Skip to content

Commit

Permalink
Convert reset profile banner to post request
Browse files Browse the repository at this point in the history 
#2033
  • Loading branch information
@samerton
samerton committed Aug 28, 2021
1 parent 2265ee6 commit 27af836
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 9 deletions.
9 changes: 6 additions & 3 deletions custom/templates/DefaultRevamp/profile.tpl
View file
Expand Up @@ -13,9 +13,12 @@
{/if}
<a class="ui tiny default icon button" href="{$MESSAGE_LINK}" ><i class="envelope icon"></i></a>
{if isset($RESET_PROFILE_BANNER)}
<a href="{$RESET_PROFILE_BANNER_LINK}" class="ui tiny negative icon button" data-toggle="tooltip" data-content="{$RESET_PROFILE_BANNER}">
<i class="picture icon"></i>
</a>
<form action="{$RESET_PROFILE_BANNER_LINK}" method="post" style="display: inline">
<input type="hidden" name="token" value="{$TOKEN}" />
<button class="ui tiny negative icon button" data-toggle="tooltip" data-content="{$RESET_PROFILE_BANNER}">
<i class="picture icon"></i>
</button>
</form>
{/if}
{/if}
{/if}
Expand Down
17 changes: 11 additions & 6 deletions modules/Core/pages/profile.php
View file
Expand Up @@ -363,13 +363,18 @@
break;

case 'reset_banner':
if ($user->hasPermission('modcp.profile_banner_reset')) {
$queries->update('users', $query->id, array(
'banner' => null
));
}
if (Token::check($_POST['token'])) {
if ($user->hasPermission('modcp.profile_banner_reset')) {
$queries->update('users', $query->id, array(
'banner' => null
));
}

Redirect::to($profile_user->getProfileURL());
die();

} else $error = $language->get('general', 'invalid_token');

Redirect::to($profile_user->getProfileURL());
break;
}
}
Expand Down

0 comments on commit 27af836

Please sign in to comment.