oldkid/friendica
1
0
Fork 0
mirror of https://git.sekbaer.de/Friendica/friendica.git synced 2025-06-12 01:54:26 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'bug/phpinfo-accessible-hotfix' into 2020.09-rc

Browse source 
# Conflicts:
#	src/Module/Admin/DBSync.php
#	src/Module/Admin/Logs/Settings.php
#	src/Module/Admin/Themes/Details.php
#	src/Module/Admin/Themes/Embed.php
This commit is contained in:
Hypolite Petovan 2020-09-08 14:07:46 -04:00
commit fb7f7435c0
20 changed files with 497 additions and 569 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/Module/Admin/Blocklist/Contact.php
View file

@ -32,14 +32,14 @@ class Contact extends BaseAdmin
{
public static function post(array $parameters = [])
{
parent::post($parameters);
self::checkAdminAccess();
self::checkFormSecurityTokenRedirectOnError('/admin/blocklist/contact', 'admin_contactblock');
$contact_url = $_POST['contact_url'] ?? '';
$block_reason = $_POST['contact_block_reason'] ?? '';
$contacts = $_POST['contacts'] ?? [];
parent::checkFormSecurityTokenRedirectOnError('/admin/blocklist/contact', 'admin_contactblock');
if (!empty($_POST['page_contactblock_block'])) {
$contact_id = Model\Contact::getIdForURL($contact_url);
if ($contact_id) {
@ -89,7 +89,7 @@ class Contact extends BaseAdmin
'$h_newblock' => DI::l10n()->t('Block New Remote Contact'),
'$th_contacts' => [DI::l10n()->t('Photo'), DI::l10n()->t('Name'), DI::l10n()->t('Reason')],
'$form_security_token' => parent::getFormSecurityToken('admin_contactblock'),
'$form_security_token' => self::getFormSecurityToken('admin_contactblock'),
// values //
'$baseurl' => DI::baseUrl()->get(true),

6
src/Module/Admin/Blocklist/Server.php
View file

@ -30,13 +30,13 @@ class Server extends BaseAdmin
{
public static function post(array $parameters = [])
{
parent::post($parameters);
self::checkAdminAccess();
if (empty($_POST['page_blocklist_save']) && empty($_POST['page_blocklist_edit'])) {
return;
}
parent::checkFormSecurityTokenRedirectOnError('/admin/blocklist/server', 'admin_blocklist');
self::checkFormSecurityTokenRedirectOnError('/admin/blocklist/server', 'admin_blocklist');
if (!empty($_POST['page_blocklist_save'])) {
// Add new item to blocklist
@ -107,7 +107,7 @@ class Server extends BaseAdmin
'$entries' => $blocklistform,
'$baseurl' => DI::baseUrl()->get(true),
'$confirm_delete' => DI::l10n()->t('Delete entry from blocklist?'),
'$form_security_token' => parent::getFormSecurityToken("admin_blocklist")
'$form_security_token' => self::getFormSecurityToken("admin_blocklist")
]);
}
}