commit 61b0dbc36a56aab7c24d4e3c54dc2c2b5410da64
parent b51345c3c7ccd522b00396aa6300a189a3df77d7
Author: markseu <mark2011@mayberg.se>
Date: Mon, 11 Aug 2025 17:32:25 +0200
Updated edit extension, cookie names
Diffstat:
4 files changed, 23 insertions(+), 20 deletions(-)
diff --git a/system/extensions/update-available.ini b/system/extensions/update-available.ini
@@ -213,14 +213,14 @@ Status: available
system/workers/dutch.php: dutch.php, create, update
Extension: Edit
-Version: 0.9.10
+Version: 0.9.11
Description: Edit your website in a web browser.
Developer: Anna Svensson
Tag: feature
DownloadUrl: https://github.com/annaesvensson/yellow-edit/archive/refs/heads/main.zip
DocumentationUrl: https://github.com/annaesvensson/yellow-edit
DocumentationLanguage: en, de, sv
-Published: 2024-08-28 11:21:21
+Published: 2025-08-11 17:12:59
Status: available
system/workers/edit.php: edit.php, create, update
system/workers/edit.css: edit.css, create, update
diff --git a/system/extensions/yellow-extension.ini b/system/extensions/yellow-extension.ini
@@ -20,14 +20,14 @@ system/layouts/navigation.html: navigation.html, create, update, careful
system/layouts/pagination.html: pagination.html, create, update, careful
Extension: Edit
-Version: 0.9.10
+Version: 0.9.11
Description: Edit your website in a web browser.
Developer: Anna Svensson
Tag: feature
DownloadUrl: https://github.com/annaesvensson/yellow-edit/archive/refs/heads/main.zip
DocumentationUrl: https://github.com/annaesvensson/yellow-edit
DocumentationLanguage: en, de, sv
-Published: 2024-08-28 11:21:21
+Published: 2025-08-11 17:12:59
Status: available
system/workers/edit.php: edit.php, create, update
system/workers/edit.css: edit.css, create, update
diff --git a/system/workers/edit.js b/system/workers/edit.js
@@ -74,7 +74,7 @@ yellow.edit = {
// Handle page cache
pageShow: function(e) {
- if (e.persisted && yellow.user.email && !this.getCookie("csrftoken")) {
+ if (e.persisted && yellow.user.email && !this.getCookie("yellowcsrftoken")) {
window.location.reload();
}
},
@@ -214,7 +214,7 @@ yellow.edit = {
"<div class=\"yellow-status\"><p id=\"yellow-pane-quit-status\" class=\""+paneStatus+"\">"+this.getText("QuitStatus", "", paneStatus)+"</p></div>"+
"<div class=\"yellow-fields\">"+
"<input type=\"hidden\" name=\"action\" value=\"quit\" />"+
- "<input type=\"hidden\" name=\"csrftoken\" value=\""+yellow.toolbox.encodeHtml(this.getCookie("csrftoken"))+"\" />"+
+ "<input type=\"hidden\" name=\"yellowcsrftoken\" value=\""+yellow.toolbox.encodeHtml(this.getCookie("yellowcsrftoken"))+"\" />"+
"<p><label for=\"yellow-pane-quit-name\">"+this.getText("SignupName")+"</label><br /><input class=\"yellow-form-control\" name=\"name\" id=\"yellow-pane-quit-name\" maxlength=\"64\" value=\""+yellow.toolbox.encodeHtml(this.getRequest("name"))+"\" /></p>"+
"<p><input class=\"yellow-btn\" type=\"submit\" value=\""+this.getText("DeleteButton")+"\" /></p>"+
"</div>"+
@@ -231,7 +231,7 @@ yellow.edit = {
"<div id=\"yellow-pane-account-settings-separator\" class=\"yellow-settings-left yellow-settings-separator\"> </div>"+
"<div id=\"yellow-pane-account-settings-fields\" class=\"yellow-settings-right yellow-fields\">"+
"<input type=\"hidden\" name=\"action\" value=\"account\" />"+
- "<input type=\"hidden\" name=\"csrftoken\" value=\""+yellow.toolbox.encodeHtml(this.getCookie("csrftoken"))+"\" />"+
+ "<input type=\"hidden\" name=\"yellowcsrftoken\" value=\""+yellow.toolbox.encodeHtml(this.getCookie("yellowcsrftoken"))+"\" />"+
"<p><label for=\"yellow-pane-account-name\">"+this.getText("SignupName")+"</label><br /><input class=\"yellow-form-control\" name=\"name\" id=\"yellow-pane-account-name\" maxlength=\"64\" value=\""+yellow.toolbox.encodeHtml(this.getRequest("name"))+"\" /></p>"+
"<p><label for=\"yellow-pane-account-email\">"+this.getText("SignupEmail")+"</label><br /><input class=\"yellow-form-control\" name=\"email\" id=\"yellow-pane-account-email\" maxlength=\"64\" value=\""+yellow.toolbox.encodeHtml(this.getRequest("email"))+"\" /></p>"+
"<p><label for=\"yellow-pane-account-password\">"+this.getText("SignupPassword")+"</label><br /><input class=\"yellow-form-control\" type=\"password\" name=\"password\" id=\"yellow-pane-account-password\" maxlength=\"64\" value=\"\" /></p>"+
@@ -254,7 +254,7 @@ yellow.edit = {
"<div id=\"yellow-pane-configure-settings-separator\" class=\"yellow-settings-left yellow-settings-separator\"> </div>"+
"<div id=\"yellow-pane-configure-settings-fields\" class=\"yellow-settings-right yellow-fields\">"+
"<input type=\"hidden\" name=\"action\" value=\"configure\" />"+
- "<input type=\"hidden\" name=\"csrftoken\" value=\""+yellow.toolbox.encodeHtml(this.getCookie("csrftoken"))+"\" />"+
+ "<input type=\"hidden\" name=\"yellowcsrftoken\" value=\""+yellow.toolbox.encodeHtml(this.getCookie("yellowcsrftoken"))+"\" />"+
"<p><label for=\"yellow-pane-configure-sitename\">"+this.getText("ConfigureSitename")+"</label><br /><input class=\"yellow-form-control\" name=\"sitename\" id=\"yellow-pane-configure-sitename\" maxlength=\"64\" value=\""+yellow.toolbox.encodeHtml(this.getRequest("sitename"))+"\" /></p>"+
"<p><label for=\"yellow-pane-configure-author\">"+this.getText("ConfigureAuthor")+"</label><br /><input class=\"yellow-form-control\" name=\"author\" id=\"yellow-pane-configure-author\" maxlength=\"64\" value=\""+yellow.toolbox.encodeHtml(this.getRequest("author"))+"\" /></p>"+
"<p><label for=\"yellow-pane-configure-email\">"+this.getText("ConfigureEmail")+"</label><br /><input class=\"yellow-form-control\" name=\"email\" id=\"yellow-pane-configure-email\" maxlength=\"64\" value=\""+yellow.toolbox.encodeHtml(this.getRequest("email"))+"\" /></p>"+
@@ -671,7 +671,7 @@ yellow.edit = {
// Process submit
processSubmit: function(arguments) {
- var settings = { "action":"none", "csrftoken":this.getCookie("csrftoken") };
+ var settings = { "action":"none", "yellowcsrftoken":this.getCookie("yellowcsrftoken") };
var tokens = arguments.split("/");
for (var i=0; i<tokens.length; i++) {
var pair = tokens[i].split(/[:=]/);
@@ -808,7 +808,7 @@ yellow.edit = {
var thisObject = this;
var formData = new FormData();
formData.append("action", "preview");
- formData.append("csrftoken", this.getCookie("csrftoken"));
+ formData.append("yellowcsrftoken", this.getCookie("yellowcsrftoken"));
formData.append("rawdataedit", elementText.value);
formData.append("rawdataendofline", yellow.page.rawDataEndOfLine);
var request = new XMLHttpRequest();
@@ -857,7 +857,7 @@ yellow.edit = {
var thisObject = this;
var formData = new FormData();
formData.append("action", "upload");
- formData.append("csrftoken", this.getCookie("csrftoken"));
+ formData.append("yellowcsrftoken", this.getCookie("yellowcsrftoken"));
formData.append("file", file);
var request = new XMLHttpRequest();
request.open("POST", window.location.pathname, true);
diff --git a/system/workers/edit.php b/system/workers/edit.php
@@ -2,7 +2,7 @@
// Edit extension, https://github.com/annaesvensson/yellow-edit
class YellowEdit {
- const VERSION = "0.9.10";
+ const VERSION = "0.9.11";
public $yellow; // access to API
public $response; // web response
public $merge; // text merge
@@ -870,8 +870,8 @@ class YellowEdit {
// Check user authentication
public function checkUserAuth($scheme, $address, $base, $location, $fileName) {
$action = $this->yellow->page->getRequest("action");
- $authToken = $this->yellow->toolbox->getCookie("authtoken");
- $csrfToken = $this->yellow->toolbox->getCookie("csrftoken");
+ $authToken = $this->yellow->toolbox->getCookie("yellowauthtoken");
+ $csrfToken = $this->yellow->toolbox->getCookie("yellowcsrftoken");
if (is_string_empty($action) || $this->isRequestSameSite("POST", $scheme, $address)) {
if ($action=="login") {
$email = $this->yellow->page->getRequest("email");
@@ -886,7 +886,7 @@ class YellowEdit {
$this->response->userFailedExpire = PHP_INT_MAX;
}
} elseif (!is_string_empty($authToken) && !is_string_empty($csrfToken)) {
- $csrfTokenReceived = isset($_POST["csrftoken"]) ? $_POST["csrftoken"] : "";
+ $csrfTokenReceived = isset($_POST["yellowcsrftoken"]) ? $_POST["yellowcsrftoken"] : "";
$csrfTokenIrrelevant = is_string_empty($action);
if ($this->response->checkAuthToken($authToken, $csrfToken, $csrfTokenReceived, $csrfTokenIrrelevant)) {
$this->response->userEmail = $email = $this->response->getAuthEmail($authToken);
@@ -1302,7 +1302,10 @@ class YellowEditResponse {
public function getRequestData() {
$data = array();
foreach ($_REQUEST as $key=>$value) {
- if ($key=="password" || $key=="authtoken" || $key=="csrftoken" || $key=="actiontoken" || substru($key, 0, 7)=="rawdata") continue;
+ if ($key=="password" || $key=="yellowauthtoken" || $key=="yellowcsrftoken" ||
+ substru($key, 0, 7)=="rawdata") {
+ continue;
+ }
$data["request".ucfirst($key)] = trim($value);
}
return $data;
@@ -1626,14 +1629,14 @@ class YellowEditResponse {
$expire = time() + $this->yellow->system->get("editLoginSessionTimeout");
$authToken = $this->createAuthToken($email, $expire);
$csrfToken = $this->createCsrfToken();
- setcookie("authtoken", $authToken, $expire, "$base/", "", $scheme=="https", true);
- setcookie("csrftoken", $csrfToken, $expire, "$base/", "", $scheme=="https", false);
+ setcookie("yellowauthtoken", $authToken, $expire, "$base/", "", $scheme=="https", true);
+ setcookie("yellowcsrftoken", $csrfToken, $expire, "$base/", "", $scheme=="https", false);
}
// Destroy browser cookies
public function destroyCookies($scheme, $address, $base) {
- setcookie("authtoken", "", 1, "$base/");
- setcookie("csrftoken", "", 1, "$base/");
+ setcookie("yellowauthtoken", "", 1, "$base/");
+ setcookie("yellowcsrftoken", "", 1, "$base/");
}
// Create authentication token
