From: ArthurHoaro Date: Sun, 3 Jan 2016 13:42:43 +0000 (+0100) Subject: Fixes #428: validate buttons presence instead of value X-Git-Tag: v0.6.3~14^2 X-Git-Url: https://git.immae.eu/?a=commitdiff_plain;h=6a6aa2b96da86f100089c643e905aede5260c8c8;hp=defc8a3f033a44602c598c2028a9ee3ee2a86d1d;p=github%2Fshaarli%2FShaarli.git Fixes #428: validate buttons presence instead of value Also adds a validation where renaming with 'fromtag' specified and empty 'totag'. It was causing a 404, now it just re-render the form. --- diff --git a/index.php b/index.php index 40a6fbe5..1a83ca40 100644 --- a/index.php +++ b/index.php @@ -1453,19 +1453,20 @@ function renderPage() // -------- User wants to rename a tag or delete it if ($targetPage == Router::$PAGE_CHANGETAG) { - if (empty($_POST['fromtag'])) - { - $PAGE->assign('linkcount',count($LINKSDB)); - $PAGE->assign('token',getToken()); + if (empty($_POST['fromtag']) || (empty($_POST['totag']) && isset($_POST['renametag']))) { + $PAGE->assign('linkcount', count($LINKSDB)); + $PAGE->assign('token', getToken()); $PAGE->assign('tags', $LINKSDB->allTags()); $PAGE->renderPage('changetag'); exit; } - if (!tokenOk($_POST['token'])) die('Wrong token.'); + + if (!tokenOk($_POST['token'])) { + die('Wrong token.'); + } // Delete a tag: - if (!empty($_POST['deletetag']) && !empty($_POST['fromtag'])) - { + if (isset($_POST['deletetag']) && !empty($_POST['fromtag'])) { $needle=trim($_POST['fromtag']); $linksToAlter = $LINKSDB->filterTags($needle,true); // True for case-sensitive tag search. foreach($linksToAlter as $key=>$value) @@ -1481,8 +1482,7 @@ function renderPage() } // Rename a tag: - if (!empty($_POST['renametag']) && !empty($_POST['fromtag']) && !empty($_POST['totag'])) - { + if (isset($_POST['renametag']) && !empty($_POST['fromtag']) && !empty($_POST['totag'])) { $needle=trim($_POST['fromtag']); $linksToAlter = $LINKSDB->filterTags($needle,true); // true for case-sensitive tag search. foreach($linksToAlter as $key=>$value)