1 files changed, 45 insertions, 0 deletions
diff --git a/index.php b/index.php
index 633ab89e..322c360c 100644
--- a/index.php
+++ b/index.php
@@ -1273,6 +1273,51 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager,
        exit;
    }
+    // -------- User clicked either "Set public" or "Set private" bulk operation
+    if ($targetPage == Router::$PAGE_CHANGE_VISIBILITY) {
+        if (! $sessionManager->checkToken($_GET['token'])) {
+            die(t('Wrong token.'));
+        }
+        $ids = trim($_GET['ids']);
+        if (strpos($ids, ' ') !== false) {
+            // multiple, space-separated ids provided
+            $ids = array_values(array_filter(preg_split('/\s+/', escape($ids))));
+        } else {
+            // only a single id provided
+            $ids = [$ids];
+        }
+        // assert at least one id is given
+        if (!count($ids)) {
+            die('no id provided');
+        }
+        // assert that the visibility is valid
+        if (!isset($_GET['newVisibility']) || !in_array($_GET['newVisibility'], ['public', 'private'])) {
+            die('invalid visibility');
+        } else {
+            $private = $_GET['newVisibility'] === 'private';
+        }
+        foreach ($ids as $id) {
+            $id = (int) escape($id);
+            $link = $LINKSDB[$id];
+            $link['private'] = $private;
+            $pluginManager->executeHooks('save_link', $link);
+            $LINKSDB[$id] = $link;
+        }
+        $LINKSDB->save($conf->get('resource.page_cache')); // save to disk
+        $location = '?';
+        if (isset($_SERVER['HTTP_REFERER'])) {
+            $location = generateLocation(
+                $_SERVER['HTTP_REFERER'],
+                $_SERVER['HTTP_HOST']
+            );
+        }
+        header('Location: ' . $location); // After deleting the link, redirect to appropriate location
+        exit;
+    }
    // -------- User clicked the "EDIT" button on a link: Display link edit form.
    if (isset($_GET['edit_link'])) {
        $id = (int) escape($_GET['edit_link']);

diff --git a/index.php b/index.php index 633ab89e..322c360c 100644 --- a/index.php +++ b/index.php
@@ -1273,6 +1273,51 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager,
1273	exit;	1273	exit;
1274	}	1274	}
1275		1275
		1276	// -------- User clicked either "Set public" or "Set private" bulk operation
		1277	if ($targetPage == Router::$PAGE_CHANGE_VISIBILITY) {
		1278	if (! $sessionManager->checkToken($_GET['token'])) {
		1279	die(t('Wrong token.'));
		1280	}
		1281
		1282	$ids = trim($_GET['ids']);
		1283	if (strpos($ids, ' ') !== false) {
		1284	// multiple, space-separated ids provided
		1285	$ids = array_values(array_filter(preg_split('/\s+/', escape($ids))));
		1286	} else {
		1287	// only a single id provided
		1288	$ids = [$ids];
		1289	}
		1290
		1291	// assert at least one id is given
		1292	if (!count($ids)) {
		1293	die('no id provided');
		1294	}
		1295	// assert that the visibility is valid
		1296	if (!isset($_GET['newVisibility']) \|\| !in_array($_GET['newVisibility'], ['public', 'private'])) {
		1297	die('invalid visibility');
		1298	} else {
		1299	$private = $_GET['newVisibility'] === 'private';
		1300	}
		1301	foreach ($ids as $id) {
		1302	$id = (int) escape($id);
		1303	$link = $LINKSDB[$id];
		1304	$link['private'] = $private;
		1305	$pluginManager->executeHooks('save_link', $link);
		1306	$LINKSDB[$id] = $link;
		1307	}
		1308	$LINKSDB->save($conf->get('resource.page_cache')); // save to disk
		1309
		1310	$location = '?';
		1311	if (isset($_SERVER['HTTP_REFERER'])) {
		1312	$location = generateLocation(
		1313	$_SERVER['HTTP_REFERER'],
		1314	$_SERVER['HTTP_HOST']
		1315	);
		1316	}
		1317	header('Location: ' . $location); // After deleting the link, redirect to appropriate location
		1318	exit;
		1319	}
		1320
1276	// -------- User clicked the "EDIT" button on a link: Display link edit form.	1321	// -------- User clicked the "EDIT" button on a link: Display link edit form.
1277	if (isset($_GET['edit_link'])) {	1322	if (isset($_GET['edit_link'])) {
1278	$id = (int) escape($_GET['edit_link']);	1323	$id = (int) escape($_GET['edit_link']);