File tree 2 files changed +17
-0
lines changed
2 files changed +17
-0
lines changed Original file line number Diff line number Diff line change 231231 $ agenda_ajax_url'&session_id= ' .intval ($ _GET 'session_id ' ]);
232232}
233233
234+ $ agenda_ajax_url'&sec_token= ' .Security::get_token ();
235+
234236$ tplassign ('web_agenda_ajax_url ' , $ agenda_ajax_url
235237
236238$ formnew FormValidator (
Original file line number Diff line number Diff line change 3535 if (!$ agendagetIsAllowedToEdit ()) {
3636 break ;
3737 }
38+ if (false === Security::check_token ('get ' )) {
39+ exit ;
40+ }
3841 $ add_as_announcementisset ($ _REQUEST 'add_as_annonuncement ' ]) ? $ _REQUEST 'add_as_annonuncement ' ] : null ;
3942 $ titleisset ($ _REQUEST 'title ' ]) ? $ _REQUEST 'title ' ] : null ;
4043 $ contentisset ($ _REQUEST 'content ' ]) ? $ _REQUEST 'content ' ] : null ;
5962 if (!$ agendagetIsAllowedToEdit ()) {
6063 break ;
6164 }
65+ if (false === Security::check_token ('get ' )) {
66+ exit ;
67+ }
6268 $ id_listexplode ('_ ' , $ _REQUEST 'id ' ]);
6369 $ id$ id_list1 ];
6470 $ agendaeditEvent (
7480 if (!$ agendagetIsAllowedToEdit ()) {
7581 break ;
7682 }
83+ if (false === Security::check_token ('get ' )) {
84+ exit ;
85+ }
7786 $ id_listexplode ('_ ' , $ _REQUEST 'id ' ]);
7887 $ id$ id_list1 ];
7988 $ deleteAllEventsFromSerieisset ($ _REQUEST 'delete_all_events ' ]) ? true : false ;
8392 if (!$ agendagetIsAllowedToEdit ()) {
8493 break ;
8594 }
95+ if (false === Security::check_token ('get ' )) {
96+ exit ;
97+ }
8698 $ minute_delta$ _REQUEST 'minute_delta ' ];
8799 $ idexplode ('_ ' , $ _REQUEST 'id ' ]);
88100 $ id$ id1 ];
92104 if (!$ agendagetIsAllowedToEdit ()) {
93105 break ;
94106 }
107+ if (false === Security::check_token ('get ' )) {
108+ exit ;
109+ }
95110 $ minute_delta$ _REQUEST 'minute_delta ' ];
96111 $ allDay$ _REQUEST 'all_day ' ];
97112 $ idexplode ('_ ' , $ _REQUEST 'id ' ]);
You can’t perform that action at this time.
0 commit comments