Skip to content

Commit

Permalink
Convert delete topic to post request
Browse files Browse the repository at this point in the history 
#2033
  • Loading branch information
@partydragen
partydragen committed Aug 28, 2021
1 parent faca164 commit 5766cb9
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 3 deletions.
6 changes: 5 additions & 1 deletion custom/templates/DefaultRevamp/forum/view_topic.tpl
View file
Expand Up @@ -356,7 +356,11 @@
</div>
<div class="actions">
<a class="ui negative button">{$CANCEL}</a>
<a class="ui positive button" href="{$DELETE_URL}">{$DELETE}</a>

<form action="{$DELETE_URL}" method="post" id="deleteTopic" style="display: none">
<input type="hidden" value="{$TOKEN}" name="token" />
</form>
<a type="submit" class="ui positive button" onclick="document.getElementById('deleteTopic').submit()">{$DELETE}</a>
</div>
</div>
{/if}
Expand Down
10 changes: 8 additions & 2 deletions modules/Forum/pages/forum/delete.php
View file
Expand Up @@ -2,7 +2,7 @@
/*
* Made by Samerton
* https://github.com/NamelessMC/Nameless/
* NamelessMC version 2.0.0-pr8
* NamelessMC version 2.0.0-pr12
*
* License: MIT
*
Expand Down Expand Up @@ -33,7 +33,13 @@
$topic = $queries->getWhere('topics', array('id', '=', $topic_id));

if (!count($topic)) {
Redirect::to(URL::build('forum'));
Redirect::to(URL::build('/forum'));
die();
}

if (!isset($_POST['token']) || !Token::check($_POST['token'])) {
Session::flash('failure_post', $language->get('general', 'invalid_token'));
Redirect::to(URL::build('/forum/topic/' . $topic_id));
die();
}

Expand Down

0 comments on commit 5766cb9

Please sign in to comment.