diff options
-rw-r--r-- | index.php | 45 |
1 files changed, 33 insertions, 12 deletions
@@ -1526,21 +1526,40 @@ function renderPage() | |||
1526 | // -------- User clicked the "Save" button when editing a link: Save link to database. | 1526 | // -------- User clicked the "Save" button when editing a link: Save link to database. |
1527 | if (isset($_POST['save_edit'])) | 1527 | if (isset($_POST['save_edit'])) |
1528 | { | 1528 | { |
1529 | if (!tokenOk($_POST['token'])) die('Wrong token.'); // Go away! | 1529 | // Go away! |
1530 | $tags = trim(preg_replace('/\s\s+/',' ', $_POST['lf_tags'])); // Remove multiple spaces. | 1530 | if (! tokenOk($_POST['token'])) { |
1531 | $tags = implode(' ', array_unique(explode(' ', $tags))); // Remove duplicates. | 1531 | die('Wrong token.'); |
1532 | $linkdate=$_POST['lf_linkdate']; | 1532 | } |
1533 | // Remove multiple spaces. | ||
1534 | $tags = trim(preg_replace('/\s\s+/', ' ', $_POST['lf_tags'])); | ||
1535 | // Remove duplicates. | ||
1536 | $tags = implode(' ', array_unique(explode(' ', $tags))); | ||
1537 | $linkdate = $_POST['lf_linkdate']; | ||
1533 | $url = trim($_POST['lf_url']); | 1538 | $url = trim($_POST['lf_url']); |
1534 | if (!startsWith($url,'http:') && !startsWith($url,'https:') && !startsWith($url,'ftp:') && !startsWith($url,'magnet:') && !startsWith($url,'?') && !startsWith($url,'javascript:')) | 1539 | if (! startsWith($url, 'http:') && ! startsWith($url, 'https:') |
1535 | $url = 'http://'.$url; | 1540 | && ! startsWith($url, 'ftp:') && ! startsWith($url, 'magnet:') |
1536 | $link = array('title'=>trim($_POST['lf_title']),'url'=>$url,'description'=>trim($_POST['lf_description']),'private'=>(isset($_POST['lf_private']) ? 1 : 0), | 1541 | && ! startsWith($url, '?') && ! startsWith($url, 'javascript:') |
1537 | 'linkdate'=>$linkdate,'tags'=>str_replace(',',' ',$tags)); | 1542 | ) { |
1538 | if ($link['title']=='') $link['title']=$link['url']; // If title is empty, use the URL as title. | 1543 | $url = 'http://' . $url; |
1544 | } | ||
1545 | |||
1546 | $link = array( | ||
1547 | 'title' => trim($_POST['lf_title']), | ||
1548 | 'url' => $url, | ||
1549 | 'description' => trim($_POST['lf_description']), | ||
1550 | 'private' => (isset($_POST['lf_private']) ? 1 : 0), | ||
1551 | 'linkdate' => $linkdate, | ||
1552 | 'tags' => str_replace(',', ' ', $tags) | ||
1553 | ); | ||
1554 | // If title is empty, use the URL as title. | ||
1555 | if ($link['title'] == '') { | ||
1556 | $link['title'] = $link['url']; | ||
1557 | } | ||
1539 | 1558 | ||
1540 | $pluginManager->executeHooks('save_link', $link); | 1559 | $pluginManager->executeHooks('save_link', $link); |
1541 | 1560 | ||
1542 | $LINKSDB[$linkdate] = $link; | 1561 | $LINKSDB[$linkdate] = $link; |
1543 | $LINKSDB->savedb($GLOBALS['config']['PAGECACHE']); // Save to disk. | 1562 | $LINKSDB->savedb($GLOBALS['config']['PAGECACHE']); |
1544 | pubsubhub(); | 1563 | pubsubhub(); |
1545 | 1564 | ||
1546 | // If we are called from the bookmarklet, we must close the popup: | 1565 | // If we are called from the bookmarklet, we must close the popup: |
@@ -1551,8 +1570,10 @@ function renderPage() | |||
1551 | 1570 | ||
1552 | $returnurl = !empty($_POST['returnurl']) ? escape($_POST['returnurl']): '?'; | 1571 | $returnurl = !empty($_POST['returnurl']) ? escape($_POST['returnurl']): '?'; |
1553 | $location = generateLocation($returnurl, $_SERVER['HTTP_HOST'], array('addlink', 'post', 'edit_link')); | 1572 | $location = generateLocation($returnurl, $_SERVER['HTTP_HOST'], array('addlink', 'post', 'edit_link')); |
1554 | $location .= '#'.smallHash($_POST['lf_linkdate']); // Scroll to the link which has been edited. | 1573 | // Scroll to the link which has been edited. |
1555 | header('Location: '. $location); // After saving the link, redirect to the page the user was on. | 1574 | $location .= '#' . smallHash($_POST['lf_linkdate']); |
1575 | // After saving the link, redirect to the page the user was on. | ||
1576 | header('Location: '. $location); | ||
1556 | exit; | 1577 | exit; |
1557 | } | 1578 | } |
1558 | 1579 | ||