Conference Controls: Token integration.
This commit is contained in:
Nate
parent
80459039e8
commit
fe772fc068
|
|
@ -47,6 +47,14 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
|
|||
$conference_control_detail_uuid = $_POST["conference_control_detail_uuid"];
|
||||
}
|
||||
|
||||
//validate the token
|
||||
$token = new token;
|
||||
if (!$token->validate($_SERVER['PHP_SELF'])) {
|
||||
message::add($text['message-invalid_token'],'negative');
|
||||
header('Location: conference_controls.php');
|
||||
exit;
|
||||
}
|
||||
|
||||
//check for all required data
|
||||
$msg = '';
|
||||
//if (strlen($control_digits) == 0) { $msg .= $text['message-required']." ".$text['label-control_digits']."<br>\n"; }
|
||||
|
|
@ -118,6 +126,10 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
|
|||
unset($sql, $parameters, $row);
|
||||
}
|
||||
|
||||
//create token
|
||||
$object = new token;
|
||||
$token = $object->create($_SERVER['PHP_SELF']);
|
||||
|
||||
//show the header
|
||||
require_once "resources/header.php";
|
||||
|
||||
|
|
@ -191,11 +203,12 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
|
|||
echo "</tr>\n";
|
||||
echo " <tr>\n";
|
||||
echo " <td colspan='2' align='right'>\n";
|
||||
echo " <input type='hidden' name='conference_control_uuid' value='".escape($conference_control_uuid)."'>\n";
|
||||
echo " <input type='hidden' name='conference_control_uuid' value='".escape($conference_control_uuid)."'>\n";
|
||||
if ($action == "update") {
|
||||
echo " <input type='hidden' name='conference_control_detail_uuid' value='".escape($conference_control_detail_uuid)."'>\n";
|
||||
echo " <input type='hidden' name='conference_control_detail_uuid' value='".escape($conference_control_detail_uuid)."'>\n";
|
||||
}
|
||||
echo " <input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
|
||||
echo " <input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
|
||||
echo " <input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
|
||||
echo " </td>\n";
|
||||
echo " </tr>";
|
||||
echo "</table>";
|
||||
|
|
|
|||
|
|
@ -42,6 +42,14 @@
|
|||
$conference_control_uuid = $_POST["conference_control_uuid"];
|
||||
}
|
||||
|
||||
//validate the token
|
||||
$token = new token;
|
||||
if (!$token->validate($_SERVER['PHP_SELF'])) {
|
||||
message::add($text['message-invalid_token'],'negative');
|
||||
header('Location: conference_controls.php');
|
||||
exit;
|
||||
}
|
||||
|
||||
//check for all required data
|
||||
$msg = '';
|
||||
if (strlen($control_name) == 0) { $msg .= $text['message-required']." ".$text['label-control_name']."<br>\n"; }
|
||||
|
|
@ -109,6 +117,10 @@
|
|||
unset($sql, $parameters, $row);
|
||||
}
|
||||
|
||||
//create token
|
||||
$object = new token;
|
||||
$token = $object->create($_SERVER['PHP_SELF']);
|
||||
|
||||
//show the header
|
||||
require_once "resources/header.php";
|
||||
|
||||
|
|
@ -172,9 +184,10 @@
|
|||
echo " <tr>\n";
|
||||
echo " <td colspan='2' align='right'>\n";
|
||||
if ($action == "update") {
|
||||
echo " <input type='hidden' name='conference_control_uuid' value='".escape($conference_control_uuid)."'>\n";
|
||||
echo " <input type='hidden' name='conference_control_uuid' value='".escape($conference_control_uuid)."'>\n";
|
||||
}
|
||||
echo " <input type='submit' class='btn' value='".$text['button-save']."'>\n";
|
||||
echo " <input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
|
||||
echo " <input type='submit' class='btn' value='".$text['button-save']."'>\n";
|
||||
echo " </td>\n";
|
||||
echo " </tr>";
|
||||
echo "</table>";
|
||||
|
|
|
|||
Loading…
Reference in New Issue