Skip to content

Commit

Permalink
Convert leave private message to post request
Browse files Browse the repository at this point in the history 
#2033
  • Loading branch information
@samerton
samerton committed Aug 28, 2021
1 parent 4815784 commit 01f66f5
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 3 deletions.
18 changes: 17 additions & 1 deletion custom/templates/DefaultRevamp/user/view_message.tpl
View file
Expand Up @@ -40,7 +40,7 @@
{$PAGINATION}
<div class="res right floated">
<a class="ui small primary button" href="{$BACK_LINK}">{$BACK}</a>
<a class="ui small negative button" href="{$LEAVE_CONVERSATION_LINK}" onclick="return confirm('{$CONFIRM_LEAVE}');">{$LEAVE_CONVERSATION}</a>
<button class="ui small negative button" type="button" data-toggle="modal" data-target="#modal-leave">{$LEAVE_CONVERSATION}</button>
</div>
{foreach from=$MESSAGES item=message}
<div class="ui fluid card" id="message">
Expand Down Expand Up @@ -79,4 +79,20 @@
</div>
</div>

<div class="ui small modal" id="modal-leave">
<div class="header">
{$LEAVE_CONVERSATION}
</div>
<div class="content">
{$CONFIRM_LEAVE}
<form action="{$LEAVE_CONVERSATION_LINK}" method="post" id="leave-form">
<input type="hidden" name="token" value="{$TOKEN}">
</form>
</div>
<div class="actions">
<a class="ui negative button">{$NO}</a>
<a class="ui positive button" onclick="$('#leave-form').submit();">{$YES}</a>
</div>
</div>

{include file='footer.tpl'}
6 changes: 4 additions & 2 deletions modules/Core/pages/user/messaging.php
View file
Expand Up @@ -561,7 +561,9 @@
'NEW_REPLY' => $language->get('user', 'new_reply'),
'TOKEN' => Token::get(),
'SUBMIT' => $language->get('general', 'submit'),
'SUCCESS_TITLE' => $language->get('general', 'success')
'SUCCESS_TITLE' => $language->get('general', 'success'),
'YES' => $language->get('general', 'yes'),
'NO' => $language->get('general', 'no'),
));

// Markdown or HTML?
Expand Down Expand Up @@ -595,7 +597,7 @@

} else if ($_GET['action'] == 'leave') {
// Try to remove the user from the conversation
if (!isset($_GET['message']) || !is_numeric($_GET['message'])) {
if (!isset($_GET['message']) || !is_numeric($_GET['message']) || !Token::check($_POST['token'])) {
Redirect::to(URL::build('/user/messaging'));
die();
}
Expand Down

0 comments on commit 01f66f5

Please sign in to comment.