Masquage du code de vérification des formulaires et mise à jour des modules
This commit is contained in:
parent
e14f1d65aa
commit
c2d3d5cef2
|
|
@ -16,7 +16,7 @@
|
|||
class blog extends common
|
||||
{
|
||||
|
||||
const VERSION = '6.6';
|
||||
const VERSION = '6.8';
|
||||
const REALNAME = 'Blog';
|
||||
const DELETE = true;
|
||||
const UPDATE = '0.0';
|
||||
|
|
@ -320,7 +320,7 @@ class blog extends common
|
|||
$comments = $this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2), 'comment']);
|
||||
self::$commentsDelete = template::button('blogCommentDeleteAll', [
|
||||
'class' => 'blogCommentDeleteAll buttonRed',
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/commentDeleteAll/' . $this->getUrl(2) . '/' . $_SESSION['csrf'],
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/commentDeleteAll/' . $this->getUrl(2),
|
||||
'value' => 'Tout effacer'
|
||||
]);
|
||||
// Ids des commentaires par ordre de création
|
||||
|
|
@ -340,7 +340,7 @@ class blog extends common
|
|||
if ($this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2), 'commentApproved']) === true) {
|
||||
$buttonApproval = template::button('blogCommentApproved' . $commentIds[$i], [
|
||||
'class' => $comment['approval'] === true ? 'blogCommentRejected buttonGreen' : 'blogCommentApproved buttonRed',
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/commentApprove/' . $this->getUrl(2) . '/' . $commentIds[$i] . '/' . $_SESSION['csrf'],
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/commentApprove/' . $this->getUrl(2) . '/' . $commentIds[$i],
|
||||
'value' => $comment['approval'] === true ? 'A' : 'R',
|
||||
'help' => $comment['approval'] === true ? 'Approuvé' : 'Rejeté',
|
||||
]);
|
||||
|
|
@ -354,7 +354,7 @@ class blog extends common
|
|||
$buttonApproval,
|
||||
template::button('blogCommentDelete' . $commentIds[$i], [
|
||||
'class' => 'blogCommentDelete buttonRed',
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/commentDelete/' . $this->getUrl(2) . '/' . $commentIds[$i] . '/' . $_SESSION['csrf'],
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/commentDelete/' . $this->getUrl(2) . '/' . $commentIds[$i],
|
||||
'value' => template::ico('trash')
|
||||
])
|
||||
];
|
||||
|
|
@ -379,7 +379,7 @@ class blog extends common
|
|||
]);
|
||||
}
|
||||
// Jeton incorrect
|
||||
elseif ($this->getUrl(4) !== $_SESSION['csrf']) {
|
||||
elseif ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
||||
|
|
@ -404,7 +404,7 @@ class blog extends common
|
|||
public function commentDeleteAll()
|
||||
{
|
||||
// Jeton incorrect
|
||||
if ($this->getUrl(3) !== $_SESSION['csrf']) {
|
||||
if ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
||||
|
|
@ -436,7 +436,7 @@ class blog extends common
|
|||
]);
|
||||
}
|
||||
// Jeton incorrect
|
||||
elseif ($this->getUrl(4) !== $_SESSION['csrf']) {
|
||||
elseif ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
||||
|
|
@ -536,12 +536,12 @@ class blog extends common
|
|||
'help' => ($toApprove || $approved) > 0 ? 'Éditer / Approuver les commentaires' : ''
|
||||
]),
|
||||
template::button('blogConfigEdit' . $articleIds[$i], [
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/edit/' . $articleIds[$i] . '/' . $_SESSION['csrf'],
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/edit/' . $articleIds[$i],
|
||||
'value' => template::ico('pencil')
|
||||
]),
|
||||
template::button('blogConfigDelete' . $articleIds[$i], [
|
||||
'class' => 'blogConfigDelete buttonRed',
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $articleIds[$i] . '/' . $_SESSION['csrf'],
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $articleIds[$i],
|
||||
'value' => template::ico('trash')
|
||||
])
|
||||
];
|
||||
|
|
@ -565,7 +565,7 @@ class blog extends common
|
|||
'feeds' => $this->getInput('blogOptionShowFeeds', helper::FILTER_BOOLEAN),
|
||||
'feedsLabel' => $this->getInput('blogOptionFeedslabel', helper::FILTER_STRING_SHORT),
|
||||
'layout' => $this->getInput('blogOptionArticlesLayout', helper::FILTER_BOOLEAN),
|
||||
'articlesLenght' => $this->getInput('blogOptionArticlesLayout', helper::FILTER_BOOLEAN) === false ? $this->getInput('blogOptionArticlesLenght', helper::FILTER_INT): 0,
|
||||
'articlesLenght' => $this->getInput('blogOptionArticlesLayout', helper::FILTER_BOOLEAN) === false ? $this->getInput('blogOptionArticlesLenght', helper::FILTER_INT) : 0,
|
||||
'itemsperPage' => $this->getInput('blogOptionItemsperPage', helper::FILTER_INT, true),
|
||||
'dateFormat' => $this->getInput('blogOptionDateFormat'),
|
||||
'timeFormat' => $this->getInput('blogOptionTimeFormat'),
|
||||
|
|
@ -592,14 +592,15 @@ class blog extends common
|
|||
*/
|
||||
public function delete()
|
||||
{
|
||||
if ($this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]) === null) {
|
||||
if (
|
||||
$this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]) === null) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'access' => false
|
||||
]);
|
||||
}
|
||||
// Jeton incorrect
|
||||
elseif ($this->getUrl(3) !== $_SESSION['csrf']) {
|
||||
elseif ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
||||
|
|
@ -624,7 +625,7 @@ class blog extends common
|
|||
public function edit()
|
||||
{
|
||||
// Jeton incorrect
|
||||
if ($this->getUrl(3) !== $_SESSION['csrf']) {
|
||||
if ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
||||
|
|
@ -863,15 +864,18 @@ class blog extends common
|
|||
if ($articlePublishedOn <= time() and $articleIdsStates[$articleId]) {
|
||||
$articleIds[] = $articleId;
|
||||
// Nombre de commentaires approuvés par article
|
||||
self::$comments[$articleId] = 0 ;
|
||||
if (is_array($this->getData(['module', $this->getUrl(0), 'posts', $articleId, 'comment']))) {
|
||||
self::$comments[$articleId] = count($this->getData(['module', $this->getUrl(0), 'posts', $articleId, 'comment']));
|
||||
} else {
|
||||
self::$comments[$articleId] = '0';
|
||||
foreach ($this->getData(['module', $this->getUrl(0), 'posts', $articleId, 'comment']) as $commentId => $commentValue) {
|
||||
if ($this->getData(['module', $this->getUrl(0), 'posts', $articleId, 'comment', $commentId, 'approval'])) {
|
||||
self::$comments[$articleId] = self::$comments[$articleId] + 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
// Pagination
|
||||
$pagination = helper::pagination($articleIds, $this->getUrl(), $this->getData(['module', $this->getUrl(0), 'config', 'itemsperPage']));
|
||||
$pagination = helper::pagination($articleIds, $this->getUrl(), $this->getData(['module', $this->getUrl(0), 'config', 'itemsperPage']), '#article');
|
||||
// Liste des pages
|
||||
self::$pages = $pagination['pages'];
|
||||
// Articles en fonction de la pagination
|
||||
|
|
|
|||
|
|
@ -1,4 +1,9 @@
|
|||
|
||||
# version 6.9
|
||||
- Masque le code de vérification
|
||||
# version 6.8
|
||||
- Erreur de décompte des commentaires approuvés ou non dans l'index
|
||||
# version 6.7
|
||||
- Ancre article qui affiche le début de l'article au clic sur la barre de pages, fonction utile lorsque le module est sous la page
|
||||
# version 6.6
|
||||
- Position de l'icône RSS
|
||||
- Présentation en tableau amélioration du visuel
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
{"name":"blog","realName":"Blog","version":"6.5","update":"0.0","delete":true,"dataDirectory":""}
|
||||
{"name":"blog","realName":"Blog","version":"6.8","update":"0.0","delete":true,"dataDirectory":""}
|
||||
|
|
@ -39,7 +39,7 @@
|
|||
)
|
||||
)
|
||||
) : ?>
|
||||
<a href="<?php echo helper::baseUrl() . $this->getUrl(0) . '/edit/' . $this->getUrl(1) . '/' . $_SESSION['csrf']; ?>">
|
||||
<a href="<?php echo helper::baseUrl() . $this->getUrl(0) . '/edit/' . $this->getUrl(1); ?>">
|
||||
<?php echo template::ico('pencil'); ?> Éditer
|
||||
</a>
|
||||
<?php endif; ?>
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@
|
|||
</div>
|
||||
<?php endif; ?>
|
||||
<?php if ($module::$articles): ?>
|
||||
<article>
|
||||
<article id="article">
|
||||
<?php foreach ($module::$articles as $articleId => $article): ?>
|
||||
<?php if ($this->getData(['module', $this->getUrl(0), 'config', 'layout']) === true): ?>
|
||||
<div class="readMoreModernContainer">
|
||||
|
|
@ -73,7 +73,7 @@
|
|||
)
|
||||
): ?>
|
||||
<a
|
||||
href="<?php echo helper::baseUrl() . $this->getUrl(0) . '/edit/' . $articleId . '/' . $_SESSION['csrf']; ?>">
|
||||
href="<?php echo helper::baseUrl() . $this->getUrl(0) . '/edit/' . $articleId; ?>">
|
||||
<?php echo template::ico('pencil'); ?> Éditer
|
||||
</a>
|
||||
<?php endif; ?>
|
||||
|
|
@ -133,11 +133,11 @@
|
|||
</h2>
|
||||
<div class="blogComment">
|
||||
<a href="<?php echo helper::baseUrl() . $this->getUrl(0) . '/' . $articleId; ?>#comment">
|
||||
<?php if ($article['comment']): ?>
|
||||
<?php echo count($article['comment']); ?>
|
||||
<?php if ($module::$comments[$articleId]): ?>
|
||||
<?php echo $module::$comments[$articleId]; ?>
|
||||
<?php echo template::ico('comment', ['margin' => 'left']); ?>
|
||||
<?php endif; ?>
|
||||
</a>
|
||||
<?php echo template::ico('comment', ['margin' => 'left']); ?>
|
||||
</div>
|
||||
<div class="blogDate">
|
||||
<!-- bloc signature et date -->
|
||||
|
|
|
|||
|
|
@ -1,3 +1,5 @@
|
|||
# Version 3.10
|
||||
- Masque le code de vérification
|
||||
# Version 3.9
|
||||
- Redirection des pages orphelines
|
||||
# Version 3.8
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@
|
|||
class form extends common
|
||||
{
|
||||
|
||||
const VERSION = '3.9';
|
||||
const VERSION = '3.10';
|
||||
const REALNAME = 'Formulaire';
|
||||
const DATADIRECTORY = ''; // Contenu localisé inclus par défaut (page.json et module.json)
|
||||
|
||||
|
|
@ -29,9 +29,6 @@ class form extends common
|
|||
'deleteall' => self::GROUP_MODERATOR,
|
||||
'index' => self::GROUP_VISITOR,
|
||||
'export2csv' => self::GROUP_MODERATOR,
|
||||
'output2csv' => self::GROUP_MODERATOR,
|
||||
'init' => self::GROUP_MODERATOR,
|
||||
'update' => self::GROUP_MODERATOR,
|
||||
];
|
||||
|
||||
public static $data = [];
|
||||
|
|
@ -249,7 +246,7 @@ class form extends common
|
|||
$content,
|
||||
template::button('formDataDelete' . $dataIds[$i], [
|
||||
'class' => 'formDataDelete buttonRed',
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $dataIds[$i] . '/' . $_SESSION['csrf'],
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $dataIds[$i],
|
||||
'value' => template::ico('trash')
|
||||
])
|
||||
];
|
||||
|
|
@ -270,7 +267,7 @@ class form extends common
|
|||
public function export2csv()
|
||||
{
|
||||
// Jeton incorrect
|
||||
if ($this->getUrl(2) !== $_SESSION['csrf']) {
|
||||
if ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/data',
|
||||
|
|
@ -311,7 +308,7 @@ class form extends common
|
|||
public function deleteall()
|
||||
{
|
||||
// Jeton incorrect
|
||||
if ($this->getUrl(2) !== $_SESSION['csrf']) {
|
||||
if ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/data',
|
||||
|
|
@ -347,7 +344,7 @@ class form extends common
|
|||
public function delete()
|
||||
{
|
||||
// Jeton incorrect
|
||||
if ($this->getUrl(3) !== $_SESSION['csrf']) {
|
||||
if ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/data',
|
||||
|
|
|
|||
|
|
@ -9,14 +9,14 @@
|
|||
<div class="col1 offset9">
|
||||
<?php echo template::button('formDataDeleteAll', [
|
||||
'class' => 'formDataDeleteAll buttonRed',
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/deleteall' . '/' . $_SESSION['csrf'],
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/deleteall',
|
||||
'value' => template::ico('trash'),
|
||||
'help' => 'Effacer toutes les données'
|
||||
]); ?>
|
||||
</div>
|
||||
<div class="col1">
|
||||
<?php echo template::button('formDataBack', [
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/export2csv' . '/' . $_SESSION['csrf'],
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/export2csv',
|
||||
'value' => template::ico('download'),
|
||||
'help' => 'Exporter toutes les données'
|
||||
]); ?>
|
||||
|
|
|
|||
|
|
@ -1,3 +1,5 @@
|
|||
# Version 3.9
|
||||
- Bloque l'effacement de la galerie selon le profil
|
||||
# Version 3.8
|
||||
- Version compare null, dataversion not initialize
|
||||
- Bug de positionnement des boutons de retour
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ class gallery extends common
|
|||
{
|
||||
|
||||
|
||||
const VERSION = '3.8';
|
||||
const VERSION = '3.9';
|
||||
const REALNAME = 'Galerie';
|
||||
const DATADIRECTORY = self::DATA_DIR . 'gallery/';
|
||||
|
||||
|
|
@ -385,13 +385,13 @@ class gallery extends common
|
|||
$gallery['config']['name'],
|
||||
$gallery['config']['directory'],
|
||||
template::button('galleryConfigEdit' . $galleryId, [
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/edit/' . $galleryId . '/' . $_SESSION['csrf'],
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/edit/' . $galleryId,
|
||||
'value' => template::ico('pencil'),
|
||||
'help' => 'Configuration de la galerie '
|
||||
]),
|
||||
template::button('galleryConfigDelete' . $galleryId, [
|
||||
'class' => 'galleryConfigDelete buttonRed',
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $galleryId . '/' . $_SESSION['csrf'],
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $galleryId,
|
||||
'value' => template::ico('trash'),
|
||||
'help' => 'Supprimer cette galerie'
|
||||
])
|
||||
|
|
@ -507,7 +507,7 @@ class gallery extends common
|
|||
]);
|
||||
}
|
||||
// Jeton incorrect
|
||||
if ($this->getUrl(3) !== $_SESSION['csrf']) {
|
||||
if ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
||||
|
|
@ -544,7 +544,7 @@ class gallery extends common
|
|||
public function edit()
|
||||
{
|
||||
// Jeton incorrect
|
||||
if ($this->getUrl(3) !== $_SESSION['csrf']) {
|
||||
if ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
||||
|
|
@ -589,7 +589,7 @@ class gallery extends common
|
|||
]);
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/edit/' . $this->getUrl(2) . '/' . $_SESSION['csrf'],
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/edit/' . $this->getUrl(2),
|
||||
'notification' => helper::translate('Modifications enregistrées'),
|
||||
'state' => true
|
||||
]);
|
||||
|
|
@ -854,7 +854,7 @@ class gallery extends common
|
|||
public function theme()
|
||||
{
|
||||
// Jeton incorrect
|
||||
if ($this->getUrl(2) !== $_SESSION['csrf']) {
|
||||
if ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
||||
|
|
@ -935,7 +935,7 @@ class gallery extends common
|
|||
*/
|
||||
if ($this->getUrl(2) === 'galleries') {
|
||||
// Jeton incorrect
|
||||
if ($this->getUrl(3) !== $_SESSION['csrf']) {
|
||||
if ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
||||
|
|
@ -976,7 +976,7 @@ class gallery extends common
|
|||
*/
|
||||
} elseif ($this->getUrl(2) === 'gallery') {
|
||||
// Jeton incorrect
|
||||
if ($this->getUrl(4) !== $_SESSION['csrf']) {
|
||||
if ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/edit',
|
||||
|
|
@ -1027,7 +1027,7 @@ class gallery extends common
|
|||
}
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/edit/' . $galleryId . '/' . $_SESSION['csrf'],
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/edit/' . $galleryId,
|
||||
'notification' => helper::translate('Modifications enregistrées'),
|
||||
'state' => true
|
||||
]);
|
||||
|
|
|
|||
|
|
@ -1,3 +1,5 @@
|
|||
# Version 4.5
|
||||
- Bloque l'effacement de l'article selon le profil
|
||||
# Version 4.4
|
||||
- Intl date Formats
|
||||
- Bug un conflit avec le style de la page
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
class news extends common
|
||||
{
|
||||
|
||||
const VERSION = '4.3';
|
||||
const VERSION = '4.4';
|
||||
const REALNAME = 'News';
|
||||
const DATADIRECTORY = self::DATA_DIR . 'news/';
|
||||
|
||||
|
|
@ -239,12 +239,12 @@ class news extends common
|
|||
$dateOff,
|
||||
helper::translate(self::$states[$this->getData(['module', $this->getUrl(0), 'posts', $newsIds[$i], 'state'])]),
|
||||
template::button('newsConfigEdit' . $newsIds[$i], [
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/edit/' . $newsIds[$i] . '/' . $_SESSION['csrf'],
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/edit/' . $newsIds[$i],
|
||||
'value' => template::ico('pencil')
|
||||
]),
|
||||
template::button('newsConfigDelete' . $newsIds[$i], [
|
||||
'class' => 'newsConfigDelete buttonRed',
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $newsIds[$i] . '/' . $_SESSION['csrf'],
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $newsIds[$i],
|
||||
'value' => template::ico('trash')
|
||||
])
|
||||
];
|
||||
|
|
@ -338,12 +338,12 @@ class news extends common
|
|||
$dateOff,
|
||||
helper::translate(helper::translate(self::$states[$this->getData(['module', $this->getUrl(0), 'posts', $newsIds[$i], 'state'])])),
|
||||
template::button('newsConfigEdit' . $newsIds[$i], [
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/edit/' . $newsIds[$i] . '/' . $_SESSION['csrf'],
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/edit/' . $newsIds[$i],
|
||||
'value' => template::ico('pencil')
|
||||
]),
|
||||
template::button('newsConfigDelete' . $newsIds[$i], [
|
||||
'class' => 'newsConfigDelete buttonRed',
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $newsIds[$i] . '/' . $_SESSION['csrf'],
|
||||
'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $newsIds[$i],
|
||||
'value' => template::ico('cancel')
|
||||
])
|
||||
];
|
||||
|
|
@ -372,7 +372,7 @@ class news extends common
|
|||
]);
|
||||
}
|
||||
// Jeton incorrect
|
||||
elseif ($this->getUrl(3) !== $_SESSION['csrf']) {
|
||||
elseif ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
||||
|
|
@ -397,7 +397,7 @@ class news extends common
|
|||
public function edit()
|
||||
{
|
||||
// Jeton incorrect
|
||||
if ($this->getUrl(3) !== $_SESSION['csrf']) {
|
||||
if ($this->checkCSRF()) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@
|
|||
( $this->getUser('group') === self::GROUP_ADMIN )
|
||||
)
|
||||
): ?>
|
||||
<a href ="<?php echo helper::baseUrl() . $this->getUrl(0) . '/edit/' . $this->getUrl(1) . '/' . $_SESSION['csrf'];?>">
|
||||
<a href ="<?php echo helper::baseUrl() . $this->getUrl(0) . '/edit/' . $this->getUrl(1);?>">
|
||||
<?php echo template::ico('pencil');?> Éditer
|
||||
</a>
|
||||
<?php endif; ?>
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@
|
|||
)
|
||||
): ?>
|
||||
<a
|
||||
href="<?php echo helper::baseUrl() . $this->getUrl(0) . '/edit/' . $newsId . '/' . $_SESSION['csrf']; ?>">
|
||||
href="<?php echo helper::baseUrl() . $this->getUrl(0) . '/edit/' . $newsId; ?>">
|
||||
<?php echo template::ico('pencil'); ?> Éditer
|
||||
</a>
|
||||
<?php endif; ?>
|
||||
|
|
|
|||
Loading…
Reference in New Issue