tinycm rev 31
Small fixes to activity and security
author | Christophe Lincoln <pankso@slitaz.org> |
---|---|
date | Mon Jan 06 18:47:03 2014 +0000 (2014-01-06) |
parents | de9aeda8602a |
children | c4b94b7a7dd6 |
files | index.cgi plugins/blog/blog.cgi |
line diff
1.1 --- a/index.cgi Mon Jan 06 15:15:38 2014 +0000 1.2 +++ b/index.cgi Mon Jan 06 18:47:03 2014 +0000 1.3 @@ -339,7 +339,7 @@ 1.4 # Log 1.5 if [ "$new" ]; then 1.6 echo "Page created by: $(link_user)" | log 1.7 - 1.8 + echo "New document: <a href='$script?d=$d'>$d</a>" | log_activity 1.9 if [ "$HG" == "yes" ]; then 1.10 cd $content && hg -q add 1.11 hg commit -q -u "$NAME <$MAIL>" -m "Created new document: $d" 1.12 @@ -348,7 +348,6 @@ 1.13 else 1.14 # Here we may clean log: cat && tail -n 40 1.15 echo "Page edited by: $(link_user)" | log 1.16 - echo "New document: <a href='$script?d=$d'>$d</a>" | log_activity 1.17 if [ "$HG" == "yes" ]; then 1.18 cd $content && hg commit -q -u "$NAME <$MAIL>" \ 1.19 -m "Edited document: $d" 1.20 @@ -372,8 +371,8 @@ 1.21 <div id="tools"> 1.22 <a href="$script?edit=$d">$(gettext "Edit document")</a> 1.23 <a href="$script?diff=$d">$(gettext "Last diff")</a> 1.24 - <a href="$script?log=$d">$(gettext "Activity")</a> 1.25 - <a href="$script?dashboard">Dashboard</a> 1.26 + <a href="$script?log=$d">$(gettext "File log")</a> 1.27 + <a href="$script?dashboard">$(gettext "Dashboard")</a> 1.28 $([ "$HG" == "yes" ] && echo "<a href='$script?hg'>Hg Log</a>") 1.29 </div> 1.30 EOT
2.1 --- a/plugins/blog/blog.cgi Mon Jan 06 15:15:38 2014 +0000 2.2 +++ b/plugins/blog/blog.cgi Mon Jan 06 18:47:03 2014 +0000 2.3 @@ -87,7 +87,7 @@ 2.4 html_header 2.5 user_box 2.6 # Blog tools for auth users 2.7 - if ! admin_user; then 2.8 + if ! check_auth && admin_user; then 2.9 gettext "You must be admin to create a new Blog post" 2.10 html_footer && exit 0 2.11 fi 2.12 @@ -116,7 +116,7 @@ 2.13 2.14 *\ blogsave\ *) 2.15 d="$(GET blogsave)" 2.16 - if admin_user; then 2.17 + if check_auth && admin_user; then 2.18 [ -d "$blog" ] || mkdir -p ${blog} 2.19 # New post ? 2.20 if [ ! -f "${blog}/${d}.txt" ]; then 2.21 @@ -138,7 +138,7 @@ 2.22 user_box 2.23 #echo "<h2>$(gettext "Latest blog posts")</h2>" 2.24 # Blog tools for auth users 2.25 - if admin_user; then 2.26 + if check_auth && admin_user; then 2.27 blog_tools 2.28 fi 2.29 # Exit if plugin is disabled