Changing some actions from POST to GET.
This commit is contained in:
parent
c34e34d728
commit
fbd45960b7
@ -198,8 +198,8 @@ if (!empty($_POST['save'])) { // Save edition of an old vote
|
|||||||
// Delete a votes
|
// Delete a votes
|
||||||
// -------------------------------
|
// -------------------------------
|
||||||
|
|
||||||
if (!empty($_POST['delete_vote'])) {
|
if (!empty($_GET['delete_vote'])) {
|
||||||
$vote_id = filter_input(INPUT_POST, 'delete_vote', FILTER_VALIDATE_INT);
|
$vote_id = filter_input(INPUT_GET, 'delete_vote', FILTER_VALIDATE_INT);
|
||||||
if ($adminPollService->deleteVote($poll_id, $vote_id)) {
|
if ($adminPollService->deleteVote($poll_id, $vote_id)) {
|
||||||
$message = new Message('success', __('adminstuds', 'Vote deleted'));
|
$message = new Message('success', __('adminstuds', 'Vote deleted'));
|
||||||
} else {
|
} else {
|
||||||
@ -312,8 +312,8 @@ if (isset($_POST['confirm_delete_poll'])) {
|
|||||||
// Delete a slot
|
// Delete a slot
|
||||||
// -------------------------------
|
// -------------------------------
|
||||||
|
|
||||||
if (!empty($_POST['delete_column'])) {
|
if (!empty($_GET['delete_column'])) {
|
||||||
$column = filter_input(INPUT_POST, 'delete_column', FILTER_DEFAULT);
|
$column = filter_input(INPUT_GET, 'delete_column', FILTER_DEFAULT);
|
||||||
|
|
||||||
if ($poll->format === 'D') {
|
if ($poll->format === 'D') {
|
||||||
$ex = explode('@', $column);
|
$ex = explode('@', $column);
|
||||||
@ -338,7 +338,7 @@ if (!empty($_POST['delete_column'])) {
|
|||||||
// Add a slot
|
// Add a slot
|
||||||
// -------------------------------
|
// -------------------------------
|
||||||
|
|
||||||
if (isset($_POST['add_slot'])) {
|
if (isset($_GET['add_slot'])) {
|
||||||
$smarty->assign('poll_id', $poll_id);
|
$smarty->assign('poll_id', $poll_id);
|
||||||
$smarty->assign('admin_poll_id', $admin_poll_id);
|
$smarty->assign('admin_poll_id', $admin_poll_id);
|
||||||
$smarty->assign('format', $poll->format);
|
$smarty->assign('format', $poll->format);
|
||||||
|
@ -103,7 +103,7 @@ class Utils {
|
|||||||
* @param string $vote_id (optional) The vote's unique id
|
* @param string $vote_id (optional) The vote's unique id
|
||||||
* @return string The poll's URL.
|
* @return string The poll's URL.
|
||||||
*/
|
*/
|
||||||
public static function getUrlSondage($id, $admin = false, $vote_id='') {
|
public static function getUrlSondage($id, $admin = false, $vote_id='', $action=null, $action_value=null) {
|
||||||
if (URL_PROPRE) {
|
if (URL_PROPRE) {
|
||||||
if ($admin === true) {
|
if ($admin === true) {
|
||||||
$url = self::get_server_name() . $id . '/admin';
|
$url = self::get_server_name() . $id . '/admin';
|
||||||
@ -113,6 +113,9 @@ class Utils {
|
|||||||
if ($vote_id != '') {
|
if ($vote_id != '') {
|
||||||
$url .= '/vote/'.$vote_id."#edit";
|
$url .= '/vote/'.$vote_id."#edit";
|
||||||
}
|
}
|
||||||
|
if ($action != null && $action_value != null) {
|
||||||
|
$url .= '/action/'.$action.'/'.$action_value;
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
if ($admin === true) {
|
if ($admin === true) {
|
||||||
$url = self::get_server_name() . 'adminstuds.php?poll=' . $id;
|
$url = self::get_server_name() . 'adminstuds.php?poll=' . $id;
|
||||||
@ -122,6 +125,9 @@ class Utils {
|
|||||||
if ($vote_id != '') {
|
if ($vote_id != '') {
|
||||||
$url .= '&vote='.$vote_id."#edit";
|
$url .= '&vote='.$vote_id."#edit";
|
||||||
}
|
}
|
||||||
|
if ($action != null && $action_value != null) {
|
||||||
|
$url .= '&'.$action."=".$action_value;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $url;
|
return $url;
|
||||||
|
@ -48,11 +48,13 @@ if (isset($_SERVER['FRAMADATE_DEVMODE']) && $_SERVER['FRAMADATE_DEVMODE']) {
|
|||||||
function smarty_function_poll_url($params, Smarty_Internal_Template $template) {
|
function smarty_function_poll_url($params, Smarty_Internal_Template $template) {
|
||||||
$poll_id = filter_var($params['id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
|
$poll_id = filter_var($params['id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
|
||||||
$admin = (isset($params['admin']) && $params['admin']) ? true : false;
|
$admin = (isset($params['admin']) && $params['admin']) ? true : false;
|
||||||
|
$action = (isset($params['action']) && !empty($params['action'])) ? Utils::htmlEscape($params['action']) : false;
|
||||||
|
$action_value = (isset($params['action_value']) && !empty($params['action_value'])) ? Utils::htmlEscape($params['action_value']) : false;
|
||||||
$vote_unique_id = isset($params['vote_id']) ? filter_var($params['vote_id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]) : '';
|
$vote_unique_id = isset($params['vote_id']) ? filter_var($params['vote_id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]) : '';
|
||||||
|
|
||||||
// If filter_var fails (i.e.: hack tentative), it will return false. At least no leak is possible from this.
|
// If filter_var fails (i.e.: hack tentative), it will return false. At least no leak is possible from this.
|
||||||
|
|
||||||
return Utils::getUrlSondage($poll_id, $admin, $vote_unique_id);
|
return Utils::getUrlSondage($poll_id, $admin, $vote_unique_id, $action, $action_value);
|
||||||
}
|
}
|
||||||
|
|
||||||
function smarty_modifier_markdown($md, $clear = false) {
|
function smarty_modifier_markdown($md, $clear = false) {
|
||||||
|
@ -8,6 +8,7 @@
|
|||||||
RewriteCond %{REQUEST_FILENAME} -d
|
RewriteCond %{REQUEST_FILENAME} -d
|
||||||
|
|
||||||
RewriteRule ^([a-zA-Z0-9]{16})$ studs.php?poll=$1
|
RewriteRule ^([a-zA-Z0-9]{16})$ studs.php?poll=$1
|
||||||
|
RewriteRule ^([a-zA-Z0-9]{16})/action/([a-zA-Z]+)/(.+)$ studs.php?poll=$1&$2=$3
|
||||||
RewriteRule ^([a-zA-Z0-9]{16})/vote/([a-zA-Z0-9]{16})$ studs.php?poll=$1&vote_id=$2
|
RewriteRule ^([a-zA-Z0-9]{16})/vote/([a-zA-Z0-9]{16})$ studs.php?poll=$1&vote_id=$2
|
||||||
RewriteRule ^([a-zA-Z0-9]{24})/admin$ adminstuds.php?poll=$1
|
RewriteRule ^([a-zA-Z0-9]{24})/admin$ adminstuds.php?poll=$1
|
||||||
</IfModule>
|
</IfModule>
|
@ -14,11 +14,17 @@
|
|||||||
<th role="presentation"></th>
|
<th role="presentation"></th>
|
||||||
{foreach $slots as $id=>$slot}
|
{foreach $slots as $id=>$slot}
|
||||||
<td headers="C{$id}">
|
<td headers="C{$id}">
|
||||||
<button type="submit" name="delete_column" value="{$slot->title|html}" class="btn btn-link btn-sm" title="{__('adminstuds', 'Remove the column')} {$slot->title|html}"><span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{__('Genric', 'Remove')}</span></button>
|
<a href="{poll_url id=$admin_poll_id admin=true action='delete_column' action_value=$slot->title}"
|
||||||
</td>
|
class="btn btn-link btn-sm" title="{__('adminstuds', 'Remove the column')} {$slot->title|html}">
|
||||||
|
<span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{__('Genric', 'Remove')}</span>
|
||||||
|
</a>
|
||||||
|
</td>
|
||||||
{/foreach}
|
{/foreach}
|
||||||
<td>
|
<td>
|
||||||
<button type="submit" name="add_slot" class="btn btn-link btn-sm" title="{__('adminstuds', 'Add a column')}"><span class="glyphicon glyphicon-plus text-success"></span><span class="sr-only">{__('Poll results', 'Add a column')}</span></button>
|
<a href="{poll_url id=$admin_poll_id admin=true action='add_slot' action_value=true}"
|
||||||
|
class="btn btn-link btn-sm" title="{__('adminstuds', 'Add a column')} {$slot->title|html}">
|
||||||
|
<span class="glyphicon glyphicon-plus text-success"></span><span class="sr-only">{__('Poll results', 'Add a column')}</span>
|
||||||
|
</a>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
{/if}
|
{/if}
|
||||||
@ -93,9 +99,11 @@
|
|||||||
<span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{__('Generic', 'Edit')}</span>
|
<span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{__('Generic', 'Edit')}</span>
|
||||||
</a>
|
</a>
|
||||||
{if $admin}
|
{if $admin}
|
||||||
<button type="submit" class="btn btn-link btn-sm" name="delete_vote" value="{$vote->id|html}" title="{__('Poll results', 'Remove the line:')|html} {$vote->name|html}">
|
<a href="{poll_url id=$admin_poll_id admin=true action='delete_vote' action_value=$vote->id}"
|
||||||
|
class="btn btn-link btn-sm"
|
||||||
|
title="{__('Poll results', 'Remove the line:')} {$vote->name|html}">
|
||||||
<span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{__('Generic', 'Remove')}</span>
|
<span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{__('Generic', 'Remove')}</span>
|
||||||
</button>
|
</a>
|
||||||
{/if}
|
{/if}
|
||||||
</td>
|
</td>
|
||||||
{else}
|
{else}
|
||||||
|
@ -17,13 +17,20 @@
|
|||||||
{foreach $slots as $slot}
|
{foreach $slots as $slot}
|
||||||
{foreach $slot->moments as $id=>$moment}
|
{foreach $slot->moments as $id=>$moment}
|
||||||
<td headers="M{$slot@key} D{$headersDCount} H{$headersDCount}">
|
<td headers="M{$slot@key} D{$headersDCount} H{$headersDCount}">
|
||||||
<button type="submit" name="delete_column" value="{$slot->day|html}@{$moment|html}" class="btn btn-link btn-sm" title="{__('adminstuds', 'Remove the column')} {$slot->day|date_format:$date_format.txt_short|html} - {$moment|html}"><span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{__('Generic', 'Remove')}</span></button>
|
<a href="{poll_url id=$admin_poll_id admin=true action='delete_column' action_value=$slot->day|cat:'@'|cat:$moment}"
|
||||||
|
class="btn btn-link btn-sm"
|
||||||
|
title="{__('adminstuds', 'Remove the column')} {$slot->day|date_format:$date_format.txt_short|html} - {$moment|html}">
|
||||||
|
<span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{__('Genric', 'Remove')}</span>
|
||||||
|
</a>
|
||||||
</td>
|
</td>
|
||||||
{$headersDCount = $headersDCount+1}
|
{$headersDCount = $headersDCount+1}
|
||||||
{/foreach}
|
{/foreach}
|
||||||
{/foreach}
|
{/foreach}
|
||||||
<td>
|
<td>
|
||||||
<button type="submit" name="add_slot" class="btn btn-link btn-sm" title="{__('adminstuds', 'Add a column')}"><span class="glyphicon glyphicon-plus text-success"></span><span class="sr-only">{__('Poll results', 'Add a column')}</span></button>
|
<a href="{poll_url id=$admin_poll_id admin=true action='add_slot' action_value=true}"
|
||||||
|
class="btn btn-link btn-sm" title="{__('adminstuds', 'Add a column')} {$slot->title|html}">
|
||||||
|
<span class="glyphicon glyphicon-plus text-success"></span><span class="sr-only">{__('Poll results', 'Add a column')}</span>
|
||||||
|
</a>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
{/if}
|
{/if}
|
||||||
@ -141,9 +148,11 @@
|
|||||||
<span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{__('Generic', 'Edit')}</span>
|
<span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{__('Generic', 'Edit')}</span>
|
||||||
</a>
|
</a>
|
||||||
{if $admin}
|
{if $admin}
|
||||||
<button type="submit" class="btn btn-link btn-sm" name="delete_vote" value="{$vote->id|html}" title="{__('Poll results', 'Remove the line:')} {$vote->name|html}">
|
<a href="{poll_url id=$admin_poll_id admin=true action='delete_vote' action_value=$vote->id}"
|
||||||
|
class="btn btn-link btn-sm"
|
||||||
|
title="{__('Poll results', 'Remove the line:')} {$vote->name|html}">
|
||||||
<span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{__('Generic', 'Remove')}</span>
|
<span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{__('Generic', 'Remove')}</span>
|
||||||
</button>
|
</a>
|
||||||
{/if}
|
{/if}
|
||||||
</td>
|
</td>
|
||||||
{else}
|
{else}
|
||||||
|
Loading…
Reference in New Issue
Block a user