dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Pin Numbers: Token integration.

This commit is contained in:
Nate 2019-09-19 07:29:36 -06:00
parent 237c2b676e
commit b11b9120b4
1 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
app/pin_numbers/pin_number_edit.php
View File

@ -66,6 +66,14 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
$pin_number_uuid = $_POST["pin_number_uuid"];
}
//validate the token
$token = new token;
if (!$token->validate($_SERVER['PHP_SELF'])) {
message::add($text['message-invalid_token'],'negative');
header('Location: pin_numbers.php');
exit;
}
//check for all required data
if (strlen($pin_number) == 0) { $msg .= $text['message-required']." ".$text['label-pin_number']."<br>\n"; }
//if (strlen($accountcode) == 0) { $msg .= $text['message-required']." ".$text['label-accountcode']."<br>\n"; }
@ -141,6 +149,10 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
unset($sql, $parameters, $row);
}
//create token
$object = new token;
$token = $object->create($_SERVER['PHP_SELF']);
//show the header
require_once "resources/header.php";
@ -214,9 +226,10 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
echo " <tr>\n";
echo " <td colspan='2' align='right'>\n";
if ($action == "update") {
echo " <input type='hidden' name='pin_number_uuid' value='".escape($pin_number_uuid)."'>\n";
echo " <input type='hidden' name='pin_number_uuid' value='".escape($pin_number_uuid)."'>\n";
}
echo " <input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
echo " <input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
echo " <input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
echo " </td>\n";
echo " </tr>";
echo "</table>";