From: ArthurHoaro Date: Sat, 5 Nov 2016 13:13:18 +0000 (+0100) Subject: Bugfixes on link deletion, and use a GET form X-Git-Url: https://git.immae.eu/?p=github%2Fshaarli%2FShaarli.git;a=commitdiff_plain;h=60d64256393ec4156ef7873860c14aa1028ffb60 Bugfixes on link deletion, and use a GET form Use a GET form to delete links: harmonize with edit_link and preparation for #585 Bug fixes: * LinkDB element can't be passed as reference, fix error: PHP Notice: Indirect modification of overloaded element of LinkDB has no effect * Resource cache folder setting wasn't set correctly --- diff --git a/index.php b/index.php index a0a3a8c7..34f0e381 100644 --- a/index.php +++ b/index.php @@ -1325,21 +1325,21 @@ function renderPage($conf, $pluginManager) } // -------- User clicked the "Delete" button when editing a link: Delete link from database. - if (isset($_POST['delete_link'])) + if ($targetPage == Router::$PAGE_DELETELINK) { - if (!tokenOk($_POST['token'])) die('Wrong token.'); - // We do not need to ask for confirmation: // - confirmation is handled by JavaScript // - we are protected from XSRF by the token. - // FIXME! We keep `lf_linkdate` for consistency before a proper API. To be removed. - $id = isset($_POST['lf_id']) ? intval(escape($_POST['lf_id'])) : intval(escape($_POST['lf_linkdate'])); - - $pluginManager->executeHooks('delete_link', $LINKSDB[$id]); + if (! tokenOk($_GET['token'])) { + die('Wrong token.'); + } + $id = intval(escape($_GET['lf_linkdate'])); + $link = $LINKSDB[$id]; + $pluginManager->executeHooks('delete_link', $link); unset($LINKSDB[$id]); - $LINKSDB->save('resource.page_cache'); // save to disk + $LINKSDB->save($conf->get('resource.page_cache')); // save to disk // If we are called from the bookmarklet, we must close the popup: if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo ''; exit; } diff --git a/tpl/linklist.html b/tpl/linklist.html index 0f1a5e8c..d4232342 100644 --- a/tpl/linklist.html +++ b/tpl/linklist.html @@ -84,7 +84,7 @@
-
+