summaryrefslogtreecommitdiff
path: root/classes/pluginhandler.php
diff options
context:
space:
mode:
Diffstat (limited to 'classes/pluginhandler.php')
-rw-r--r--classes/pluginhandler.php29
1 files changed, 0 insertions, 29 deletions
diff --git a/classes/pluginhandler.php b/classes/pluginhandler.php
deleted file mode 100644
index 75b823822..000000000
--- a/classes/pluginhandler.php
+++ /dev/null
@@ -1,29 +0,0 @@
-<?php
-class PluginHandler extends Handler_Protected {
- function csrf_ignore($method) {
- return true;
- }
-
- function catchall($method) {
- $plugin_name = clean($_REQUEST["plugin"]);
- $plugin = PluginHost::getInstance()->get_plugin($plugin_name);
- $csrf_token = ($_POST["csrf_token"] ?? "");
-
- if ($plugin) {
- if (method_exists($plugin, $method)) {
- if (validate_csrf($csrf_token) || $plugin->csrf_ignore($method)) {
- $plugin->$method();
- } else {
- user_error("Rejected ${plugin_name}->${method}(): invalid CSRF token.", E_USER_WARNING);
- print Errors::to_json(Errors::E_UNAUTHORIZED);
- }
- } else {
- user_error("Rejected ${plugin_name}->${method}(): unknown method.", E_USER_WARNING);
- print Errors::to_json(Errors::E_UNKNOWN_METHOD);
- }
- } else {
- user_error("Rejected ${plugin_name}->${method}(): unknown plugin.", E_USER_WARNING);
- print Errors::to_json(Errors::E_UNKNOWN_PLUGIN);
- }
- }
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-17 00:31:03 +0000