=' . generate_link_hash('export') . '&id=' . $style['style_id'], 'L_ACTION' => $this->user->lang['EXPORT'] ); */ // Uninstall $actions[] = array( - 'U_ACTION' => $this->u_action . '&action=uninstall&id=' . $style['style_id'], + 'U_ACTION' => $this->u_action . '&action=uninstall&hash=' . generate_link_hash('uninstall') . '&id=' . $style['style_id'], 'L_ACTION' => $this->user->lang['STYLE_UNINSTALL'] ); @@ -955,7 +966,7 @@ class acp_styles else { $actions[] = array( - 'U_ACTION' => $this->u_action . '&action=install&dir=' . urlencode($style['style_path']), + 'U_ACTION' => $this->u_action . '&action=install&hash=' . generate_link_hash('install') . '&dir=' . urlencode($style['style_path']), 'L_ACTION' => $this->user->lang['INSTALL_STYLE'] ); } |