diff options
author | Willi Eggeling <thewilli@gmail.com> | 2017-08-27 19:19:59 +0200 |
---|---|---|
committer | Willi Eggeling <thewilli@gmail.com> | 2017-08-30 12:54:58 +0200 |
commit | a74f52a8d206a6d5c3fe27667f1633bf2fc1374d (patch) | |
tree | 8b41b014685737ef9b5161151bc217edca8944b2 | |
parent | fc27141cf6eb04d3d8714385cb6961a8063fe61b (diff) | |
download | Shaarli-a74f52a8d206a6d5c3fe27667f1633bf2fc1374d.tar.gz Shaarli-a74f52a8d206a6d5c3fe27667f1633bf2fc1374d.tar.zst Shaarli-a74f52a8d206a6d5c3fe27667f1633bf2fc1374d.zip |
fixed link deletion
When deleting links, the js of the default theme separated ids by an escaped space ('+').
There was a trailing '+' after the ids which led to the php code detecting multiple values
even for single values. In combination with the id '0' this could led to no id found at all
and a resulting php error.
this commit fixes the behavior and adds an additional error handling and trimming to the php code.
-rw-r--r-- | index.php | 13 | ||||
-rw-r--r-- | tpl/default/js/shaarli.js | 6 |
2 files changed, 13 insertions, 6 deletions
@@ -1320,10 +1320,17 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history) | |||
1320 | die('Wrong token.'); | 1320 | die('Wrong token.'); |
1321 | } | 1321 | } |
1322 | 1322 | ||
1323 | if (strpos($_GET['lf_linkdate'], ' ') !== false) { | 1323 | $ids = trim($_GET['lf_linkdate']); |
1324 | $ids = array_values(array_filter(preg_split('/\s+/', escape($_GET['lf_linkdate'])))); | 1324 | if (strpos($ids, ' ') !== false) { |
1325 | // multiple, space-separated ids provided | ||
1326 | $ids = array_values(array_filter(preg_split('/\s+/', escape($ids)))); | ||
1325 | } else { | 1327 | } else { |
1326 | $ids = [$_GET['lf_linkdate']]; | 1328 | // only a single id provided |
1329 | $ids = [$ids]; | ||
1330 | } | ||
1331 | // assert at least one id is given | ||
1332 | if(!count($ids)){ | ||
1333 | die('no id provided'); | ||
1327 | } | 1334 | } |
1328 | foreach ($ids as $id) { | 1335 | foreach ($ids as $id) { |
1329 | $id = (int) escape($id); | 1336 | $id = (int) escape($id); |
diff --git a/tpl/default/js/shaarli.js b/tpl/default/js/shaarli.js index 4f49affa..f38ba62f 100644 --- a/tpl/default/js/shaarli.js +++ b/tpl/default/js/shaarli.js | |||
@@ -401,14 +401,14 @@ window.onload = function () { | |||
401 | 401 | ||
402 | var message = 'Are you sure you want to delete '+ links.length +' links?\n'; | 402 | var message = 'Are you sure you want to delete '+ links.length +' links?\n'; |
403 | message += 'This action is IRREVERSIBLE!\n\nTitles:\n'; | 403 | message += 'This action is IRREVERSIBLE!\n\nTitles:\n'; |
404 | var ids = ''; | 404 | var ids = []; |
405 | links.forEach(function(item) { | 405 | links.forEach(function(item) { |
406 | message += ' - '+ item['title'] +'\n'; | 406 | message += ' - '+ item['title'] +'\n'; |
407 | ids += item['id'] +'+'; | 407 | ids.push(item['id']); |
408 | }); | 408 | }); |
409 | 409 | ||
410 | if (window.confirm(message)) { | 410 | if (window.confirm(message)) { |
411 | window.location = '?delete_link&lf_linkdate='+ ids +'&token='+ token.value; | 411 | window.location = '?delete_link&lf_linkdate='+ ids.join('+') +'&token='+ token.value; |
412 | } | 412 | } |
413 | }); | 413 | }); |
414 | } | 414 | } |