12 年之前 · 4dce90b350
--- a/Sources/ManageAttachments.php
+++ b/Sources/ManageAttachments.php
@@ -236,6 +236,9 @@ function ManageAvatarSettings($return_config = false)
 
 	// Attempt to figure out if the admin is trying to break things.
 
 	$context['settings_save_onclick'] = 'return document.getElementById(\'custom_avatar_enabled\').value == 1 && (document.getElementById(\'custom_avatar_dir\').value == \'\' || document.getElementById(\'custom_avatar_url\').value == \'\') ? confirm(\'' . $txt['custom_avatar_check_empty'] . '\') : true;';
 
 
 
+	// We need this for the in-line permissions
 
+	createToken('admin-mp');
 
+
 
 	// Prepare the context.
 
 	$context['post_url'] = $scripturl . '?action=admin;area=manageattachments;save;sa=avatars';
 
 	prepareDBSettingContext($config_vars);
--- a/Sources/ManageBoards.php
+++ b/Sources/ManageBoards.php
@@ -826,6 +826,9 @@ function EditBoardSettings($return_config = false)
 
 		redirectexit('action=admin;area=manageboards;sa=settings');
 
 	}
 
 
 
+	// We need this for the in-line permissions
 
+	createToken('admin-mp');
 
+
 
 	// Prepare the settings...
 
 	prepareDBSettingContext($config_vars);
 
 }
--- a/Sources/ManageCalendar.php
+++ b/Sources/ManageCalendar.php
@@ -366,6 +366,9 @@ function ModifyCalendarSettings($return_config = false)
 
 		redirectexit('action=admin;area=managecalendar;sa=settings');
 
 	}
 
 
 
+	// We need this for the in-line permissions
 
+	createToken('admin-mp');
 
+
 
 	// Prepare the settings...
 
 	prepareDBSettingContext($config_vars);
 
 }
--- a/Sources/ManageMembergroups.php
+++ b/Sources/ManageMembergroups.php
@@ -1152,6 +1152,9 @@ function ModifyMembergroupsettings()
 
 	$context['post_url'] = $scripturl . '?action=admin;area=membergroups;save;sa=settings';
 
 	$context['settings_title'] = $txt['membergroups_settings'];
 
 
 
+	// We need this for the in-line permissions
 
+	createToken('admin-mp');
 
+
 
 	prepareDBSettingContext($config_vars);
 
 }
 
 
--- a/Sources/ManageNews.php
+++ b/Sources/ManageNews.php
@@ -821,6 +821,9 @@ function ModifyNewsSettings($return_config = false)
 
 		redirectexit('action=admin;area=news;sa=settings');
 
 	}
 
 
 
+	// We need this for the in-line permissions
 
+	createToken('admin-mp');
 
+
 
 	prepareDBSettingContext($config_vars);
 
 }
 
 
--- a/Sources/ManagePermissions.php
+++ b/Sources/ManagePermissions.php
@@ -1062,6 +1062,9 @@ function GeneralPermissionSettings($return_config = false)
 
 		redirectexit('action=admin;area=permissions;sa=settings');
 
 	}
 
 
 
+	// We need this for the in-line permissions
 
+	createToken('admin-mp');
 
+
 
 	prepareDBSettingContext($config_vars);
 
 }
 
 
--- a/Sources/ManageSearch.php
+++ b/Sources/ManageSearch.php
@@ -136,6 +136,9 @@ function EditSearchSettings($return_config = false)
 
 	$context['post_url'] = $scripturl . '?action=admin;area=managesearch;save;sa=settings';
 
 	$context['settings_title'] = $txt['search_settings_title'];
 
 
 
+	// We need this for the in-line permissions
 
+	createToken('admin-mp');
 
+
 
 	prepareDBSettingContext($config_vars);
 
 }
 
 
--- a/Sources/ManageSmileys.php
+++ b/Sources/ManageSmileys.php
@@ -178,6 +178,9 @@ function EditSmileySettings($return_config = false)
 
 		redirectexit('action=admin;area=smileys;sa=settings');
 
 	}
 
 
 
+	// We need this for the in-line permissions
 
+	createToken('admin-mp');
 
+
 
 	prepareDBSettingContext($config_vars);
 
 }
 
 
--- a/Themes/default/Admin.template.php
+++ b/Themes/default/Admin.template.php
@@ -977,6 +977,10 @@ function template_show_settings()
 
 		echo '
 
 		<input type="hidden" name="', $context['admin-dbsc_token_var'], '" value="', $context['admin-dbsc_token'], '" />';
 
 
 
+	if (isset($context['admin-mp_token']))
 
+		echo '
 
+		<input type="hidden" name="', $context['admin-mp_token_var'], '" value="', $context['admin-mp_token'], '" />';
 
+
 
 	echo '
 
 		<input type="hidden" name="', $context['session_var'], '" value="', $context['session_id'], '" />
 
 		</form>