diff options
| author | petko <petko@524c5546-5005-0410-9a3e-e25e191bd360> | 2023-06-01 06:54:31 +0000 |
|---|---|---|
| committer | petko <petko@524c5546-5005-0410-9a3e-e25e191bd360> | 2023-06-01 06:54:31 +0000 |
| commit | 857d7f9db37dfd57a922c3ddffe31d9d47dec0cd (patch) | |
| tree | c2a2c404351717700145c38be7d21647e3c0027c /pmwiki.php | |
| parent | 03b578553d801b3785375d69e56a87cc29354516 (diff) | |
| download | pmwiki.svn-857d7f9db37dfd57a922c3ddffe31d9d47dec0cd.tar.bz2 | |
When the token is lost, reopen edit form rather than abort.
git-svn-id: svn://pmwiki.org/pmwiki/trunk@4473 524c5546-5005-0410-9a3e-e25e191bd360
Diffstat (limited to 'pmwiki.php')
| -rw-r--r-- | pmwiki.php | 8 |
1 files changed, 6 insertions, 2 deletions
@@ -2722,7 +2722,8 @@ function PreviewPage($pagename,&$page,&$new) { function HandleEdit($pagename, $auth = 'edit') { global $IsPagePosted, $EditFields, $EnablePost, $FmtV, $Now, $EditRedirectFmt, - $PageEditForm, $HandleEditFmt, $PageStartFmt, $PageEditFmt, $PageEndFmt; + $PageEditForm, $HandleEditFmt, $PageStartFmt, $PageEditFmt, $PageEndFmt, + $MessagesFmt; SDV($EditRedirectFmt, '$FullName'); if (@$_POST['cancel']) { Redirect(FmtPageName($EditRedirectFmt, $pagename)); return; } @@ -2734,7 +2735,10 @@ function HandleEdit($pagename, $auth = 'edit') { if (isset($_POST[$k])) $new[$k]=str_replace("\r",'',stripmagic($_POST[$k])); $EnablePost &= (bool)preg_grep('/^post/', array_keys(@$_POST)); - if($EnablePost) pmtoken(1, true); + if ($EnablePost && !pmtoken(1)) { + $MessagesFmt[] = '$[Token invalid or missing]'; + $EnablePost = false; + } $new['=preview'] = @$new['text']; PCache($pagename, $new); UpdatePage($pagename, $page, $new); |