X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=ff24ed7eca2762b4c531570efd2aa97b3ee37753;hb=c3b00963fe22479e87998c82bc83827a54c8d972;hp=dd9b48bd2f84ed3cedea29ce0f8b7552a3b52cdf;hpb=db90dfcbbc406b50381f17a72f24095fee91bb09;p=github%2Fshaarli%2FShaarli.git diff --git a/index.php b/index.php index dd9b48bd..ff24ed7e 100644 --- a/index.php +++ b/index.php @@ -1316,21 +1316,21 @@ function renderPage($conf, $pluginManager, $LINKSDB) } // -------- User clicked the "Delete" button when editing a link: Delete link from database. - if (isset($_POST['delete_link'])) + if ($targetPage == Router::$PAGE_DELETELINK) { - if (!tokenOk($_POST['token'])) die('Wrong token.'); - // We do not need to ask for confirmation: // - confirmation is handled by JavaScript // - we are protected from XSRF by the token. - // FIXME! We keep `lf_linkdate` for consistency before a proper API. To be removed. - $id = isset($_POST['lf_id']) ? intval(escape($_POST['lf_id'])) : intval(escape($_POST['lf_linkdate'])); - - $pluginManager->executeHooks('delete_link', $LINKSDB[$id]); + if (! tokenOk($_GET['token'])) { + die('Wrong token.'); + } + $id = intval(escape($_GET['lf_linkdate'])); + $link = $LINKSDB[$id]; + $pluginManager->executeHooks('delete_link', $link); unset($LINKSDB[$id]); - $LINKSDB->save('resource.page_cache'); // save to disk + $LINKSDB->save($conf->get('resource.page_cache')); // save to disk // If we are called from the bookmarklet, we must close the popup: if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo ''; exit; } @@ -1601,8 +1601,8 @@ function renderPage($conf, $pluginManager, $LINKSDB) function buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager) { // Used in templates - $searchtags = !empty($_GET['searchtags']) ? escape($_GET['searchtags']) : ''; - $searchterm = !empty($_GET['searchterm']) ? escape($_GET['searchterm']) : ''; + $searchtags = !empty($_GET['searchtags']) ? escape(normalize_spaces($_GET['searchtags'])) : ''; + $searchterm = !empty($_GET['searchterm']) ? escape(normalize_spaces($_GET['searchterm'])) : ''; // Smallhash filter if (! empty($_SERVER['QUERY_STRING']) @@ -1649,7 +1649,7 @@ function buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager) } else { $link['updated_timestamp'] = ''; } - $taglist = explode(' ', $link['tags']); + $taglist = preg_split('/\s+/', $link['tags'], -1, PREG_SPLIT_NO_EMPTY); uasort($taglist, 'strcasecmp'); $link['taglist'] = $taglist; // Check for both signs of a note: starting with ? and 7 chars long. @@ -1949,8 +1949,8 @@ function install($conf) $conf->set( 'api.secret', generate_api_secret( - $this->conf->get('credentials.login'), - $this->conf->get('credentials.salt') + $conf->get('credentials.login'), + $conf->get('credentials.salt') ) ); try { @@ -2231,8 +2231,9 @@ $app = new \Slim\App($container); // REST API routes $app->group('/api/v1', function() { - $this->get('/info', '\Api\Controllers\Info:getInfo'); -})->add('\Api\ApiMiddleware'); + $this->get('/info', '\Shaarli\Api\Controllers\Info:getInfo'); + $this->get('/links', '\Shaarli\Api\Controllers\Links:getLinks'); +})->add('\Shaarli\Api\ApiMiddleware'); $response = $app->run(true); // Hack to make Slim and Shaarli router work together: