Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-04-26 17:29:21 +02:00
Code Issues Packages Projects Releases Wiki Activity
myaac/admin/pages/dashboard.php
Slawomir Boczek 790d85a88a
CSRF Protection (#235) 
* Fix alert class name

* feature: csrf protection

* Cosmetics

* Fix token generate

* Admin Panel: changelogs csrf protection

* news/id route

* Refactor admin newses + add csrf

* Use admin.links instead

* Admin panel: Pages csrf

* Menus: better csrf + add success message on reset colors

* Plugins csrf

* Move definitions

* add info function, same as note($message)

* Update mailer.php

* Fix new page/news links

* clear_cache & maintenance csrf

* Formatting

* Fix news type

* Fix changelog link

* Add new changelog link

* More info to confirm dialog

* This is always true
2023-11-11 10:57:57 +01:00

64 lines
1.7 KiB
PHP
Raw Blame History

<?php
/**
* Dashboard
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Dashboard';
csrfProtect();
if (isset($_POST['clear_cache'])) {
if (clearCache()) {
success('Cache cleared.');
} else {
error('Error while clearing cache.');
}
}
if (isset($_POST['maintenance'])) {
$message = (!empty($_POST['message']) ? $_POST['message'] : null);
$_status = (isset($_POST['status']) && $_POST['status'] == 'true');
$_status = ($_status ? '0' : '1');
if (empty($message)) {
error('Message cannot be empty.');
} else if (strlen($message) > 255) {
error('Message is too long. Maximum length allowed is 255 chars.');
} else {
$tmp = '';
if (fetchDatabaseConfig('site_closed', $tmp))
updateDatabaseConfig('site_closed', $_status);
else
registerDatabaseConfig('site_closed', $_status);
if (fetchDatabaseConfig('site_closed_message', $tmp))
updateDatabaseConfig('site_closed_message', $message);
else
registerDatabaseConfig('site_closed_message', $message);
}
}
$is_closed = getDatabaseConfig('site_closed') == '1';
$closed_message = 'Server is under maintenance, please visit later.';
$tmp = '';
if (fetchDatabaseConfig('site_closed_message', $tmp))
$closed_message = $tmp;
$settingAdminPanelModules = setting('core.admin_panel_modules');
if (count($settingAdminPanelModules) > 0) {
echo '<div class="row">';
$twig_loader->prependPath(__DIR__ . '/modules/templates');
foreach ($settingAdminPanelModules as $box) {
$file = __DIR__ . '/modules/' . $box . '.php';
if (file_exists($file)) {
include($file);
}
}
echo '</div>';
}
Reference in New Issue View Git Blame Copy Permalink