Commit Graph

8 Commits

Author SHA1 Message Date
Ferywir 749a55aaf5 fix(admin): escape reflected request params in admin templates [#139] (#270) 2026-06-23 17:37:11 +03:00
Ferywir 8a3a67d175 fix(admin): verify CSRF token in alliance/medal admin Mods [#139] (#261)
editAli, delAli, medals, delallymedal, delallymedalbyaid, delallymedalbyweek
and deletemedalbyweek are POSTed to directly, bypassing admin.php's central
csrf_verify(). Add csrf_verify() (after the admin access check, via the shared
GameEngine/Admin/csrf.php) and csrf_field() in their forms (playermedals.tpl,
editAli.tpl, delAli.tpl, delmedal.tpl, allymedals.tpl, delallymedal.tpl).

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 11:11:32 +03:00
novgorodschi catalin e69d8457d8 Admin panel design changed
Admin panel design changed
2026-06-05 12:30:13 +03:00
novgorodschi catalin a4e2c506a8 Redesign Admin Panel
Full frontend & backend redesign and refactor
2026-05-25 10:23:39 +03:00
Novgorodschi Catalin b29b0d90d0 Update admin panel to view images 2013-08-13 09:59:42 +03:00
Neranjen 786cbf1f8e Big Cleanup
1) Removed unnecessary files
2) Trailling spaces (no all though)
3)  Some space to tab conversion
2012-06-18 05:06:05 +05:30
unknown 2d87749f95 update install and email activation + add friends inviting system 2012-05-22 20:52:56 +03:00
unknown e0ac5075fa fix ww rank: now the ww dissapear from rank when he destroyed + reworked admin panel by allycol93 with some changes by me 2012-05-10 17:19:33 +03:00