1 files changed, 4 insertions, 47 deletions
diff --git a/index.php b/index.php
index 12c7a8f1..93e5590b 100644
--- a/index.php
+++ b/index.php
@@ -499,6 +499,8 @@ function renderPage($conf, $pluginManager, $bookmarkService, $history, $sessionM
    // -------- All other functions are reserved for the registered user:
+    // TODO: Remove legacy admin route redirections. We'll only keep public URL.
    // -------- Display the Tools menu if requested (import/export/bookmarklet...)
    if ($targetPage == Router::$PAGE_TOOLS) {
        header('Location: ./admin/tools');
@@ -547,53 +549,7 @@ function renderPage($conf, $pluginManager, $bookmarkService, $history, $sessionM
    // -------- User clicked either "Set public" or "Set private" bulk operation
    if ($targetPage == Router::$PAGE_CHANGE_VISIBILITY) {
-        if (! $sessionManager->checkToken($_GET['token'])) {
+        header('Location: ./admin/shaare/visibility?id=' . $_GET['token']);
-            die(t('Wrong token.'));
-        }
-        $ids = trim($_GET['ids']);
-        if (strpos($ids, ' ') !== false) {
-            // multiple, space-separated ids provided
-            $ids = array_values(array_filter(preg_split('/\s+/', escape($ids))));
-        } else {
-            // only a single id provided
-            $ids = [$ids];
-        }
-        // assert at least one id is given
-        if (!count($ids)) {
-            die('no id provided');
-        }
-        // assert that the visibility is valid
-        if (!isset($_GET['newVisibility']) || !in_array($_GET['newVisibility'], ['public', 'private'])) {
-            die('invalid visibility');
-        } else {
-            $private = $_GET['newVisibility'] === 'private';
-        }
-        $factory = new FormatterFactory($conf, $loginManager->isLoggedIn());
-        $formatter = $factory->getFormatter('raw');
-        foreach ($ids as $id) {
-            $id = (int) escape($id);
-            $bookmark = $bookmarkService->get($id);
-            $bookmark->setPrivate($private);
-            // To preserve backward compatibility with 3rd parties, plugins still use arrays
-            $data = $formatter->format($bookmark);
-            $pluginManager->executeHooks('save_link', $data);
-            $bookmark->fromArray($data);
-            $bookmarkService->set($bookmark);
-        }
-        $bookmarkService->save();
-        $location = '?';
-        if (isset($_SERVER['HTTP_REFERER'])) {
-            $location = generateLocation(
-                $_SERVER['HTTP_REFERER'],
-                $_SERVER['HTTP_HOST']
-            );
-        }
-        header('Location: ' . $location); // After deleting the link, redirect to appropriate location
        exit;
    }
@@ -1164,6 +1120,7 @@ $app->group('', function () {
    $this->get('/admin/shaare/{id:[0-9]+}', '\Shaarli\Front\Controller\Admin\ManageShaareController:displayEditForm');
    $this->post('/admin/shaare', '\Shaarli\Front\Controller\Admin\ManageShaareController:save');
    $this->get('/admin/shaare/delete', '\Shaarli\Front\Controller\Admin\ManageShaareController:deleteBookmark');
+    $this->get('/admin/shaare/visibility', '\Shaarli\Front\Controller\Admin\ManageShaareController:changeVisibility');
    $this->get('/links-per-page', '\Shaarli\Front\Controller\Admin\SessionFilterController:linksPerPage');
    $this->get('/visibility/{visibility}', '\Shaarli\Front\Controller\Admin\SessionFilterController:visibility');

diff --git a/index.php b/index.php index 12c7a8f1..93e5590b 100644 --- a/index.php +++ b/index.php
@@ -499,6 +499,8 @@ function renderPage($conf, $pluginManager, $bookmarkService, $history, $sessionM
499		499
500	// -------- All other functions are reserved for the registered user:	500	// -------- All other functions are reserved for the registered user:
501		501
		502	// TODO: Remove legacy admin route redirections. We'll only keep public URL.
		503
502	// -------- Display the Tools menu if requested (import/export/bookmarklet...)	504	// -------- Display the Tools menu if requested (import/export/bookmarklet...)
503	if ($targetPage == Router::$PAGE_TOOLS) {	505	if ($targetPage == Router::$PAGE_TOOLS) {
504	header('Location: ./admin/tools');	506	header('Location: ./admin/tools');
@@ -547,53 +549,7 @@ function renderPage($conf, $pluginManager, $bookmarkService, $history, $sessionM
547		549
548	// -------- User clicked either "Set public" or "Set private" bulk operation	550	// -------- User clicked either "Set public" or "Set private" bulk operation
549	if ($targetPage == Router::$PAGE_CHANGE_VISIBILITY) {	551	if ($targetPage == Router::$PAGE_CHANGE_VISIBILITY) {
550	if (! $sessionManager->checkToken($_GET['token'])) {	552	header('Location: ./admin/shaare/visibility?id=' . $_GET['token']);
551	die(t('Wrong token.'));
552	}
553
554	$ids = trim($_GET['ids']);
555	if (strpos($ids, ' ') !== false) {
556	// multiple, space-separated ids provided
557	$ids = array_values(array_filter(preg_split('/\s+/', escape($ids))));
558	} else {
559	// only a single id provided
560	$ids = [$ids];
561	}
562
563	// assert at least one id is given
564	if (!count($ids)) {
565	die('no id provided');
566	}
567	// assert that the visibility is valid
568	if (!isset($_GET['newVisibility']) \|\| !in_array($_GET['newVisibility'], ['public', 'private'])) {
569	die('invalid visibility');
570	} else {
571	$private = $_GET['newVisibility'] === 'private';
572	}
573	$factory = new FormatterFactory($conf, $loginManager->isLoggedIn());
574	$formatter = $factory->getFormatter('raw');
575	foreach ($ids as $id) {
576	$id = (int) escape($id);
577	$bookmark = $bookmarkService->get($id);
578	$bookmark->setPrivate($private);
579
580	// To preserve backward compatibility with 3rd parties, plugins still use arrays
581	$data = $formatter->format($bookmark);
582	$pluginManager->executeHooks('save_link', $data);
583	$bookmark->fromArray($data);
584
585	$bookmarkService->set($bookmark);
586	}
587	$bookmarkService->save();
588
589	$location = '?';
590	if (isset($_SERVER['HTTP_REFERER'])) {
591	$location = generateLocation(
592	$_SERVER['HTTP_REFERER'],
593	$_SERVER['HTTP_HOST']
594	);
595	}
596	header('Location: ' . $location); // After deleting the link, redirect to appropriate location
597	exit;	553	exit;
598	}	554	}
599		555
@@ -1164,6 +1120,7 @@ $app->group('', function () {
1164	$this->get('/admin/shaare/{id:[0-9]+}', '\Shaarli\Front\Controller\Admin\ManageShaareController:displayEditForm');	1120	$this->get('/admin/shaare/{id:[0-9]+}', '\Shaarli\Front\Controller\Admin\ManageShaareController:displayEditForm');
1165	$this->post('/admin/shaare', '\Shaarli\Front\Controller\Admin\ManageShaareController:save');	1121	$this->post('/admin/shaare', '\Shaarli\Front\Controller\Admin\ManageShaareController:save');
1166	$this->get('/admin/shaare/delete', '\Shaarli\Front\Controller\Admin\ManageShaareController:deleteBookmark');	1122	$this->get('/admin/shaare/delete', '\Shaarli\Front\Controller\Admin\ManageShaareController:deleteBookmark');
		1123	$this->get('/admin/shaare/visibility', '\Shaarli\Front\Controller\Admin\ManageShaareController:changeVisibility');
1167		1124
1168	$this->get('/links-per-page', '\Shaarli\Front\Controller\Admin\SessionFilterController:linksPerPage');	1125	$this->get('/links-per-page', '\Shaarli\Front\Controller\Admin\SessionFilterController:linksPerPage');
1169	$this->get('/visibility/{visibility}', '\Shaarli\Front\Controller\Admin\SessionFilterController:visibility');	1126	$this->get('/visibility/{visibility}', '\Shaarli\Front\Controller\Admin\SessionFilterController:visibility');