Theme reset csrf

core/module/theme/theme.php

@@ -105,7 +105,8 @@ class theme extends common
 		'2.4vmax' => '240%'
 	];
 	public static $headerHeights = [
-		'unset' => 'Libre', // texte dynamique cf header.js.php
+		'unset' => 'Libre',
+		// texte dynamique cf header.js.php
 		'100px' => '100px',
 		'150px' => '150px',
 		'200px' => '200px',
@@ -249,7 +250,9 @@ class theme extends common
 	{
 		// Soumission du formulaire
 		if ($this->isPost()) {
-			$this->setData(['admin', [
+			$this->setData([
+				'admin',
+				[
 					'backgroundColor' => $this->getInput('adminBackgroundColor'),
 					'colorTitle' => $this->getInput('adminColorTitle'),
 					'colorText' => $this->getInput('adminColorText'),
@@ -263,7 +266,8 @@ class theme extends common
 					'fontTitle' => $this->getInput('adminFontTitle'),
 					'backgroundBlockColor' => $this->getInput('adminBackGroundBlockColor'),
 					'borderBlockColor' => $this->getInput('adminBorderBlockColor'),
-			]]);
+				]
+			]);
 			// Valeurs en sortie
 			$this->addOutput([
 				'notification' => helper::translate('Modifications enregistrées'),
@@ -318,7 +322,10 @@ class theme extends common
 	{
 		// Soumission du formulaire
 		if ($this->isPost()) {
-			$this->setData(['theme', 'body', [
+			$this->setData([
+				'theme',
+				'body',
+				[
 					'backgroundColor' => $this->getInput('themeBodyBackgroundColor'),
 					'image' => $this->getInput('themeBodyImage'),
 					'imageAttachment' => $this->getInput('themeBodyImageAttachment'),
@@ -327,7 +334,8 @@ class theme extends common
 					'imageSize' => $this->getInput('themeBodyImageSize'),
 					'toTopbackgroundColor' => $this->getInput('themeBodyToTopBackground'),
 					'toTopColor' => $this->getInput('themeBodyToTopColor')
-			]]);
+				]
+			]);
 			// Valeurs en sortie
 			$this->addOutput([
 				'notification' => helper::translate('Modifications enregistrées'),
@@ -364,7 +372,10 @@ class theme extends common
 					'state' => false
 				]);
 			} else {
-				$this->setData(['theme', 'footer', [
+				$this->setData([
+					'theme',
+					'footer',
+					[
 						'backgroundColor' => $this->getInput('themeFooterBackgroundColor'),
 						'copyrightAlign' => $this->getInput('themeFooterCopyrightAlign'),
 						'height' => $this->getInput('themeFooterHeight'),
@@ -391,7 +402,8 @@ class theme extends common
 						'displaySearch' => $this->getInput('themeFooterDisplaySearch', helper::FILTER_BOOLEAN),
 						'memberBar' => $this->getInput('themeFooterMemberBar', helper::FILTER_BOOLEAN),
 						'template' => $this->getInput('themeFooterTemplate')
-				]]);
+					]
+				]);
 
 				// Sauvegarder la configuration localisée
 				$this->setData(['locale', 'legalPageId', $this->getInput('configLegalPageId')]);
@@ -453,7 +465,10 @@ class theme extends common
 			}
 
 			// Sauvegarder
-			$this->setData(['theme', 'header', [
+			$this->setData([
+				'theme',
+				'header',
+				[
 					'backgroundColor' => $this->getInput('themeHeaderBackgroundColor'),
 					'font' => $this->getInput('themeHeaderFont'),
 					'fontSize' => $this->getInput('themeHeaderFontSize'),
@@ -475,7 +490,8 @@ class theme extends common
 					'feature' => $this->getInput('themeHeaderFeature'),
 					'featureContent' => $featureContent,
 					'featureFiles' => $files
-			]]);
+				]
+			]);
 			// Modification de la position du menu selon la position de la bannière
 			if ($this->getData(['theme', 'header', 'position']) == 'site') {
 				$this->setData(['theme', 'menu', 'position', str_replace('body-', 'site-', $this->getData(['theme', 'menu', 'position']))]);
@@ -535,7 +551,10 @@ class theme extends common
 	{
 		// Soumission du formulaire
 		if ($this->isPost()) {
-			$this->setData(['theme', 'menu', [
+			$this->setData([
+				'theme',
+				'menu',
+				[
 					'backgroundColor' => $this->getInput('themeMenuBackgroundColor'),
 					'backgroundColorSub' => $this->getInput('themeMenuBackgroundColorSub'),
 					'font' => $this->getInput('themeMenuFont'),
@@ -558,7 +577,8 @@ class theme extends common
 					'memberBar' => $this->getInput('themeMenuMemberBar', helper::FILTER_BOOLEAN),
 					'burgerLogo' => $this->getInput('themeMenuBurgerLogo'),
 					'burgerContent' => $this->getInput('themeMenuBurgerContent')
-			]]);
+				]
+			]);
 			// Valeurs en sortie
 			$this->addOutput([
 				'notification' => helper::translate('Modifications enregistrées'),
@@ -676,7 +696,8 @@ class theme extends common
 				$this->setData([
 					'fonts',
 					$type,
-					$fontId, [
+					$fontId,
+					[
 						'name' => $fontName,
 						'font-family' => $fontFamilyName,
 						'resource' => $ressource
@@ -741,7 +762,8 @@ class theme extends common
 			$this->setData([
 				'fonts',
 				$type,
-				$fontId, [
+				$fontId,
+				[
 					'name' => $fontName,
 					'font-family' => $fontFamilyName,
 					'resource' => $ressource
@@ -775,11 +797,11 @@ class theme extends common
 	public function fontDelete()
 	{
 		// Jeton incorrect
-		if ($this->getUrl(4) !== $_SESSION['csrf']) {
+		if ($this->checkCSRF()) {
 			// Valeurs en sortie
 			$this->addOutput([
 				'redirect' => helper::baseUrl() . 'theme/fonts',
-				'notification' => helper::translate('Action interdite')
+				'notification' => helper::translate('Jeton invalide')
 			]);
 		}
 		// Suppression
@@ -811,16 +833,9 @@ class theme extends common
 	 */
 	public function reset()
 	{
-		// $url prend l'adresse sans le token
-		$url = explode('&', $this->getUrl(2));
-
-		if (
-			isset($_GET['csrf'])
-			and $_GET['csrf'] === $_SESSION['csrf']
-		) {
 		// Réinitialisation
 		$redirect = '';
-			switch ($url[0]) {
+		switch ($this->getUrl(2)) {
 			case 'admin':
 				$this->initData('admin', self::$i18nUI);
 				$redirect = helper::baseUrl() . 'theme/admin';
@@ -843,12 +858,7 @@ class theme extends common
 			'redirect' => $redirect,
 			'state' => true
 		]);
-		} else {
-			// Valeurs en sortie
-			$this->addOutput([
-				'notification' => helper::translate('Jeton incorrect')
-			]);
-		}
+
 	}
 
 
@@ -859,32 +869,52 @@ class theme extends common
 	{
 		// Soumission du formulaire
 		if ($this->isPost()) {
-			$this->setData(['theme', 'title', [
+			$this->setData([
+				'theme',
+				'title',
+				[
 					'font' => $this->getInput('themeTitleFont'),
 					'textColor' => $this->getInput('themeTitleTextColor'),
 					'fontWeight' => $this->getInput('themeTitleFontWeight'),
 					'textTransform' => $this->getInput('themeTitleTextTransform')
-			]]);
-			$this->setData(['theme', 'text', [
+				]
+			]);
+			$this->setData([
+				'theme',
+				'text',
+				[
 					'font' => $this->getInput('themeTextFont'),
 					'fontSize' => $this->getInput('themeTextFontSize'),
 					'textColor' => $this->getInput('themeTextTextColor'),
 					'linkColor' => $this->getInput('themeTextLinkColor')
-			]]);
-			$this->setData(['theme', 'site', [
+				]
+			]);
+			$this->setData([
+				'theme',
+				'site',
+				[
 					'backgroundColor' => $this->getInput('themeSiteBackgroundColor'),
 					'radius' => $this->getInput('themeSiteRadius'),
 					'shadow' => $this->getInput('themeSiteShadow'),
 					'width' => $this->getInput('themeSiteWidth'),
 					'margin' => $this->getInput('themeSiteMargin', helper::FILTER_BOOLEAN)
-			]]);
-			$this->setData(['theme', 'button', [
+				]
+			]);
+			$this->setData([
+				'theme',
+				'button',
+				[
 					'backgroundColor' => $this->getInput('themeButtonBackgroundColor')
-			]]);
-			$this->setData(['theme', 'block', [
+				]
+			]);
+			$this->setData([
+				'theme',
+				'block',
+				[
 					'backgroundColor' => $this->getInput('themeBlockBackgroundColor'),
 					'borderColor' => $this->getInput('themeBlockBorderColor')
-			]]);
+				]
+			]);
 			// Valeurs en sortie
 			$this->addOutput([
 				'notification' => helper::translate('Modifications enregistrées'),
@@ -925,7 +955,8 @@ class theme extends common
 					'notification' => $data['notification'],
 					'state' => $data['success'],
 					'view' => 'manage'
-				]);;
+				]);
+				;
 			}
 		}
 		// Valeurs en sortie