From 4df7ef0b3d703ac3380404749e9c0bc801c3e0b8 Mon Sep 17 00:00:00 2001
From: ArthurHoaro <arthur@hoa.ro>
Date: Sat, 5 Nov 2016 14:13:18 +0100
Subject: Bugfixes on link deletion, and use a GET form

Use a GET form to delete links: harmonize with edit_link and preparation for #585

Bug fixes:

  * LinkDB element can't be passed as reference, fix error:

    PHP Notice:  Indirect modification of overloaded element of LinkDB has no effect

  * Resource cache folder setting wasn't set correctly
---
 application/Router.php |  6 ++++++
 index.php              | 13 +++++++------
 tpl/linklist.html      |  5 ++---
 3 files changed, 15 insertions(+), 9 deletions(-)

diff --git a/application/Router.php b/application/Router.php
index caed4a28..c9a51912 100644
--- a/application/Router.php
+++ b/application/Router.php
@@ -31,6 +31,8 @@ class Router
 
     public static $PAGE_EDITLINK = 'edit_link';
 
+    public static $PAGE_DELETELINK = 'delete_link';
+
     public static $PAGE_EXPORT = 'export';
 
     public static $PAGE_IMPORT = 'import';
@@ -120,6 +122,10 @@ class Router
             return self::$PAGE_EDITLINK;
         }
 
+        if (isset($get['delete_link'])) {
+            return self::$PAGE_DELETELINK;
+        }
+
         if (startsWith($query, 'do='. self::$PAGE_EXPORT)) {
             return self::$PAGE_EXPORT;
         }
diff --git a/index.php b/index.php
index 84282b8d..c4c0d15a 100644
--- a/index.php
+++ b/index.php
@@ -1314,18 +1314,19 @@ function renderPage($conf, $pluginManager)
     }
 
     // -------- User clicked the "Delete" button when editing a link: Delete link from database.
-    if (isset($_POST['delete_link']))
+    if ($targetPage == Router::$PAGE_DELETELINK)
     {
-        if (!tokenOk($_POST['token'])) die('Wrong token.');
+        if (!tokenOk($_GET['token'])) die('Wrong token.');
         // We do not need to ask for confirmation:
         // - confirmation is handled by JavaScript
         // - we are protected from XSRF by the token.
-        $linkdate=$_POST['lf_linkdate'];
-
-        $pluginManager->executeHooks('delete_link', $LINKSDB[$linkdate]);
+        $linkdate = $_GET['delete_link'];
+        $link = $LINKSDB[$linkdate];
+        
+        $pluginManager->executeHooks('delete_link', $link);
 
         unset($LINKSDB[$linkdate]);
-        $LINKSDB->save('resource.page_cache'); // save to disk
+        $LINKSDB->save($conf->get('resource.page_cache')); // save to disk
 
         // If we are called from the bookmarklet, we must close the popup:
         if (isset($_GET['source']) && ($_GET['source']=='bookmarklet' || $_GET['source']=='firefoxsocialapi')) { echo '<script>self.close();</script>'; exit; }
diff --git a/tpl/linklist.html b/tpl/linklist.html
index 9782cff6..70c9cf79 100644
--- a/tpl/linklist.html
+++ b/tpl/linklist.html
@@ -86,10 +86,9 @@
                             <input type="hidden" name="edit_link" value="{$value.linkdate}">
                             <input type="image" alt="Edit" src="images/edit_icon.png#" title="Edit" class="button_edit">
                         </form><br>
-                        <form method="POST" class="buttoneditform">
-                            <input type="hidden" name="lf_linkdate" value="{$value.linkdate}">
+                        <form method="GET" class="buttoneditform">
                             <input type="hidden" name="token" value="{$token}">
-                            <input type="hidden" name="delete_link">
+                            <input type="hidden" name="delete_link" value="{$value.linkdate}">
                             <input type="image" alt="Delete" src="images/delete_icon.png#" title="Delete"
                                    class="button_delete" onClick="return confirmDeleteLink();">
                         </form>
-- 
cgit v1.2.3