From 31aa1a27a35572d1beffc3834bd3e8709ce8a193 Mon Sep 17 00:00:00 2001
From: garvinhicking <garvinhicking>
Date: Thu, 20 Apr 2006 13:59:21 +0000
Subject: [PATCH] fix entry manager

---
 include/admin/entries.inc.php | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/include/admin/entries.inc.php b/include/admin/entries.inc.php
index 5638214..469d944 100644
--- a/include/admin/entries.inc.php
+++ b/include/admin/entries.inc.php
@@ -257,7 +257,7 @@ function serendipity_drawList() {
                         <td align="right">
                             <a target="_blank" href="<?php echo $entry['link']; ?>" title="<?php echo VIEW . ' #' . $entry['id']; ?>" class="serendipityIconLink"><img src="<?php echo serendipity_getTemplateFile('admin/img/zoom.png'); ?>" alt="<?php echo VIEW; ?>" /><?php echo VIEW ?></a>
                             <a href="?serendipity[action]=admin&amp;serendipity[adminModule]=entries&amp;serendipity[adminAction]=edit&amp;serendipity[id]=<?php echo $entry['id']; ?>" title="<?php echo EDIT . ' #' . $entry['id']; ?>" class="serendipityIconLink"><img src="<?php echo serendipity_getTemplateFile('admin/img/edit.png'); ?>" alt="<?php echo EDIT; ?>" /><?php echo EDIT ?></a>
-                            <a href="?serendipity[action]=admin&amp;serendipity[adminModule]=entries&amp;serendipity[adminAction]=delete&amp;serendipity[id]=<?php echo $entry['id']; ?>" title="<?php echo DELETE . ' #' . $entry['id']; ?>" class="serendipityIconLink"><img src="<?php echo serendipity_getTemplateFile('admin/img/delete.png'); ?>" alt="<?php echo DELETE; ?>" /><?php echo DELETE ?></a>
+                            <a href="?<?php echo serendipity_setFormToken('url'); ?>&amp;serendipity[action]=admin&amp;serendipity[adminModule]=entries&amp;serendipity[adminAction]=delete&amp;serendipity[id]=<?php echo $entry['id']; ?>" title="<?php echo DELETE . ' #' . $entry['id']; ?>" class="serendipityIconLink"><img src="<?php echo serendipity_getTemplateFile('admin/img/delete.png'); ?>" alt="<?php echo DELETE; ?>" /><?php echo DELETE ?></a>
                         </td>
                     </tr>
                 </table>
@@ -439,8 +439,11 @@ switch($serendipity['GET']['adminAction']) {
         break;
 
     case 'doDelete':
-        serendipity_deleteEntry($serendipity['GET']['id']);
-        printf(RIP_ENTRY, $serendipity['GET']['id']);
+        if (!serendipity_checkFormToken()) {
+            break;
+        }
+        serendipity_deleteEntry((int)$serendipity['GET']['id']);
+        printf(RIP_ENTRY, (int)$serendipity['GET']['id']);
         echo '<br />';
 
     case 'editSelect':
@@ -448,13 +451,16 @@ switch($serendipity['GET']['adminAction']) {
         break;
 
     case 'delete':
-        $newLoc = '?serendipity[action]=admin&amp;serendipity[adminModule]=entries&amp;serendipity[adminAction]=doDelete&amp;serendipity[id]=' . $serendipity['GET']['id'];
-        printf(DELETE_SURE, $serendipity['GET']['id']);
+        if (!serendipity_checkFormToken()) {
+            break;
+        }
+        $newLoc = '?' . serendipity_setFormToken('url') . '&amp;serendipity[action]=admin&amp;serendipity[adminModule]=entries&amp;serendipity[adminAction]=doDelete&amp;serendipity[id]=' . (int)$serendipity['GET']['id'];
+        printf(DELETE_SURE, (int)$serendipity['GET']['id']);
 ?>
 <br />
 <br />
 <div>
-    <a href="<?php echo $_SERVER["HTTP_REFERER"]; ?>" class="serendipityPrettyButton"><?php echo NOT_REALLY; ?></a>
+    <a href="<?php echo htmlspecialchars($_SERVER["HTTP_REFERER"]); ?>" class="serendipityPrettyButton"><?php echo NOT_REALLY; ?></a>
     <?php echo str_repeat('&nbsp;', 10); ?>
     <a href="<?php echo $newLoc; ?>" class="serendipityPrettyButton"><?php echo DUMP_IT; ?></a>
 </div>
-- 
2.39.5