Changeset 2797:4a5f0d16acd2 for admin/blog_pref.php

Timestamp:

11/17/14 10:30:07 (11 years ago)

Author:

franck <carnet.franck.paul@…>

Branch:

default

Message:

Add an optional setting (blog pref) to prevent blog from Clickjacking

File:

• admin/blog_pref.php (modified) (3 diffs)

admin/blog_pref.php

@@ -234 +234 @@
           $blog_settings->system->put('enable_xmlrpc',!empty($_POST['enable_xmlrpc']));
           $blog_settings->system->put('note_title_tag',$_POST['note_title_tag']);
-
           $blog_settings->system->put('nb_post_for_home',$nb_post_for_home);
           $blog_settings->system->put('nb_post_per_page',$nb_post_per_page);
@@ -250 +249 @@
           $blog_settings->system->put('nb_comment_per_feed',$nb_comment_per_feed);
           $blog_settings->system->put('short_feed_items',!empty($_POST['short_feed_items']));
-
           if (isset($_POST['robots_policy'])) {
                $blog_settings->system->put('robots_policy',$_POST['robots_policy']);
           }
+          $blog_settings->system->put('prevents_clickjacking',!empty($_POST['prevents_clickjacking']));
 
           # --BEHAVIOR-- adminBeforeBlogSettingsUpdate
@@ -606 +605 @@
      echo '</div>';
 
+     echo
+     '<div class="fieldset"><h4>'.__('Blog security').'</h4>'.
+     '<p><label for="prevents_clickjacking" class="classic">'.
+     form::checkbox('prevents_clickjacking','1',$blog_settings->system->prevents_clickjacking).
+     __('Protect the blog from Clickjacking (see <a href="https://en.wikipedia.org/wiki/Clickjacking">Wikipedia</a>)').'</label></p>'.
+     '<br class="clear" />'. //Opera sucks
+     '</div>';
 
      # --BEHAVIOR-- adminBlogPreferencesForm