Index: branches/2.8.x/CHANGELOG
===================================================================
--- branches/2.8.x/CHANGELOG	(revision 1403)
+++ branches/2.8.x/CHANGELOG	(revision 1404)
@@ -11,6 +11,8 @@
 ! = Update/Change
 
 ------------------------------------- 2.8.2 -------------------------------------
+22 Jan-2011 Build 1404 Dietmar Woellbrink (Luisehahne)
+# Security fix in pages 
 22 Jan-2011 Build 1403 Dietmar Woellbrink (Luisehahne)
 ! small fix
 22 Jan-2011 Build 1402 Dietmar Woellbrink (Luisehahne)
Index: branches/2.8.x/wb/admin/pages/delete.php
===================================================================
--- branches/2.8.x/wb/admin/pages/delete.php	(revision 1403)
+++ branches/2.8.x/wb/admin/pages/delete.php	(revision 1404)
@@ -25,14 +25,14 @@
 // Include the WB functions file
 require_once(WB_PATH.'/framework/functions.php');
 
-/*
+
 if( (!($page_id = $admin->checkIDKEY('page_id', 0, $_SERVER['REQUEST_METHOD']))) )
 {
 	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
 	exit();
 }
-*/
 
+/* 
 // Get page id
 if(!isset($_GET['page_id']) || !is_numeric($_GET['page_id'])) {
 	header("Location: index.php");
@@ -40,7 +40,7 @@
 } else {
 	$page_id = $_GET['page_id'];
 }
-
+*/
 // Get perms
 if (!$admin->get_page_permission($page_id,'admin')) {
 	$admin->print_error($MESSAGE['PAGES']['INSUFFICIENT_PERMISSIONS']);
Index: branches/2.8.x/wb/admin/pages/index.php
===================================================================
--- branches/2.8.x/wb/admin/pages/index.php	(revision 1403)
+++ branches/2.8.x/wb/admin/pages/index.php	(revision 1404)
@@ -157,7 +157,7 @@
 				</td>
 				<?php if($admin->get_permission('pages_modify') == true && $can_modify == true) { ?>
 				<td class="list_menu_title">
-					<a href="<?php echo ADMIN_URL; ?>/pages/modify.php?page_id=<?php echo /*$admin->getIDKEY($page['page_id'])*/ $page['page_id']; ?>" title="<?php echo $TEXT['MODIFY']; ?>">
+					<a href="<?php echo ADMIN_URL; ?>/pages/modify.php?page_id=<?php echo  $page['page_id']; ?>" title="<?php echo $TEXT['MODIFY']; ?>">
 						<?php if($page['visibility'] == 'public') { ?>
 							<img src="<?php echo THEME_URL; ?>/images/visible_16.png" alt="<?php echo $TEXT['VISIBILITY']; ?>: <?php echo $TEXT['PUBLIC']; ?>" class="page_list_rights" />
 						<?php } elseif($page['visibility'] == 'private') { ?>
@@ -209,12 +209,12 @@
 				<td class="list_actions">
 					<?php if($page['visibility'] != 'deleted') { ?>
 						<?php if($admin->get_permission('pages_settings') == true && $can_modify == true) { ?>
-						<a href="<?php echo ADMIN_URL; ?>/pages/settings.php?page_id=<?php echo /*$admin->getIDKEY($page['page_id'])*/ $page['page_id']; ?>" title="<?php echo $TEXT['SETTINGS']; ?>">
+						<a href="<?php echo ADMIN_URL; ?>/pages/settings.php?page_id=<?php echo $page['page_id']; ?>" title="<?php echo $TEXT['SETTINGS']; ?>">
 							<img src="<?php echo THEME_URL; ?>/images/modify_16.png" alt="<?php echo $TEXT['SETTINGS']; ?>" />
 						</a>
 						<?php } ?>
 					<?php } else { ?>
-						<a href="<?php echo ADMIN_URL; ?>/pages/restore.php?page_id=<?php echo /*$admin->getIDKEY($page['page_id'])*/ $page['page_id']; ?>" title="<?php echo $TEXT['RESTORE']; ?>">
+						<a href="<?php echo ADMIN_URL; ?>/pages/restore.php?page_id=<?php echo $page['page_id']; ?>" title="<?php echo $TEXT['RESTORE']; ?>">
 							<img src="<?php echo THEME_URL; ?>/images/restore_16.png" alt="<?php echo $TEXT['RESTORE']; ?>" />
 						</a>
 					<?php } ?>
@@ -246,11 +246,11 @@
                         {
 							$file=$admin->page_is_active($page)?"clock_16.png":"clock_red_16.png";
 							?>
-							<a href="<?php echo ADMIN_URL; ?>/pages/sections.php?page_id=<?php echo /*$admin->getIDKEY($page['page_id'])*/ $page['page_id']; ?>" title="<?php echo $HEADING['MANAGE_SECTIONS']; ?>">
+							<a href="<?php echo ADMIN_URL; ?>/pages/sections.php?page_id=<?php echo $page['page_id']; ?>" title="<?php echo $HEADING['MANAGE_SECTIONS']; ?>">
 							<img src="<?php echo THEME_URL."/images/$file"; ?>" alt="<?php echo $HEADING['MANAGE_SECTIONS']; ?>" />
 							</a>
 						<?php } else { ?>
-							<a href="<?php echo ADMIN_URL; ?>/pages/sections.php?page_id=<?php echo /*$admin->getIDKEY($page['page_id'])*/ $page['page_id']; ?>" title="<?php echo $HEADING['MANAGE_SECTIONS']; ?>">
+							<a href="<?php echo ADMIN_URL; ?>/pages/sections.php?page_id=<?php echo $page['page_id']; ?>" title="<?php echo $HEADING['MANAGE_SECTIONS']; ?>">
 							<img src="<?php echo THEME_URL; ?>/images/noclock_16.png" alt="<?php echo $HEADING['MANAGE_SECTIONS']; ?>" /></a>
 						<?php } ?>
 					<?php } ?>
@@ -280,7 +280,7 @@
 				</td>
 				<td class="list_actions">
 					<?php if($admin->get_permission('pages_delete') == true && $can_modify == true) { // add IdKey ?>
-					<a href="javascript:confirm_link('<?php echo $MESSAGE['PAGES_DELETE_CONFIRM']; ?>?','<?php echo ADMIN_URL; ?>/pages/delete.php?page_id=<?php echo /*$admin->getIDKEY($page['page_id'])*/ $page['page_id']; ?>');" title="<?php echo $TEXT['DELETE']; ?>">
+					<a href="javascript:confirm_link('<?php echo $MESSAGE['PAGES_DELETE_CONFIRM']; ?>?','<?php echo ADMIN_URL; ?>/pages/delete.php?page_id=<?php echo $admin->getIDKEY($page['page_id']); ?>');" title="<?php echo $TEXT['DELETE']; ?>">
 						<img src="<?php echo THEME_URL; ?>/images/delete_16.png" alt="<?php echo $TEXT['DELETE']; ?>" />
 					</a>
 					<?php } ?>
Index: branches/2.8.x/wb/admin/pages/sections.php
===================================================================
--- branches/2.8.x/wb/admin/pages/sections.php	(revision 1403)
+++ branches/2.8.x/wb/admin/pages/sections.php	(revision 1404)
@@ -217,8 +217,8 @@
 				// 'PAGE_IDKEY' => $admin->getIDKEY($results_array['page_id']),
 				'PAGE_IDKEY' => $results_array['page_id'],
 				'VAR_PAGE_TITLE' => $results_array['page_title'],
-				'SETTINGS_LINK' => ADMIN_URL.'/pages/settings.php?page_id='./*$admin->getIDKEY()*/$results_array['page_id'],
-				'MODIFY_LINK' => ADMIN_URL.'/pages/modify.php?page_id='./*$admin->getIDKEY()*/$results_array['page_id']
+				'SETTINGS_LINK' => ADMIN_URL.'/pages/settings.php?page_id='.$results_array['page_id'],
+				'MODIFY_LINK' => ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id']
 				)
 			);
 
@@ -245,7 +245,7 @@
 			{
 				$edit_page = '';
 			}
-			$edit_page_0 = '<a id="sid'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='./*$admin->getIDKEY()*/$results_array['page_id'];
+			$edit_page_0 = '<a id="sid'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id'];
 			$edit_page_1 = $section['section_id'].'">'.$section['module'].'</a>';
 			if(SECTION_BLOCKS)
             {
Index: branches/2.8.x/wb/admin/interface/version.php
===================================================================
--- branches/2.8.x/wb/admin/interface/version.php	(revision 1403)
+++ branches/2.8.x/wb/admin/interface/version.php	(revision 1404)
@@ -52,6 +52,6 @@
 
 // check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
 if(!defined('VERSION')) define('VERSION', '2.8.2.RC5');
-if(!defined('REVISION')) define('REVISION', '1403');
+if(!defined('REVISION')) define('REVISION', '1404');
 
 ?>