<a href="editusers.cgi?id=[% userid FILTER none %]">Edit this user</a>.
[% END %]
[% ELSIF san_tag == "example_check_au_user_prompt" %]
- <a href="sanitycheck.cgi?example_repair_au_user=1">Fix these users</a>.
+ <a href="sanitycheck.cgi?example_repair_au_user=1&token=
+ [%- issue_hash_token(['sanitycheck']) FILTER url_quote %]">Fix these users</a>.
[% ELSIF san_tag == "example_repair_au_user_start" %]
<em>EXAMPLE PLUGIN</em> - OK, would now make users Australian.
[% ELSIF san_tag == "example_repair_au_user_end" %]
use Bugzilla::Hook;
use Bugzilla::Util;
use Bugzilla::Status;
+use Bugzilla::Token;
###########################################################################
# General subs
}
else {
$template = Bugzilla->template;
+
+ # Only check the token if we are running this script from the
+ # web browser and a parameter is passed to the script.
+ # XXX - Maybe these two parameters should be deleted once logged in?
+ $cgi->delete('GoAheadAndLogIn', 'Bugzilla_restrictlogin');
+ if (scalar($cgi->param())) {
+ my $token = $cgi->param('token');
+ check_hash_token($token, ['sanitycheck']);
+ }
}
my $vars = {};
[% errortext FILTER html %]: [% INCLUDE bug_list badbugs = badbugs %]
[% ELSIF san_tag == "bug_check_repair" %]
- <a href="sanitycheck.cgi?[% param FILTER url_quote %]=1">[% text FILTER html %]</a>.
+ <a href="sanitycheck.cgi?[% param FILTER url_quote %]=1&token=
+ [%- issue_hash_token(['sanitycheck']) FILTER url_quote %]">[% text FILTER html %]</a>.
[% ELSIF san_tag == "bug_check_creation_date" %]
Checking for [% terms.bugs %] with no creation date (which makes them invisible).
[% END %]
[% ELSIF san_tag == "cross_check_attachment_has_references" %]
- <a href="sanitycheck.cgi?remove_invalid_attach_references=1">Remove
+ <a href="sanitycheck.cgi?remove_invalid_attach_references=1&token=
+ [%- issue_hash_token(['sanitycheck']) FILTER url_quote %]">Remove
invalid references to non existent attachments.</a>
[% ELSIF san_tag == "cross_check_bug_has_references" %]
- <a href="sanitycheck.cgi?remove_invalid_bug_references=1">Remove
+ <a href="sanitycheck.cgi?remove_invalid_bug_references=1&token=
+ [%- issue_hash_token(['sanitycheck']) FILTER url_quote %]">Remove
invalid references to non existent [% terms.bugs %].</a>
[% ELSIF san_tag == "double_cross_check_to" %]
[%+ PROCESS bug_link bug_id = bug_id %].
[% ELSIF san_tag == "flag_fix" %]
- <a href="sanitycheck.cgi?remove_invalid_flags=1">Click
+ <a href="sanitycheck.cgi?remove_invalid_flags=1&token=
+ [%- issue_hash_token(['sanitycheck']) FILTER url_quote %]">Click
here to delete invalid flags</a>
[% ELSIF san_tag == "group_control_map_entries_creation" %]
half an hour: [% INCLUDE bug_list badbugs = badbugs %]
[% ELSIF san_tag == "unsent_bugmail_fix" %]
- <a href="sanitycheck.cgi?rescanallBugMail=1">Send these mails</a>.
+ <a href="sanitycheck.cgi?rescanallBugMail=1&token=
+ [%- issue_hash_token(['sanitycheck']) FILTER url_quote %]">Send these mails</a>.
[% ELSIF san_tag == "whines_obsolete_target_deletion_start" %]
OK, now removing non-existent users/groups from whines.
[% END %]
[% ELSIF san_tag == "whines_obsolete_target_fix" %]
- <a href="sanitycheck.cgi?remove_old_whine_targets=1">Click here to
+ <a href="sanitycheck.cgi?remove_old_whine_targets=1&token=
+ [%- issue_hash_token(['sanitycheck']) FILTER url_quote %]">Click here to
remove old users/groups</a>
[% ELSE %]
projects / thirdparty / bugzilla.git / commitdiff
