diff options
Diffstat (limited to 'index.php')
-rw-r--r-- | index.php | 32 |
1 files changed, 30 insertions, 2 deletions
@@ -1084,7 +1084,8 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
1084 | die(t('Wrong token.')); | 1084 | die(t('Wrong token.')); |
1085 | } | 1085 | } |
1086 | 1086 | ||
1087 | $alteredLinks = $LINKSDB->renameTag(escape($_POST['fromtag']), escape($_POST['totag'])); | 1087 | $toTag = isset($_POST['totag']) ? escape($_POST['totag']) : null; |
1088 | $alteredLinks = $LINKSDB->renameTag(escape($_POST['fromtag']), $toTag); | ||
1088 | $LINKSDB->save($conf->get('resource.page_cache')); | 1089 | $LINKSDB->save($conf->get('resource.page_cache')); |
1089 | foreach ($alteredLinks as $link) { | 1090 | foreach ($alteredLinks as $link) { |
1090 | $history->updateLink($link); | 1091 | $history->updateLink($link); |
@@ -1236,10 +1237,10 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
1236 | $id = (int) escape($id); | 1237 | $id = (int) escape($id); |
1237 | $link = $LINKSDB[$id]; | 1238 | $link = $LINKSDB[$id]; |
1238 | $pluginManager->executeHooks('delete_link', $link); | 1239 | $pluginManager->executeHooks('delete_link', $link); |
1240 | $history->deleteLink($link); | ||
1239 | unset($LINKSDB[$id]); | 1241 | unset($LINKSDB[$id]); |
1240 | } | 1242 | } |
1241 | $LINKSDB->save($conf->get('resource.page_cache')); // save to disk | 1243 | $LINKSDB->save($conf->get('resource.page_cache')); // save to disk |
1242 | $history->deleteLink($link); | ||
1243 | 1244 | ||
1244 | // If we are called from the bookmarklet, we must close the popup: | 1245 | // If we are called from the bookmarklet, we must close the popup: |
1245 | if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo '<script>self.close();</script>'; exit; } | 1246 | if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo '<script>self.close();</script>'; exit; } |
@@ -1352,6 +1353,25 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
1352 | exit; | 1353 | exit; |
1353 | } | 1354 | } |
1354 | 1355 | ||
1356 | if ($targetPage == Router::$PAGE_PINLINK) { | ||
1357 | if (! isset($_GET['id']) || empty($LINKSDB[$_GET['id']])) { | ||
1358 | // FIXME! Use a proper error system. | ||
1359 | $msg = t('Invalid link ID provided'); | ||
1360 | echo '<script>alert("'. $msg .'");document.location=\''. index_url($_SERVER) .'\';</script>'; | ||
1361 | exit; | ||
1362 | } | ||
1363 | if (! $sessionManager->checkToken($_GET['token'])) { | ||
1364 | die('Wrong token.'); | ||
1365 | } | ||
1366 | |||
1367 | $link = $LINKSDB[$_GET['id']]; | ||
1368 | $link['sticky'] = ! $link['sticky']; | ||
1369 | $LINKSDB[(int) $_GET['id']] = $link; | ||
1370 | $LINKSDB->save($conf->get('resource.page_cache')); | ||
1371 | header('Location: '.index_url($_SERVER)); | ||
1372 | exit; | ||
1373 | } | ||
1374 | |||
1355 | if ($targetPage == Router::$PAGE_EXPORT) { | 1375 | if ($targetPage == Router::$PAGE_EXPORT) { |
1356 | // Export links as a Netscape Bookmarks file | 1376 | // Export links as a Netscape Bookmarks file |
1357 | 1377 | ||
@@ -1858,6 +1878,7 @@ $app->group('/api/v1', function() { | |||
1858 | })->add('\Shaarli\Api\ApiMiddleware'); | 1878 | })->add('\Shaarli\Api\ApiMiddleware'); |
1859 | 1879 | ||
1860 | $response = $app->run(true); | 1880 | $response = $app->run(true); |
1881 | |||
1861 | // Hack to make Slim and Shaarli router work together: | 1882 | // Hack to make Slim and Shaarli router work together: |
1862 | // If a Slim route isn't found and NOT API call, we call renderPage(). | 1883 | // If a Slim route isn't found and NOT API call, we call renderPage(). |
1863 | if ($response->getStatusCode() == 404 && strpos($_SERVER['REQUEST_URI'], '/api/v1') === false) { | 1884 | if ($response->getStatusCode() == 404 && strpos($_SERVER['REQUEST_URI'], '/api/v1') === false) { |
@@ -1865,5 +1886,12 @@ if ($response->getStatusCode() == 404 && strpos($_SERVER['REQUEST_URI'], '/api/v | |||
1865 | header('Content-Type: text/html; charset=utf-8'); | 1886 | header('Content-Type: text/html; charset=utf-8'); |
1866 | renderPage($conf, $pluginManager, $linkDb, $history, $sessionManager, $loginManager); | 1887 | renderPage($conf, $pluginManager, $linkDb, $history, $sessionManager, $loginManager); |
1867 | } else { | 1888 | } else { |
1889 | $response = $response | ||
1890 | ->withHeader('Access-Control-Allow-Origin', '*') | ||
1891 | ->withHeader( | ||
1892 | 'Access-Control-Allow-Headers', | ||
1893 | 'X-Requested-With, Content-Type, Accept, Origin, Authorization' | ||
1894 | ) | ||
1895 | ->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS'); | ||
1868 | $app->respond($response); | 1896 | $app->respond($response); |
1869 | } | 1897 | } |