From 10c9fa6e06f63afcb2e0b33200700368458009ab Mon Sep 17 00:00:00 2001 From: Nate Date: Thu, 19 Sep 2019 06:45:47 -0600 Subject: [PATCH] Phrases: Token integration. --- app/phrases/phrase_edit.php | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/app/phrases/phrase_edit.php b/app/phrases/phrase_edit.php index cbd7b7134a..50be202571 100644 --- a/app/phrases/phrase_edit.php +++ b/app/phrases/phrase_edit.php @@ -75,6 +75,14 @@ $phrase_uuid = $_POST["phrase_uuid"]; } + //validate the token + $token = new token; + if (!$token->validate($_SERVER['PHP_SELF'])) { + message::add($text['message-invalid_token'],'negative'); + header('Location: phrases.php'); + exit; + } + //check for all required data $msg = ''; if (strlen($phrase_name) == 0) { $msg .= $text['message-required']." ".$text['label-name']."
\n"; } @@ -253,6 +261,10 @@ $recordings = $database->select($sql, $parameters, 'all'); unset($sql, $parameters); +//create token + $object = new token; + $token = $object->create($_SERVER['PHP_SELF']); + //show the header require_once "resources/header.php"; if ($action == 'add') { $document['title'] = $text['title-add_phrase']; } @@ -550,8 +562,9 @@ if ($action == "update") { echo " \n"; } - echo "
"; - echo " \n"; + echo " \n"; + echo "
"; + echo " \n"; echo "\n"; echo "";