Project

General

Profile

« Previous | Next » 

Revision 1357

Added by FrankH almost 14 years ago

Security fixes

View differences:

trash.php
27 27
require_once(WB_PATH.'/framework/class.admin.php');
28 28
$admin = new admin('Pages', 'pages');
29 29

  
30
if (!$admin->checkFTAN('get'))
31
{
32
	$admin->print_error($MESSAGE['PAGES']['NOT_FOUND']);
33
	exit();
34
}
35

  
30 36
?>
31 37
<script type="text/javascript" language="javascript">
32 38
function toggle_viewers() {
......
215 221

  
216 222
// Generate pages list
217 223
if($admin->get_permission('pages_view') == true) {
224
	$ftan2 = $admin->getFTAN(2);
218 225
	?>
219 226
	<table cellpadding="0" cellspacing="0" width="100%" border="0">
220 227
	<tr>
......
222 229
			<h2><?php echo $HEADING['DELETED_PAGES']; ?></h2>
223 230
		</td>
224 231
		<td align="right">
225
				<a href="<?php echo ADMIN_URL; ?>/pages/empty_trash.php">
232
				<a href="<?php echo ADMIN_URL. "/pages/empty_trash.php?$ftan2"; ?>">
226 233
				<img src="<?php echo THEME_URL; ?>/images/delete_16.png" alt="<?php echo $TEXT['PAGE_TRASH']; ?>" border="0" />
227 234
				<?php echo $TEXT['EMPTY_TRASH']; ?></a>
228 235
		</td>

Also available in: Unified diff