aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorArthurHoaro <arthur@hoa.ro>2016-01-03 14:42:43 +0100
committerArthurHoaro <arthur@hoa.ro>2016-01-03 14:42:43 +0100
commit6a6aa2b96da86f100089c643e905aede5260c8c8 (patch)
treecedc050118102a81f0fec538e9e101f6086a1d4d
parentdefc8a3f033a44602c598c2028a9ee3ee2a86d1d (diff)
downloadShaarli-6a6aa2b96da86f100089c643e905aede5260c8c8.tar.gz
Shaarli-6a6aa2b96da86f100089c643e905aede5260c8c8.tar.zst
Shaarli-6a6aa2b96da86f100089c643e905aede5260c8c8.zip
Fixes #428: validate buttons presence instead of value
Also adds a validation where renaming with 'fromtag' specified and empty 'totag'. It was causing a 404, now it just re-render the form.
-rw-r--r--index.php18
1 files changed, 9 insertions, 9 deletions
diff --git a/index.php b/index.php
index 40a6fbe5..1a83ca40 100644
--- a/index.php
+++ b/index.php
@@ -1453,19 +1453,20 @@ function renderPage()
1453 // -------- User wants to rename a tag or delete it 1453 // -------- User wants to rename a tag or delete it
1454 if ($targetPage == Router::$PAGE_CHANGETAG) 1454 if ($targetPage == Router::$PAGE_CHANGETAG)
1455 { 1455 {
1456 if (empty($_POST['fromtag'])) 1456 if (empty($_POST['fromtag']) || (empty($_POST['totag']) && isset($_POST['renametag']))) {
1457 { 1457 $PAGE->assign('linkcount', count($LINKSDB));
1458 $PAGE->assign('linkcount',count($LINKSDB)); 1458 $PAGE->assign('token', getToken());
1459 $PAGE->assign('token',getToken());
1460 $PAGE->assign('tags', $LINKSDB->allTags()); 1459 $PAGE->assign('tags', $LINKSDB->allTags());
1461 $PAGE->renderPage('changetag'); 1460 $PAGE->renderPage('changetag');
1462 exit; 1461 exit;
1463 } 1462 }
1464 if (!tokenOk($_POST['token'])) die('Wrong token.'); 1463
1464 if (!tokenOk($_POST['token'])) {
1465 die('Wrong token.');
1466 }
1465 1467
1466 // Delete a tag: 1468 // Delete a tag:
1467 if (!empty($_POST['deletetag']) && !empty($_POST['fromtag'])) 1469 if (isset($_POST['deletetag']) && !empty($_POST['fromtag'])) {
1468 {
1469 $needle=trim($_POST['fromtag']); 1470 $needle=trim($_POST['fromtag']);
1470 $linksToAlter = $LINKSDB->filterTags($needle,true); // True for case-sensitive tag search. 1471 $linksToAlter = $LINKSDB->filterTags($needle,true); // True for case-sensitive tag search.
1471 foreach($linksToAlter as $key=>$value) 1472 foreach($linksToAlter as $key=>$value)
@@ -1481,8 +1482,7 @@ function renderPage()
1481 } 1482 }
1482 1483
1483 // Rename a tag: 1484 // Rename a tag:
1484 if (!empty($_POST['renametag']) && !empty($_POST['fromtag']) && !empty($_POST['totag'])) 1485 if (isset($_POST['renametag']) && !empty($_POST['fromtag']) && !empty($_POST['totag'])) {
1485 {
1486 $needle=trim($_POST['fromtag']); 1486 $needle=trim($_POST['fromtag']);
1487 $linksToAlter = $LINKSDB->filterTags($needle,true); // true for case-sensitive tag search. 1487 $linksToAlter = $LINKSDB->filterTags($needle,true); // true for case-sensitive tag search.
1488 foreach($linksToAlter as $key=>$value) 1488 foreach($linksToAlter as $key=>$value)