\r
if(queryvars.find("formaction")!=queryvars.end())\r
{\r
- if((*queryvars.find("formaction")).second=="addboard" && queryvars.find("boardname")!=queryvars.end() && queryvars.find("boarddescription")!=queryvars.end())\r
+ if((*queryvars.find("formaction")).second=="addboard" && queryvars.find("boardname")!=queryvars.end() && queryvars.find("boarddescription")!=queryvars.end() && ValidateFormPassword(queryvars))\r
{\r
std::string boardname="";\r
std::string boarddescription="";\r
addst.Bind(3,"Added manually");\r
addst.Step();\r
}\r
- if((*queryvars.find("formaction")).second=="remove0messages")\r
+ if((*queryvars.find("formaction")).second=="remove0messages" && ValidateFormPassword(queryvars))\r
{\r
m_db->Execute("DELETE FROM tblBoard WHERE BoardID IN (SELECT BoardID FROM vwBoardStats WHERE MessageCount=0 AND BoardID NOT IN (SELECT BoardID FROM tblAdministrationBoard));");\r
}\r
- if((*queryvars.find("formaction")).second=="update")\r
+ if((*queryvars.find("formaction")).second=="update" && ValidateFormPassword(queryvars))\r
{\r
int boardid;\r
std::vector<std::string> boardids;\r
\r
content+="<tr>";\r
content+="<td colspan=\"3\"><center>";\r
- content+="<form name=\"frmboardsearch\" action=\"boards.htm\" method=\"POST\"><input type=\"text\" name=\"boardsearch\" value=\""+SanitizeOutput(boardsearch)+"\"><input type=\"submit\" value=\"Search\"></form>";\r
+ content+="<form name=\"frmboardsearch\" action=\"boards.htm\" method=\"POST\"><input type=\"text\" name=\"boardsearch\" value=\""+SanitizeOutput(boardsearch)+"\">"+CreateFormPassword()+"<input type=\"submit\" value=\"Search\"></form>";\r
content+="</center></td>";\r
content+="</tr>";\r
\r
content+="<tr>";\r
content+="<td colspan=\"3\"><center>";\r
- content+="<form name=\"frmremoveboard\" action=\"boards.htm\" method=\"POST\"><input type=\"hidden\" name=\"formaction\" value=\"remove0messages\">Remove boards with 0 messages<input type=\"submit\" value=\"Remove\"></form>";\r
+ content+="<form name=\"frmremoveboard\" action=\"boards.htm\" method=\"POST\">"+CreateFormPassword()+"<input type=\"hidden\" name=\"formaction\" value=\"remove0messages\">Remove boards with 0 messages<input type=\"submit\" value=\"Remove\"></form>";\r
content+="</center></td>";\r
content+="</tr>";\r
\r
content+="<tr>";\r
- content+="<td><form name=\"frmaddboard\" method=\"POST\"><input type=\"hidden\" name=\"formaction\" value=\"addboard\"><input type=\"text\" name=\"boardname\"></td><td><input type=\"text\" name=\"boarddescription\" size=\"40\" maxlength=\"50\"></td><td><input type=\"submit\" value=\"Add Board\"></form></td>";\r
+ content+="<td><form name=\"frmaddboard\" method=\"POST\">"+CreateFormPassword()+"<input type=\"hidden\" name=\"formaction\" value=\"addboard\"><input type=\"text\" name=\"boardname\"></td><td><input type=\"text\" name=\"boarddescription\" size=\"40\" maxlength=\"50\"></td><td><input type=\"submit\" value=\"Add Board\"></form></td>";\r
content+="</tr>";\r
\r
- content+="<tr><td colspan=\"4\"><hr><form name=\"frmboards\" method=\"POST\"><input type=\"hidden\" name=\"formaction\" value=\"update\"></td></tr>";\r
+ content+="<tr><td colspan=\"4\"><hr><form name=\"frmboards\" method=\"POST\"><input type=\"hidden\" name=\"formaction\" value=\"update\">"+CreateFormPassword()+"</td></tr>";\r
content+="<tr>";\r
content+="<th>Name</th><th>Description</th><th>Save Received Messages *</th><th>Added Method</th>";\r
content+="</tr>"; \r
content+="</tr>";\r
content+="</table>";\r
content+="<p class=\"paragraph\">";\r
- content+="* If you uncheck this box, any new messages you download that are posted to this board will be discarded.";\r
+ content+="* If you uncheck this box, any new messages you download that are posted to this board will be discarded. When multiple local identities are used, it is best not to discard messages from any boards, as identifying which identities are the same person is much easier when their message lists are missing messages from the same boards.";\r
content+="</p>";\r
\r
return StringFunctions::Replace(m_template,"[CONTENT]",content);\r
projects / fms.git / blobdiff