version 0.3.14

[fms.git] / src / http / pages / peerdetailspage.cpp

diff --git a/src/http/pages/peerdetailspage.cpp b/src/http/pages/peerdetailspage.cpp
index f4661ab..4148c57 100644 (file)
--- a/src/http/pages/peerdetailspage.cpp
+++ b/src/http/pages/peerdetailspage.cpp
@@ -20,7 +20,7 @@ const std::string PeerDetailsPage::GeneratePage(const std::string &method, const
        std::string dateadded="";\r
        std::string addedmethod="";\r
        std::string usk="";\r
-       std::string fcphost="";\r
+       std::string fcphost="127.0.0.1";\r
        std::string hidden="";\r
        int freesiteedition=-1;\r
        std::string publishtrustlist="";\r
@@ -36,21 +36,21 @@ const std::string PeerDetailsPage::GeneratePage(const std::string &method, const
                StringFunctions::Convert((*queryvars.find("identityid")).second,identityid);\r
        }\r
 \r
-       if(identityid!=0 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="deletemessages")\r
+       if(identityid!=0 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="deletemessages" && ValidateFormPassword(queryvars))\r
        {\r
                SQLite3DB::Statement del=m_db->Prepare("DELETE FROM tblMessage WHERE IdentityID=?;");\r
                del.Bind(0,identityid);\r
                del.Step();\r
        }\r
 \r
-       if(identityid!=0 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="hide")\r
+       if(identityid!=0 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="hide" && ValidateFormPassword(queryvars))\r
        {\r
                SQLite3DB::Statement del=m_db->Prepare("UPDATE tblIdentity SET Hidden='true' WHERE IdentityID=?;");\r
                del.Bind(0,identityid);\r
                del.Step();\r
        }\r
        \r
-       if(identityid!=0 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="show")\r
+       if(identityid!=0 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="show" && ValidateFormPassword(queryvars))\r
        {\r
                SQLite3DB::Statement del=m_db->Prepare("UPDATE tblIdentity SET Hidden='false' WHERE IdentityID=?;");\r
                del.Bind(0,identityid);\r
@@ -112,6 +112,7 @@ const std::string PeerDetailsPage::GeneratePage(const std::string &method, const
                content+="<tr><td>Hidden in Main Peer Trust Page</td>";\r
                content+="<td>"+hidden;\r
                content+="&nbsp;<form name=\"frmhidden\" method=\"POST\">";\r
+               content+=CreateFormPassword();\r
                content+="<input type=\"hidden\" name=\"identityid\" value=\""+identityidstr+"\">";\r
                if(hidden=="false")\r
                {\r
@@ -140,6 +141,7 @@ const std::string PeerDetailsPage::GeneratePage(const std::string &method, const
                content+="<td>Message Count</td>";\r
                content+="<td>"+messagecountstr;\r
                content+="&nbsp;&nbsp;<form name=\"frmdeletemessages\" method=\"POST\">";\r
+               content+=CreateFormPassword();\r
                content+="<input type=\"hidden\" name=\"identityid\" value=\""+identityidstr+"\">";\r
                content+="<input type=\"hidden\" name=\"formaction\" value=\"deletemessages\">";\r
                content+="<input type=\"submit\" value=\"Delete Messages\">";\r