xinyin025/TravianZ
1
0
Fork 0
mirror of https://github.com/Shadowss/TravianZ.git synced 2026-06-28 00:24:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6472b30bd2202aa43c95cb21a46799e6a4bddf0f
TravianZ/GameEngine/Admin/Mods
T
History
Ferywir 6472b30bd2 fix(admin): verify CSRF token in message admin Mods [#139] (#264) 
sendMessage, massmessage and sysmessage are POSTed to directly, bypassing
admin.php's central csrf_verify(). Add csrf_verify() (after the admin access
check, via the shared GameEngine/Admin/csrf.php) and csrf_field() in their
forms (Newmessage.tpl, massmessage.tpl, sysmessage.tpl; the mass/sys templates
have both a prepare and an execute form).

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 11:49:32 +03:00
..
.htaccess
GameEngine and install folders have 777 already set by default
2016-07-02 21:39:28 +02:00
addABTroops.php
fix(admin): verify CSRF token in troop admin Mods [#139] (#258)
2026-06-23 08:43:18 +03:00
additional.php
fix(admin): verify CSRF token in player-management admin Mods [#139] (#256)
2026-06-23 06:54:03 +03:00
addTroops.php
fix(admin): verify CSRF token in troop admin Mods [#139] (#258)
2026-06-23 08:43:18 +03:00
addUsers.php
fix(admin): verify CSRF token in player-management admin Mods [#139] (#256)
2026-06-23 06:54:03 +03:00
cp.php
Change some text on license TravianZ
2025-02-11 11:22:22 +02:00
debugLog.php
feat(admin): add transparent debug error-log mode
2026-06-12 17:18:39 +03:00
delAli.php
fix(admin): verify CSRF token in alliance/medal admin Mods [#139] (#261)
2026-06-23 11:11:32 +03:00
delallymedal.php
fix(admin): verify CSRF token in alliance/medal admin Mods [#139] (#261)
2026-06-23 11:11:32 +03:00
delallymedalbyaid.php
fix(admin): verify CSRF token in alliance/medal admin Mods [#139] (#261)
2026-06-23 11:11:32 +03:00
delallymedalbyweek.php
fix(admin): verify CSRF token in alliance/medal admin Mods [#139] (#261)
2026-06-23 11:11:32 +03:00
deletemedalbyweek.php
fix(admin): verify CSRF token in alliance/medal admin Mods [#139] (#261)
2026-06-23 11:11:32 +03:00
delUser.php
Code backend for delete user
2026-06-09 08:05:40 +03:00
editAccess.php
fix(admin): verify CSRF token in player-management admin Mods [#139] (#256)
2026-06-23 06:54:03 +03:00
editAdminInfo.php
Add per-user language selection (issue #166)
2026-06-04 09:07:57 +02:00
editAli.php
fix(admin): verify CSRF token in alliance/medal admin Mods [#139] (#261)
2026-06-23 11:11:32 +03:00
editBuildings.php
fix(admin): verify CSRF token in village admin Mods [#139] (#259)
2026-06-23 10:31:08 +03:00
editExtraSet.php
Add per-user language selection (issue #166)
2026-06-04 09:07:57 +02:00
editHero.php
fix(admin): verify CSRF token in player-management admin Mods [#139] (#256)
2026-06-23 06:54:03 +03:00
editLogSet.php
Add per-user language selection (issue #166)
2026-06-04 09:07:57 +02:00
editNewFunctions.php
Add per-user language selection (issue #166)
2026-06-04 09:07:57 +02:00
editNewsboxSet.php
Add per-user language selection (issue #166)
2026-06-04 09:07:57 +02:00
editOverall.php
Some last fix for logs!
2026-05-28 13:22:27 +03:00
editPassword.php
fix(admin): verify CSRF token in player-management admin Mods [#139] (#256)
2026-06-23 06:54:03 +03:00
editPlus.php
fix(admin): let editPlus subtract Plus/bonus days as the form advertises (#254)
2026-06-22 18:41:28 +03:00
editPlusSet.php
Add per-user language selection (issue #166)
2026-06-04 09:07:57 +02:00
editProtection.php
fix(admin): verify CSRF token in player-management admin Mods [#139] (#256)
2026-06-23 06:54:03 +03:00
editResources.php
fix(admin): verify CSRF token in village admin Mods [#139] (#259)
2026-06-23 10:31:08 +03:00
editServerSet.php
Fix lang server set
2026-06-04 13:19:10 +03:00
editSitter.php
fix(admin): verify CSRF token in player-management admin Mods [#139] (#256)
2026-06-23 06:54:03 +03:00
editUser.php
fix(admin): verify CSRF token in player-management admin Mods [#139] (#256)
2026-06-23 06:54:03 +03:00
editUsername.php
fix(admin): route password/protection pages and align username validation (#257)
2026-06-23 06:55:13 +03:00
editVillageOwner.php
fix(admin): verify CSRF token in village admin Mods [#139] (#259)
2026-06-23 10:31:08 +03:00
editWeek.php
Full Refactor Admin Panel & Logs
2026-05-22 11:29:37 +03:00
givePlus.php
fix(admin): verify CSRF token in Plus/Gold admin Mods [#139] (#253)
2026-06-22 18:40:43 +03:00
givePlusRes.php
fix(admin): verify CSRF token in Plus/Gold admin Mods [#139] (#253)
2026-06-22 18:40:43 +03:00
giveResBonus.php
Full Refactor Admin Panel & Logs
2026-05-22 11:29:37 +03:00
gold_1.php
fix(admin): verify CSRF token in Plus/Gold admin Mods [#139] (#253)
2026-06-22 18:40:43 +03:00
gold.php
fix(admin): verify CSRF token in Plus/Gold admin Mods [#139] (#253)
2026-06-22 18:40:43 +03:00
index.php
Change some text on license TravianZ
2025-02-11 11:22:22 +02:00
mainteneceBan.php
Full Refactor Admin Panel & Logs
2026-05-22 11:29:37 +03:00
mainteneceCleanBanData.php
Full Refactor Admin Panel & Logs
2026-05-22 11:29:37 +03:00
mainteneceResetGold.php
Full Refactor Admin Panel & Logs
2026-05-22 11:29:37 +03:00
mainteneceResetPlus.php
Full Refactor Admin Panel & Logs
2026-05-22 11:29:37 +03:00
mainteneceResetPlusBonus.php
Full Refactor Admin Panel & Logs
2026-05-22 11:29:37 +03:00
mainteneceUnban.php
Full Refactor Admin Panel & Logs
2026-05-22 11:29:37 +03:00
massmessage.php
fix(admin): verify CSRF token in message admin Mods [#139] (#264)
2026-06-23 11:49:32 +03:00
medals.php
fix(admin): repair broken admin-log variables in medals Mod (#262)
2026-06-23 11:12:04 +03:00
recalcWH.php
Full Refactor Admin Panel & Logs
2026-05-22 11:29:37 +03:00
renameVillage.php
fix(admin): verify CSRF token in village admin Mods [#139] (#259)
2026-06-23 10:31:08 +03:00
sendMessage.php
fix(admin): verify CSRF token in message admin Mods [#139] (#264)
2026-06-23 11:49:32 +03:00
sysmessage.php
fix(admin): verify CSRF token in message admin Mods [#139] (#264)
2026-06-23 11:49:32 +03:00