dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Devices: Token integration.

This commit is contained in:
Nate 2019-09-17 22:35:49 -06:00
parent 52869dca68
commit 1a29840b12
6 changed files with 87 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
app/devices/device_edit.php
View File

@ -191,6 +191,14 @@
//add or update the database
if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
//validate the token
$token = new token;
if (!$token->validate($_SERVER['PHP_SELF'])) {
message::add($text['message-invalid_token'],'negative');
header('Location: devices.php');
exit;
}
//check for all required data
$msg = '';
//if (strlen($device_mac_address) == 0) { $msg .= $text['message-required'].$text['label-extension']."<br>\n"; }
@ -521,6 +529,10 @@
}
}
//create token
$object = new token;
$token = $object->create($_SERVER['PHP_SELF']);
//show the header
require_once "resources/header.php";
@ -1585,6 +1597,7 @@
if ($action == "update") {
echo " <input type='hidden' name='device_uuid' value='".escape($device_uuid)."'/>\n";
}
echo " <input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
echo " <br>";
echo " <input type='button' class='btn' value='".$text['button-save']."' onclick='submit_form();'/>\n";
echo " </td>\n";

13
app/devices/device_key_edit.php
View File

@ -71,6 +71,14 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
$device_key_uuid = $_POST["device_key_uuid"];
}
//validate the token
$token = new token;
if (!$token->validate($_SERVER['PHP_SELF'])) {
message::add($text['message-invalid_token'],'negative');
header('Location: devices.php');
exit;
}
//check for all required data
//if (strlen($device_key_id) == 0) { $msg .= $text['message-required']." ".$text['label-device_key_id']."<br>\n"; }
//if (strlen($device_key_category) == 0) { $msg .= $text['message-required']." ".$text['label-device_key_category']."<br>\n"; }
@ -154,6 +162,10 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
unset($sql, $parameters, $row);
}
//create token
$object = new token;
$token = $object->create($_SERVER['PHP_SELF']);
//show the header
require_once "resources/header.php";
@ -361,6 +373,7 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
if ($action == "update") {
echo " <input type='hidden' name='device_key_uuid' value='$device_key_uuid'>\n";
}
echo " <input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
echo " <br>";
echo " <input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
echo " </td>\n";

17
app/devices/device_profile_edit.php
View File

@ -82,6 +82,14 @@
}
}
//validate the token
$token = new token;
if (!$token->validate($_SERVER['PHP_SELF'])) {
message::add($text['message-invalid_token'],'negative');
header('Location: devices.php');
exit;
}
//check for all required data
$msg = '';
if (strlen($device_profile_name) == 0) { $msg .= $text['message-required']." ".$text['label-device_profile_name']."<br>\n"; }
@ -290,6 +298,10 @@
$device_profile_uuid = null;
}
//create token
$object = new token;
$token = $object->create($_SERVER['PHP_SELF']);
//show the header
require_once "resources/header.php";
@ -686,8 +698,9 @@
echo " <tr>\n";
echo " <td colspan='2' align='right'>\n";
echo " <input type='hidden' name='device_profile_uuid' value='".escape($device_profile_uuid)."'>\n";
echo " <input type='submit' class='btn' value='".$text['button-save']."'>\n";
echo " <input type='hidden' name='device_profile_uuid' value='".escape($device_profile_uuid)."'>\n";
echo " <input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
echo " <input type='submit' class='btn' value='".$text['button-save']."'>\n";
echo " </td>\n";
echo " </tr>";
echo "</table>";

15
app/devices/device_setting_edit.php
View File

@ -67,6 +67,16 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
if ($action == "update" && permission_exists('device_setting_edit')) {
$device_setting_uuid = $_POST["device_setting_uuid"];
}
//validate the token
$token = new token;
if (!$token->validate($_SERVER['PHP_SELF'])) {
message::add($text['message-invalid_token'],'negative');
header('Location: devices.php');
exit;
}
//check for all required data
if (strlen($msg) > 0 && strlen($_POST["persistformvar"]) == 0) {
require_once "resources/header.php";
require_once "resources/persist_form_var.php";
@ -137,6 +147,10 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
unset($sql, $parameters, $row);
}
//create token
$object = new token;
$token = $object->create($_SERVER['PHP_SELF']);
//show the header
require_once "resources/header.php";
if ($action == "update") {
@ -258,6 +272,7 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
if ($action == "update") {
echo " <input type='hidden' name='device_setting_uuid' value='$device_setting_uuid'>\n";
}
echo " <input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
echo " <br>";
echo " <input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
echo " </td>\n";

17
app/devices/device_vendor_edit.php
View File

@ -66,6 +66,14 @@
$device_vendor_uuid = $_POST["device_vendor_uuid"];
}
//validate the token
$token = new token;
if (!$token->validate($_SERVER['PHP_SELF'])) {
message::add($text['message-invalid_token'],'negative');
header('Location: devices.php');
exit;
}
//check for all required data
$msg = '';
if (strlen($name) == 0) { $msg .= $text['message-required']." ".$text['label-name']."<br>\n"; }
@ -129,6 +137,10 @@
unset($sql, $parameters, $row);
}
//create token
$object = new token;
$token = $object->create($_SERVER['PHP_SELF']);
//show the header
require_once "resources/header.php";
@ -192,9 +204,10 @@
echo " <tr>\n";
echo " <td colspan='2' align='right'>\n";
if ($action == "update") {
echo " <input type='hidden' name='device_vendor_uuid' value='".escape($device_vendor_uuid)."'>\n";
echo " <input type='hidden' name='device_vendor_uuid' value='".escape($device_vendor_uuid)."'>\n";
}
echo " <input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
echo " <input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
echo " <input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
echo " </td>\n";
echo " </tr>";
echo "</table>";

19
app/devices/device_vendor_function_edit.php
View File

@ -100,6 +100,14 @@
$device_vendor_function_uuid = $_POST["device_vendor_function_uuid"];
}
//validate the token
$token = new token;
if (!$token->validate($_SERVER['PHP_SELF'])) {
message::add($text['message-invalid_token'],'negative');
header('Location: devices.php');
exit;
}
//check for all required data
$msg = '';
//if (strlen($label) == 0) { $msg .= $text['message-required']." ".$text['label-label']."<br>\n"; }
@ -250,6 +258,10 @@
$groups = $database->select($sql, $parameters, 'all');
unset($sql, $parameters, $sql_where, $index);
//create token
$object = new token;
$token = $object->create($_SERVER['PHP_SELF']);
//show the header
require_once "resources/header.php";
@ -372,11 +384,12 @@
echo "</tr>\n";
echo " <tr>\n";
echo " <td colspan='2' align='right'>\n";
echo " <input type='hidden' name='device_vendor_uuid' value='".escape($device_vendor_uuid)."'>\n";
echo " <input type='hidden' name='device_vendor_uuid' value='".escape($device_vendor_uuid)."'>\n";
if ($action == "update") {
echo " <input type='hidden' name='device_vendor_function_uuid' value='".escape($device_vendor_function_uuid)."'>\n";
echo " <input type='hidden' name='device_vendor_function_uuid' value='".escape($device_vendor_function_uuid)."'>\n";
}
echo " <input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
echo " <input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
echo " <input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
echo " </td>\n";
echo " </tr>";
echo "</table>";