aboutsummaryrefslogtreecommitdiffhomepage
path: root/index.php
diff options
context:
space:
mode:
Diffstat (limited to 'index.php')
-rw-r--r--index.php16
1 files changed, 8 insertions, 8 deletions
diff --git a/index.php b/index.php
index a0a3a8c7..34f0e381 100644
--- a/index.php
+++ b/index.php
@@ -1325,21 +1325,21 @@ function renderPage($conf, $pluginManager)
1325 } 1325 }
1326 1326
1327 // -------- User clicked the "Delete" button when editing a link: Delete link from database. 1327 // -------- User clicked the "Delete" button when editing a link: Delete link from database.
1328 if (isset($_POST['delete_link'])) 1328 if ($targetPage == Router::$PAGE_DELETELINK)
1329 { 1329 {
1330 if (!tokenOk($_POST['token'])) die('Wrong token.');
1331
1332 // We do not need to ask for confirmation: 1330 // We do not need to ask for confirmation:
1333 // - confirmation is handled by JavaScript 1331 // - confirmation is handled by JavaScript
1334 // - we are protected from XSRF by the token. 1332 // - we are protected from XSRF by the token.
1335 1333
1336 // FIXME! We keep `lf_linkdate` for consistency before a proper API. To be removed. 1334 if (! tokenOk($_GET['token'])) {
1337 $id = isset($_POST['lf_id']) ? intval(escape($_POST['lf_id'])) : intval(escape($_POST['lf_linkdate'])); 1335 die('Wrong token.');
1338 1336 }
1339 $pluginManager->executeHooks('delete_link', $LINKSDB[$id]);
1340 1337
1338 $id = intval(escape($_GET['lf_linkdate']));
1339 $link = $LINKSDB[$id];
1340 $pluginManager->executeHooks('delete_link', $link);
1341 unset($LINKSDB[$id]); 1341 unset($LINKSDB[$id]);
1342 $LINKSDB->save('resource.page_cache'); // save to disk 1342 $LINKSDB->save($conf->get('resource.page_cache')); // save to disk
1343 1343
1344 // If we are called from the bookmarklet, we must close the popup: 1344 // If we are called from the bookmarklet, we must close the popup:
1345 if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo '<script>self.close();</script>'; exit; } 1345 if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo '<script>self.close();</script>'; exit; }