1 files changed, 46 insertions, 1 deletions
diff --git a/index.php b/index.php
index a96c9cfd..68e0364c 100644
--- a/index.php
+++ b/index.php
@@ -1266,6 +1266,51 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager,
        exit;
    }
+    // -------- User clicked either "Set public" or "Set private" bulk operation
+    if ($targetPage == Router::$PAGE_CHANGE_VISIBILITY) {
+        if (! $sessionManager->checkToken($_GET['token'])) {
+            die(t('Wrong token.'));
+        }
+        $ids = trim($_GET['ids']);
+        if (strpos($ids, ' ') !== false) {
+            // multiple, space-separated ids provided
+            $ids = array_values(array_filter(preg_split('/\s+/', escape($ids))));
+        } else {
+            // only a single id provided
+            $ids = [$ids];
+        }
+        // assert at least one id is given
+        if (!count($ids)) {
+            die('no id provided');
+        }
+        // assert that the visibility is valid
+        if (!isset($_GET['newVisibility']) || !in_array($_GET['newVisibility'], ['public', 'private'])) {
+            die('invalid visibility');
+        } else {
+            $private = $_GET['newVisibility'] === 'private';
+        }
+        foreach ($ids as $id) {
+            $id = (int) escape($id);
+            $link = $LINKSDB[$id];
+            $link['private'] = $private;
+            $pluginManager->executeHooks('save_link', $link);
+            $LINKSDB[$id] = $link;
+        }
+        $LINKSDB->save($conf->get('resource.page_cache')); // save to disk
+        $location = '?';
+        if (isset($_SERVER['HTTP_REFERER'])) {
+            $location = generateLocation(
+                $_SERVER['HTTP_REFERER'],
+                $_SERVER['HTTP_HOST']
+            );
+        }
+        header('Location: ' . $location); // After deleting the link, redirect to appropriate location
+        exit;
+    }
    // -------- User clicked the "EDIT" button on a link: Display link edit form.
    if (isset($_GET['edit_link'])) {
        $id = (int) escape($_GET['edit_link']);
@@ -1888,7 +1933,7 @@ $app->group('/api/v1', function () {
    $this->put('/tags/{tagName:[\w]+}', '\Shaarli\Api\Controllers\Tags:putTag')->setName('putTag');
    $this->delete('/tags/{tagName:[\w]+}', '\Shaarli\Api\Controllers\Tags:deleteTag')->setName('deleteTag');
-    $this->get('/history', '\Shaarli\Api\Controllers\History:getHistory')->setName('getHistory');
+    $this->get('/history', '\Shaarli\Api\Controllers\HistoryController:getHistory')->setName('getHistory');
 })->add('\Shaarli\Api\ApiMiddleware');
 $response = $app->run(true);

diff --git a/index.php b/index.php index a96c9cfd..68e0364c 100644 --- a/index.php +++ b/index.php
@@ -1266,6 +1266,51 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager,
1266	exit;	1266	exit;
1267	}	1267	}
1268		1268
		1269	// -------- User clicked either "Set public" or "Set private" bulk operation
		1270	if ($targetPage == Router::$PAGE_CHANGE_VISIBILITY) {
		1271	if (! $sessionManager->checkToken($_GET['token'])) {
		1272	die(t('Wrong token.'));
		1273	}
		1274
		1275	$ids = trim($_GET['ids']);
		1276	if (strpos($ids, ' ') !== false) {
		1277	// multiple, space-separated ids provided
		1278	$ids = array_values(array_filter(preg_split('/\s+/', escape($ids))));
		1279	} else {
		1280	// only a single id provided
		1281	$ids = [$ids];
		1282	}
		1283
		1284	// assert at least one id is given
		1285	if (!count($ids)) {
		1286	die('no id provided');
		1287	}
		1288	// assert that the visibility is valid
		1289	if (!isset($_GET['newVisibility']) \|\| !in_array($_GET['newVisibility'], ['public', 'private'])) {
		1290	die('invalid visibility');
		1291	} else {
		1292	$private = $_GET['newVisibility'] === 'private';
		1293	}
		1294	foreach ($ids as $id) {
		1295	$id = (int) escape($id);
		1296	$link = $LINKSDB[$id];
		1297	$link['private'] = $private;
		1298	$pluginManager->executeHooks('save_link', $link);
		1299	$LINKSDB[$id] = $link;
		1300	}
		1301	$LINKSDB->save($conf->get('resource.page_cache')); // save to disk
		1302
		1303	$location = '?';
		1304	if (isset($_SERVER['HTTP_REFERER'])) {
		1305	$location = generateLocation(
		1306	$_SERVER['HTTP_REFERER'],
		1307	$_SERVER['HTTP_HOST']
		1308	);
		1309	}
		1310	header('Location: ' . $location); // After deleting the link, redirect to appropriate location
		1311	exit;
		1312	}
		1313
1269	// -------- User clicked the "EDIT" button on a link: Display link edit form.	1314	// -------- User clicked the "EDIT" button on a link: Display link edit form.
1270	if (isset($_GET['edit_link'])) {	1315	if (isset($_GET['edit_link'])) {
1271	$id = (int) escape($_GET['edit_link']);	1316	$id = (int) escape($_GET['edit_link']);
@@ -1888,7 +1933,7 @@ $app->group('/api/v1', function () {
1888	$this->put('/tags/{tagName:[\w]+}', '\Shaarli\Api\Controllers\Tags:putTag')->setName('putTag');	1933	$this->put('/tags/{tagName:[\w]+}', '\Shaarli\Api\Controllers\Tags:putTag')->setName('putTag');
1889	$this->delete('/tags/{tagName:[\w]+}', '\Shaarli\Api\Controllers\Tags:deleteTag')->setName('deleteTag');	1934	$this->delete('/tags/{tagName:[\w]+}', '\Shaarli\Api\Controllers\Tags:deleteTag')->setName('deleteTag');
1890		1935
1891	$this->get('/history', '\Shaarli\Api\Controllers\History:getHistory')->setName('getHistory');	1936	$this->get('/history', '\Shaarli\Api\Controllers\HistoryController:getHistory')->setName('getHistory');
1892	})->add('\Shaarli\Api\ApiMiddleware');	1937	})->add('\Shaarli\Api\ApiMiddleware');
1893		1938
1894	$response = $app->run(true);	1939	$response = $app->run(true);