FbIN/htmly
1
0
Fork 0
mirror of https://github.com/danpros/htmly.git synced 2026-04-20 12:36:23 +05:30
Code Issues Projects Releases Packages Wiki Activity

added CSRF Token

Browse source
This commit is contained in:
Matthias Vogel 2014-07-12 13:03:49 +02:00
commit e852052790
11 changed files with 88 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

1
system/admin/views/add-page.html.php
View file

@ -13,6 +13,7 @@
<br><br>
<div id="wmd-button-bar" class="wmd-button-bar"></div>
<textarea id="wmd-input" class="wmd-input <?php if (isset($postContent)) { if (empty($postContent)) { echo 'error';}} ?>" name="content" cols="20" rows="10"><?php if (isset($postContent)) { echo $postContent;} ?></textarea><br/>
<input type="hidden" name="csrf_token" value="<?php echo get_csrf()?>">
<input type="submit" name="submit" class="submit" value="Publish"/>
</form>
</div>

1
system/admin/views/add-post.html.php
View file

@ -14,6 +14,7 @@
<br><br>
<div id="wmd-button-bar" class="wmd-button-bar"></div>
<textarea id="wmd-input" class="wmd-input <?php if (isset($postContent)) { if (empty($postContent)) { echo 'error';}} ?>" name="content" cols="20" rows="10"><?php if (isset($postContent)) { echo $postContent;} ?></textarea><br/>
<input type="hidden" name="csrf_token" value="<?php echo get_csrf()?>">
<input type="submit" name="submit" class="submit" value="Publish"/>
</form>
</div>

1
system/admin/views/delete-page.html.php
View file

@ -27,6 +27,7 @@
<?php echo '<p>Are you sure want to delete <strong>' . $p->title . '</strong>?</p>';?>
<form method="POST">
<input type="hidden" name="file" value="<?php echo $p->file ?>"/><br>
<input type="hidden" name="csrf_token" value="<?php echo get_csrf()?>">
<input type="submit" name="submit" value="Delete"/>
<span><a href="<?php echo $back ?>">Cancel</a></span>
</form>

1
system/admin/views/delete-post.html.php
View file

@ -34,6 +34,7 @@
<?php echo '<p>Are you sure want to delete <strong>' . $p->title . '</strong>?</p>';?>
<form method="POST">
<input type="hidden" name="file" value="<?php echo $p->file ?>"/><br>
<input type="hidden" name="csrf_token" value="<?php echo get_csrf()?>">
<input type="submit" name="submit" value="Delete"/>
<span><a href="<?php echo $back ?>">Cancel</a></span>
</form>

1
system/admin/views/edit-page.html.php
View file

@ -45,6 +45,7 @@
<div id="wmd-button-bar" class="wmd-button-bar"></div>
<textarea id="wmd-input" class="wmd-input <?php if (isset($postContent)) { if (empty($postContent)) { echo 'error';}} ?>" name="content" cols="20" rows="10"><?php echo $oldcontent ?></textarea><br>
<input type="hidden" name="oldfile" class="text" value="<?php echo $url ?>"/>
<input type="hidden" name="csrf_token" value="<?php echo get_csrf()?>">
<input type="submit" name="submit" class="submit" value="Save"/> <a href="<?php echo $delete?>">Delete</a>
</form>
</div>

1
system/admin/views/edit-post.html.php
View file

@ -60,6 +60,7 @@
<div id="wmd-button-bar" class="wmd-button-bar"></div>
<textarea id="wmd-input" class="wmd-input <?php if (isset($postContent)) { if (empty($postContent)) { echo 'error';}} ?>" name="content" cols="20" rows="10"><?php echo $oldcontent ?></textarea><br>
<input type="hidden" name="oldfile" class="text" value="<?php echo $url ?>"/>
<input type="hidden" name="csrf_token" value="<?php echo get_csrf()?>">
<input type="submit" name="submit" class="submit" value="Save"/> <a href="<?php echo $delete?>">Delete</a>
</form>
</div>

1
system/admin/views/edit-profile.html.php
View file

@ -37,6 +37,7 @@
Title <span class="required">*</span> <br><input type="text" name="title" class="text <?php if (isset($postTitle)) { if (empty($postTitle)) { echo 'error';}} ?>" value="<?php echo $oldtitle?>"/><br><br>
<div id="wmd-button-bar" class="wmd-button-bar"></div>
<textarea id="wmd-input" class="wmd-input <?php if (isset($postContent)) { if (empty($postContent)) { echo 'error';}} ?>" name="content" cols="20" rows="10"><?php echo $oldcontent ?></textarea><br>
<input type="hidden" name="csrf_token" value="<?php echo get_csrf()?>">
<input type="submit" name="submit" class="submit" value="Save"/>
</form>
</div>

1
system/admin/views/import.html.php
View file

@ -6,5 +6,6 @@
<form method="POST">
Feed Url <span class="required">*</span> <br><input type="url" class="text <?php if (isset($url)) { if (empty($url)) { echo 'error';}} ?>" name="url"/><br><br>
Add source link (optional) <input type="checkbox" class="checkbox" name="credit" value="yes"/><br><br>
<input type="hidden" name="csrf_token" value="<?php echo get_csrf()?>">
<input type="submit" name="submit" class="submit" value="Import"/>
</form>

1
system/admin/views/login.html.php
View file

@ -8,6 +8,7 @@
<input type="text" class="<?php if (isset($username)) { if (empty($username)) { echo 'error';}} ?>" name="user"/><br><br>
Password <span class="required">*</span> <br>
<input type="password" class="<?php if (isset($password)) { if (empty($password)) { echo 'error';}} ?>" name="password"/><br><br>
<input type="hidden" name="csrf_token" value="<?php echo get_csrf()?>">
<input type="submit" name="submit" value="Login"/>
</form>
<?php } else {header('location: admin');} ?>