From f4ebd5fed20b29c4fb580983b4be7bd0a52151b9 Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Sat, 5 Nov 2016 14:13:18 +0100 Subject: [PATCH] Bugfixes on link deletion, and use a GET form Use a GET form to delete links: harmonize with edit_link and preparation for #585 Bug fixes: * LinkDB element can't be passed as reference, fix error: PHP Notice: Indirect modification of overloaded element of LinkDB has no effect * Resource cache folder setting wasn't set correctly --- application/Router.php | 6 ++++++ index.php | 16 ++++++++-------- tpl/linklist.html | 2 +- 3 files changed, 15 insertions(+), 9 deletions(-) diff --git a/application/Router.php b/application/Router.php index caed4a2..c9a5191 100644 --- a/application/Router.php +++ b/application/Router.php @@ -31,6 +31,8 @@ class Router public static $PAGE_EDITLINK = 'edit_link'; + public static $PAGE_DELETELINK = 'delete_link'; + public static $PAGE_EXPORT = 'export'; public static $PAGE_IMPORT = 'import'; @@ -120,6 +122,10 @@ class Router return self::$PAGE_EDITLINK; } + if (isset($get['delete_link'])) { + return self::$PAGE_DELETELINK; + } + if (startsWith($query, 'do='. self::$PAGE_EXPORT)) { return self::$PAGE_EXPORT; } diff --git a/index.php b/index.php index a0a3a8c..34f0e38 100644 --- a/index.php +++ b/index.php @@ -1325,21 +1325,21 @@ function renderPage($conf, $pluginManager) } // -------- User clicked the "Delete" button when editing a link: Delete link from database. - if (isset($_POST['delete_link'])) + if ($targetPage == Router::$PAGE_DELETELINK) { - if (!tokenOk($_POST['token'])) die('Wrong token.'); - // We do not need to ask for confirmation: // - confirmation is handled by JavaScript // - we are protected from XSRF by the token. - // FIXME! We keep `lf_linkdate` for consistency before a proper API. To be removed. - $id = isset($_POST['lf_id']) ? intval(escape($_POST['lf_id'])) : intval(escape($_POST['lf_linkdate'])); - - $pluginManager->executeHooks('delete_link', $LINKSDB[$id]); + if (! tokenOk($_GET['token'])) { + die('Wrong token.'); + } + $id = intval(escape($_GET['lf_linkdate'])); + $link = $LINKSDB[$id]; + $pluginManager->executeHooks('delete_link', $link); unset($LINKSDB[$id]); - $LINKSDB->save('resource.page_cache'); // save to disk + $LINKSDB->save($conf->get('resource.page_cache')); // save to disk // If we are called from the bookmarklet, we must close the popup: if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo ''; exit; } diff --git a/tpl/linklist.html b/tpl/linklist.html index 0f1a5e8..d423234 100644 --- a/tpl/linklist.html +++ b/tpl/linklist.html @@ -84,7 +84,7 @@
-
+