diff options
| author | Mario Vavti <mario@mariovavti.com> | 2017-03-31 13:59:43 +0200 |
|---|---|---|
| committer | Mario Vavti <mario@mariovavti.com> | 2017-03-31 13:59:43 +0200 |
| commit | d9ee8b2c32d3a5561c343bae23dc46820b02fa21 (patch) | |
| tree | 97d40446380b78aa2024bd6c4123c9a278052a92 | |
| parent | 614366e499eb5735673ebceb6814440f66968826 (diff) | |
| parent | 89e3f3210f5d8ddd49386a5c16320c4d2b909906 (diff) | |
| download | volse-hubzilla-d9ee8b2c32d3a5561c343bae23dc46820b02fa21.tar.gz volse-hubzilla-d9ee8b2c32d3a5561c343bae23dc46820b02fa21.tar.bz2 volse-hubzilla-d9ee8b2c32d3a5561c343bae23dc46820b02fa21.zip | |
Merge branch 'dev' of https://github.com/redmatrix/hubzilla into dev
| -rw-r--r-- | Zotlabs/Module/Import.php | 3 | ||||
| -rw-r--r-- | Zotlabs/Module/Import_items.php | 3 | ||||
| -rwxr-xr-x | view/tpl/channel_import.tpl | 5 | ||||
| -rwxr-xr-x | view/tpl/item_import.tpl | 4 |
4 files changed, 8 insertions, 7 deletions
diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php index b98c9be9b..54bc7de81 100644 --- a/Zotlabs/Module/Import.php +++ b/Zotlabs/Module/Import.php @@ -478,6 +478,8 @@ class Import extends \Zotlabs\Web\Controller { if(! $account_id) return; + check_form_security_token_redirectOnErr('/import', 'channel_import'); + $this->import_account($account_id); } @@ -508,6 +510,7 @@ class Import extends \Zotlabs\Web\Controller { '$pleasewait' => t('This process may take several minutes to complete. Please submit the form only once and leave this page open until finished.'), '$email' => '', '$pass' => '', + '$form_security_token' => get_form_security_token('channel_import'), '$submit' => t('Submit') )); diff --git a/Zotlabs/Module/Import_items.php b/Zotlabs/Module/Import_items.php index 133e37d9e..c2b2506fe 100644 --- a/Zotlabs/Module/Import_items.php +++ b/Zotlabs/Module/Import_items.php @@ -15,6 +15,8 @@ class Import_items extends \Zotlabs\Web\Controller { if(! local_channel()) return; + check_form_security_token_redirectOnErr('/import_items', 'import_items'); + $data = null; $src = $_FILES['filename']['tmp_name']; @@ -123,6 +125,7 @@ class Import_items extends \Zotlabs\Web\Controller { '$title' => t('Import Items'), '$desc' => t('Use this form to import existing posts and content from an export file.'), '$label_filename' => t('File to Upload'), + '$form_security_token' => get_form_security_token('import_items'), '$submit' => t('Submit') )); diff --git a/view/tpl/channel_import.tpl b/view/tpl/channel_import.tpl index 2028d6181..baffe9b06 100755 --- a/view/tpl/channel_import.tpl +++ b/view/tpl/channel_import.tpl @@ -1,7 +1,7 @@ <h2>{{$title}}</h2> <form action="import" method="post" enctype="multipart/form-data" id="import-channel-form"> - + <input type="hidden" name="form_security_token" value="{{$form_security_token}}"> <div id="import-desc" class="descriptive-paragraph">{{$desc}}</div> <label for="import-filename" id="label-import-filename" class="import-label" >{{$label_filename}}</label> @@ -40,7 +40,4 @@ <div id="import-submit-end" class="import-field-end"></div> <div id="import-common-desc" class="descriptive-paragraph">{{$pleasewait}}</div> - - </form> - diff --git a/view/tpl/item_import.tpl b/view/tpl/item_import.tpl index 65de7fcaf..e976417e1 100755 --- a/view/tpl/item_import.tpl +++ b/view/tpl/item_import.tpl @@ -1,7 +1,7 @@ <h2>{{$title}}</h2> <form action="import_items" method="post" enctype="multipart/form-data" id="import-channel-form"> - + <input type="hidden" name="form_security_token" value="{{$form_security_token}}"> <div id="import-desc" class="descriptive-paragraph">{{$desc}}</div> <label for="import-filename" id="label-import-filename" class="import-label" >{{$label_filename}}</label> @@ -10,6 +10,4 @@ <input type="submit" name="submit" id="import-submit-button" value="{{$submit}}" /> <div id="import-submit-end" class="import-field-end"></div> - </form> - |