]> git.mjollnir.org Git - moodle.git/commitdiff
projects / moodle.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8c100dd)
admin/modules.php is now using sesskey.
authorstronk7 <stronk7>
Sun, 3 Oct 2004 15:09:31 +0000 (15:09 +0000)
committerstronk7 <stronk7>
Sun, 3 Oct 2004 15:09:31 +0000 (15:09 +0000)
Merged from MOODLE_14_STABLE

admin/modules.php patch | blob | history

diff --git a/admin/modules.php b/admin/modules.php
index 2ee2b0c26bb3ff51dc5fb4a25556ec738ac17074..18bfdf0286898f7c6049052405b79a79c2a913e0 100644 (file)
--- a/admin/modules.php
+++ b/admin/modules.php
@@ -42,7 +42,7 @@
 
 /// If data submitted, then process and store.
 
-    if (!empty($hide)) {
+    if (!empty($hide) and confirm_sesskey()) {
         if (!$module = get_record("modules", "name", $hide)) {
             error("Module doesn't exist!");
         }
@@ -50,7 +50,7 @@
         set_field("course_modules", "visible", "0", "module", $module->id); // Hide all related activity modules
     }
 
-    if (!empty($show)) {
+    if (!empty($show) and confirm_sesskey()) {
         if (!$module = get_record("modules", "name", $show)) {
             error("Module doesn't exist!");
         }
@@ -58,13 +58,13 @@
         set_field("course_modules", "visible", "1", "module", $module->id); // Show all related activity modules
     }
 
-    if (!empty($delete)) {
+    if (!empty($delete) and confirm_sesskey()) {
       
         $strmodulename = get_string("modulename", "$delete");
 
         if (empty($confirm)) {
             notice_yesno(get_string("moduledeleteconfirm", "", $strmodulename), 
-                         "modules.php?delete=$delete&amp;confirm=$delete", 
+                         "modules.php?delete=$delete&amp;confirm=$delete&amp;sesskey=$USER->sesskey", 
                          "modules.php");
             print_footer();
             exit;
@@ -162,7 +162,7 @@
 
         $icon = "<img src=\"$modpixpath/$module->name/icon.gif\" hspace=\"10\" height=\"16\" width=\"16\" border=\"0\" alt=\"\" />";
 
-        $delete = "<a href=\"modules.php?delete=$module->name\">$strdelete</a>";
+        $delete = "<a href=\"modules.php?delete=$module->name&sesskey=$USER->sesskey\">$strdelete</a>";
 
         if (file_exists("$CFG->dirroot/mod/$module->name/config.html")) {
             $settings = "<a href=\"module.php?module=$module->name&sesskey=$USER->sesskey\">$strsettings</a>";
@@ -173,11 +173,11 @@
         $count = count_records("$module->name");
 
         if ($module->visible) {
-            $visible = "<a href=\"modules.php?hide=$module->name\" title=\"$strhide\">".
+            $visible = "<a href=\"modules.php?hide=$module->name&amp;sesskey=$USER->sesskey\" title=\"$strhide\">".
                        "<img src=\"$pixpath/i/hide.gif\" align=\"middle\" height=\"16\" width=\"16\" border=\"0\" alt=\"\" /></a>";
             $class = "";
         } else {
-            $visible = "<a href=\"modules.php?show=$module->name\" title=\"$strshow\">".
+            $visible = "<a href=\"modules.php?show=$module->name&amp;sesskey=$USER->sesskey\" title=\"$strshow\">".
                        "<img src=\"$pixpath/i/show.gif\" align=\"middle\" height=\"16\" width=\"16\" border=\"0\" alt=\"\" /></a>";
             $class = "class=\"dimmed_text\"";
         }
Unnamed repository; edit this file to name it for gitweb.