Chapril/date.chapril.org-framadate
Chapril/date.chapril.org-framadate
24
1
Fork 0
Code Issues Pull Requests Releases Activity

Merge branch 'fix/Issue109_delete_column' into 'master'

Browse Source 
Fixes issue #109 - Urlencode title of column to delete for classical polls too

Tout est dans le titre 😃 

See merge request !85
This commit is contained in:
Antonin 2015-11-05 22:45:01 +01:00
commit 2dd68146a2
3 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/classes/Framadate/Utils.php
View File

@ -104,6 +104,9 @@ class Utils {
* @return string The poll's URL. * @return string The poll's URL.
*/ */
public static function getUrlSondage($id, $admin = false, $vote_id = '', $action = null, $action_value = null) { public static function getUrlSondage($id, $admin = false, $vote_id = '', $action = null, $action_value = null) {
// URL-Encode $action_value
$action_value = $action_value == null ? null : urlencode($action_value);
if (URL_PROPRE) { if (URL_PROPRE) {
if ($admin === true) { if ($admin === true) {
$url = self::get_server_name() . $id . '/admin'; $url = self::get_server_name() . $id . '/admin';

2
app/inc/smarty.php
View File

@ -49,7 +49,7 @@ function smarty_function_poll_url($params, Smarty_Internal_Template $template) {
$poll_id = filter_var($params['id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]); $poll_id = filter_var($params['id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
$admin = (isset($params['admin']) && $params['admin']) ? true : false; $admin = (isset($params['admin']) && $params['admin']) ? true : false;
$action = (isset($params['action']) && !empty($params['action'])) ? Utils::htmlEscape($params['action']) : false; $action = (isset($params['action']) && !empty($params['action'])) ? Utils::htmlEscape($params['action']) : false;
$action_value = (isset($params['action_value']) && !empty($params['action_value'])) ? Utils::htmlEscape($params['action_value']) : false; $action_value = (isset($params['action_value']) && !empty($params['action_value'])) ? $params['action_value'] : false;
$vote_unique_id = isset($params['vote_id']) ? filter_var($params['vote_id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]) : ''; $vote_unique_id = isset($params['vote_id']) ? filter_var($params['vote_id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]) : '';
// If filter_var fails (i.e.: hack tentative), it will return false. At least no leak is possible from this. // If filter_var fails (i.e.: hack tentative), it will return false. At least no leak is possible from this.

2
tpl/part/vote_table_date.tpl
View File

@ -17,7 +17,7 @@
{foreach $slots as $slot} {foreach $slots as $slot}
{foreach $slot->moments as $id=>$moment} {foreach $slot->moments as $id=>$moment}
<td headers="M{$slot@key} D{$headersDCount} H{$headersDCount}"> <td headers="M{$slot@key} D{$headersDCount} H{$headersDCount}">
<a href="{poll_url id=$admin_poll_id admin=true action='delete_column' action_value=$slot->day|cat:'@'|cat:urlencode($moment)}" <a href="{poll_url id=$admin_poll_id admin=true action='delete_column' action_value=$slot->day|cat:'@'|cat:$moment}"
class="btn btn-link btn-sm" class="btn btn-link btn-sm"
title="{__('adminstuds', 'Remove the column')} {$slot->day|date_format:$date_format.txt_short|html} - {$moment|html}"> title="{__('adminstuds', 'Remove the column')} {$slot->day|date_format:$date_format.txt_short|html} - {$moment|html}">
<i class="glyphicon glyphicon-remove text-danger"></i><span class="sr-only">{__('Generic', 'Remove')}</span> <i class="glyphicon glyphicon-remove text-danger"></i><span class="sr-only">{__('Generic', 'Remove')}</span>