Revision 1357
Added by FrankH almost 14 years ago
sections.php | ||
---|---|---|
41 | 41 |
require_once(WB_PATH.'/framework/class.admin.php'); |
42 | 42 |
$admin = new admin('Pages', 'pages_modify'); |
43 | 43 |
|
44 |
if (!$admin->checkFTAN('get') and !$admin->checkFTAN()) |
|
45 |
{ |
|
46 |
$admin->print_error($MESSAGE['PAGES']['NOT_FOUND']); |
|
47 |
exit(); |
|
48 |
} |
|
49 |
|
|
44 | 50 |
// Check if we are supposed to add or delete a section |
45 | 51 |
if(isset($_GET['section_id']) AND is_numeric($_GET['section_id'])) |
46 | 52 |
{ |
... | ... | |
71 | 77 |
require(WB_PATH.'/framework/class.order.php'); |
72 | 78 |
$order = new order(TABLE_PREFIX.'sections', 'position', 'section_id', 'page_id'); |
73 | 79 |
$order->clean($page_id); |
74 |
$admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/sections.php?page_id='.$page_id); |
|
80 |
$ftan2 = $admin->getFTAN(2); |
|
81 |
$admin->print_success($TEXT['SUCCESS'], ADMIN_URL."/pages/sections.php?page_id=$page_id&$ftan2"); |
|
75 | 82 |
$admin->print_footer(); |
76 | 83 |
exit(); |
77 | 84 |
} |
... | ... | |
172 | 179 |
$template = new Template(THEME_PATH.'/templates'); |
173 | 180 |
$template->set_file('page', 'pages_sections.htt'); |
174 | 181 |
$template->set_block('page', 'main_block', 'main'); |
182 |
$template->set_var('FTAN', $admin->getFTAN()); |
|
175 | 183 |
$template->set_block('main_block', 'module_block', 'module_list'); |
176 | 184 |
$template->set_block('main_block', 'section_block', 'section_list'); |
177 | 185 |
$template->set_block('section_block', 'block_block', 'block_list'); |
... | ... | |
201 | 209 |
); |
202 | 210 |
|
203 | 211 |
// Insert variables |
212 |
$ftan2 = $admin->getFTAN(2); |
|
204 | 213 |
$template->set_var(array( |
205 | 214 |
'VAR_PAGE_ID' => $results_array['page_id'], |
206 | 215 |
'VAR_PAGE_TITLE' => $results_array['page_title'], |
207 |
'SETTINGS_LINK' => ADMIN_URL.'/pages/settings.php?page_id='.$results_array['page_id'], |
|
208 |
'MODIFY_LINK' => ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id'] |
|
216 |
'SETTINGS_LINK' => ADMIN_URL.'/pages/settings.php?page_id='.$results_array['page_id']."&$ftan2",
|
|
217 |
'MODIFY_LINK' => ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id']."&$ftan2"
|
|
209 | 218 |
) |
210 | 219 |
); |
211 | 220 |
|
... | ... | |
232 | 241 |
|
233 | 242 |
if(SECTION_BLOCKS) |
234 | 243 |
{ |
235 |
if(defined('EDIT_ONE_SECTION') && EDIT_ONE_SECTION) |
|
244 |
|
|
245 |
if(defined('EDIT_ONE_SECTION') && EDIT_ONE_SECTION) |
|
236 | 246 |
{ |
237 |
$edit_page ='<a name="'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$page_id.'&wysiwyg='.$section['section_id'] .'">'.$module_tmp.'</a>';
|
|
247 |
$edit_page ='<a name="'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$page_id."&$ftan2&wysiwyg=".$section['section_id'] .'">'.$module_tmp.'</a>';
|
|
238 | 248 |
} else { |
239 |
$edit_page ='<a name="'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$page_id.'#wb'.$section['section_id'].'">'.$module_tmp.'</a>'; |
|
249 |
$edit_page ='<a name="'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$page_id.'#wb'.$section['section_id'].."&$ftan2"'">'.$module_tmp.'</a>';
|
|
240 | 250 |
} |
241 | 251 |
$edit_page = ( trim($module_name) == '' ) ? '<span class="module_disabled">'.$section['module'].'</span>' : $edit_page; |
242 | 252 |
$input_attribute = 'input_normal'; |
... | ... | |
267 | 277 |
$template->parse('block_list', 'block_block', true); |
268 | 278 |
} |
269 | 279 |
} else { |
270 |
$edit_page ='<a name="'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$page_id.'#'.$section['section_id'].'">'.$module_tmp.'</a>'; |
|
280 |
$edit_page ='<a name="'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$page_id.'#'.$section['section_id']."&$ftan2".'">'.$module_tmp.'</a>';
|
|
271 | 281 |
$edit_page = ( trim($module_name) == '' ) ? '<span class="module_disabled">'.$section['module'].'</span>' : $edit_page; |
272 | 282 |
$input_attribute = 'input_small'; |
273 | 283 |
$template->set_var(array( |
... | ... | |
309 | 319 |
{ |
310 | 320 |
$template->set_var( |
311 | 321 |
'VAR_MOVE_UP_URL', |
312 |
'<a href="'.ADMIN_URL.'/pages/move_up.php?page_id='.$page_id.'&section_id='.$section['section_id'].'"> |
|
322 |
'<a href="'.ADMIN_URL.'/pages/move_up.php?page_id='.$page_id.'&section_id='.$section['section_id']."&$ftan2".'">
|
|
313 | 323 |
<img src="'.THEME_URL.'/images/up_16.png" alt="{TEXT_MOVE_UP}" /> |
314 | 324 |
</a>' ); |
315 | 325 |
} else { |
... | ... | |
321 | 331 |
if($section['position'] != $num_sections ) { |
322 | 332 |
$template->set_var( |
323 | 333 |
'VAR_MOVE_DOWN_URL', |
324 |
'<a href="'.ADMIN_URL.'/pages/move_down.php?page_id='.$page_id.'&section_id='.$section['section_id'].'"> |
|
334 |
'<a href="'.ADMIN_URL.'/pages/move_down.php?page_id='.$page_id.'&section_id='.$section['section_id']."&$ftan2".'">
|
|
325 | 335 |
<img src="'.THEME_URL.'/images/down_16.png" alt="{TEXT_MOVE_DOWN}" /> |
326 | 336 |
</a>' ); |
327 | 337 |
} else { |
Also available in: Unified diff
Security fixes