Nemcio/Grav-Admin-Plugin
1
0
Fork 0
mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2025-11-03 20:05:53 +01:00
Code Issues Packages Projects Releases Activity

Nonce-verify install/uninstall themes

Browse Source
This commit is contained in:
Flavio Copes
2015-11-19 23:01:14 +01:00
parent 1f6bda7d75
commit ce672e4919
3 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
themes/grav/templates/partials/plugins-list.html.twig
View File

@@ -24,11 +24,11 @@
</td> </td>
<td class="gpm-actions"> <td class="gpm-actions">
{% if (not installing and (plugin.form.fields.enabled.type != 'hidden')) %} {% if (not installing and (plugin.form.fields.enabled.type != 'hidden')) %}
<a class="{{ data.get('enabled') ? 'enabled' : 'disabled' }}" href="{{ base_url_relative }}/plugins/{{ slug }}/task{{ config.system.param_sep }}{{ data.get('enabled') ? 'disable' : 'enable' }}"> <a class="{{ data.get('enabled') ? 'enabled' : 'disabled' }}" href="{{ uri.addNonce(base_url_relative ~ '/plugins/' ~ slug ~ '/task' ~ config.system.param_sep ~ data.get('enabled') ? 'disable' : 'enable', 'admin-form', 'admin-nonce') }}">
<i class="fa fa-fw fa-toggle-{{ data.get('enabled') ? 'on' : 'off' }}"></i> <i class="fa fa-fw fa-toggle-{{ data.get('enabled') ? 'on' : 'off' }}"></i>
</a> </a>
{% elseif (installing) %} {% elseif (installing) %}
<a class="button" href="{{ base_url_relative }}/plugins/{{ slug }}/task{{ config.system.param_sep }}install"><i class="fa fa-plus"></i> Install</a> <a class="button" href="{{ uri.addNonce(base_url_relative ~ '/plugins/' ~ slug ~ '/task' ~ config.system.param_sep ~ 'install', 'admin-form', 'admin-nonce') }}"><i class="fa fa-plus"></i> Install</a>
{% endif %} {% endif %}
<span class="gpm-details-expand"><i class="fa fa-chevron-down"></i></span> <span class="gpm-details-expand"><i class="fa fa-chevron-down"></i></span>
</td> </td>

4
themes/grav/templates/partials/themes-details.html.twig
View File

@@ -102,12 +102,12 @@
{% if (config.get('system.pages.theme') != admin.route) %} {% if (config.get('system.pages.theme') != admin.route) %}
<div class="button-bar danger"> <div class="button-bar danger">
<span class="danger-zone"></span> <span class="danger-zone"></span>
<a class="button" href="{{ base_url_relative }}/themes/{{ theme.slug }}/task{{ config.system.param_sep }}uninstall"><i class="fa fa-fw fa-warning"></i>{{ "PLUGIN_ADMIN.REMOVE_THEME"|tu }}</a> <a class="button" href="{{ uri.addNonce(base_url_relative ~ '/themes/' ~ theme.slug ~ '/task' ~ config.system.param_sep ~ 'uninstall', 'admin-form', 'admin-nonce') }}"><i class="fa fa-fw fa-warning"></i>{{ "PLUGIN_ADMIN.REMOVE_THEME"|tu }}</a>
</div> </div>
{% endif %} {% endif %}
{% else %} {% else %}
<div class="button-bar success"> <div class="button-bar success">
<a class="button" href="{{ base_url_relative }}/themes/{{ theme.slug }}/task{{ config.system.param_sep }}install"><i class="fa fa-fw fa-plus"></i>{{ "PLUGIN_ADMIN.INSTALL_THEME"|tu }}</a> <a class="button" href="{{ uri.addNonce(base_url_relative ~ '/themes/' ~ theme.slug ~ '/task' ~ config.system.param_sep ~ 'install', 'admin-form', 'admin-nonce') }}"><i class="fa fa-fw fa-plus"></i>{{ "PLUGIN_ADMIN.INSTALL_THEME"|tu }}</a>
</div> </div>
{% endif %} {% endif %}