CSRF Protection (#235)

* Fix alert class name * feature: csrf protection * Cosmetics * Fix token generate * Admin Panel: changelogs csrf protection * news/id route * Refactor admin newses + add csrf * Use admin.links instead * Admin panel: Pages csrf * Menus: better csrf + add success message on reset colors * Plugins csrf * Move definitions * add info function, same as note($message) * Update mailer.php * Fix new page/news links * clear_cache & maintenance csrf * Formatting * Fix news type * Fix changelog link * Add new changelog link * More info to confirm dialog * This is always true
2025-10-14 01:34:55 +02:00 · 2023-11-11 10:57:57 +01:00
parent a04fbde607
commit 790d85a88a
89 changed files with 789 additions and 504 deletions
--- a/templates/tibiacom/news.featured_article.html.twig
+++ b/templates/tibiacom/news.featured_article.html.twig
@@ -20,16 +20,7 @@
 						<b>
 							<p>{{ article.title|raw }}
 								{% if canEdit %}
-									<a href="{{ constant('ADMIN_URL') }}?p=news&action=edit&id={{ article.id }}" title="Edit">
-										<img src="images/edit.png"/>Edit
-									</a>
-									<a id="delete" href="{{ constant('ADMIN_URL') }}?p=news&action=delete&id={{ article.id }}" onclick="return confirm('Are you sure?');" title="Delete">
-										<img src="images/del.png"/>Delete
-									</a>
-									<a href="{{ constant('ADMIN_URL') }}?p=news&action=hide&id={{ article.id }}" title="{% if article.hidden != 1 %}Hide{% else %}Show{% endif %}">
-										<img src="images/{% if article.hidden != 1 %}success{% else %}error{% endif %}.png"/>
-										{% if article.hidden != 1 %}Hide{% else %}Show{% endif %}
-									</a>
+									{{ include('admin.links.html.twig', {page: 'news', id: article.id, hidden: article.hidden }) }}
 								{% endif %}
 							</p>
 						</b>