function validateToken($data) { if (makeToken() == $data['token']) { return true; } else { return false; } }
<?php if (IN_MANAGER_MODE != "true") { die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the MODX Content Manager instead of accessing this file directly."); } if (!$modx->hasPermission('file_manager')) { $modx->webAlertAndQuit($_lang["error_no_privileges"]); } $token_check = checkToken(); $newToken = makeToken(); // settings $theme_image_path = $modx->config['site_manager_url'] . 'media/style/' . $modx->config['manager_theme'] . '/images/'; $excludes = array('.', '..', '.svn'); $alias_suffix = !empty($friendly_url_suffix) ? ',' . ltrim($friendly_url_suffix, '.') : ''; $editablefiles = explode(',', 'txt,php,shtml,html,htm,xml,js,css,pageCache,htaccess' . $alias_suffix); $inlineviewablefiles = explode(',', 'txt,php,html,htm,xml,js,css,pageCache,htaccess' . $alias_suffix); $viewablefiles = explode(',', 'jpg,gif,png,ico'); $editablefiles = add_dot($editablefiles); $inlineviewablefiles = add_dot($inlineviewablefiles); $viewablefiles = add_dot($viewablefiles); $proteted_path = array(); /* jp only if($_SESSION['mgrRole']!=1) { */ $proteted_path[] = $modx->config['site_manager_path']; $proteted_path[] = $modx->config['base_path'] . 'temp/backup'; $proteted_path[] = $modx->config['base_path'] . 'assets/backup'; if (!$modx->hasPermission('save_plugin')) { $proteted_path[] = $modx->config['base_path'] . 'assets/plugins'; }