Skip to content

Commit

Permalink
Convert more StaffCP actions to POST requests
Browse files Browse the repository at this point in the history 
- Email error delete/purge
- Minecraft query error purge
- Error log purge
- User report close/re-open
  • Loading branch information
@samerton
samerton committed Aug 5, 2022
1 parent dc25119 commit 6151b62
Show file tree
Hide file tree
Showing 9 changed files with 116 additions and 38 deletions.
12 changes: 9 additions & 3 deletions custom/panel_templates/Default/core/emails_errors.tpl
View file
Expand Up @@ -114,7 +114,10 @@
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-dismiss="modal">{$NO}</button>
<a href="{$PURGE_LINK}" class="btn btn-primary">{$YES}</a>
<form action="{$PURGE_LINK}" method="post" style="display: inline">
<input type="hidden" name="token" value="{$TOKEN}" />
<input type="submit" class="btn btn-primary" value="{$YES}" />
</form>
</div>
</div>
</div>
Expand All @@ -135,7 +138,10 @@
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-dismiss="modal">{$NO}</button>
<a href="" id="deleteLink" class="btn btn-primary">{$YES}</a>
<form action="" id="deleteAction" method="post" style="display: inline">
<input type="hidden" name="token" value="{$TOKEN}" />
<input type="submit" class="btn btn-primary" value="{$YES}" />
</form>
</div>
</div>
</div>
Expand All @@ -152,7 +158,7 @@
}
function showDeleteModal(id) {
$('#deleteLink').attr('href', '{$DELETE_LINK}'.replace('{literal}{x}{/literal}', id));
$('#deleteAction').attr('action', '{$DELETE_LINK}'.replace('{literal}{x}{/literal}', id));
$('#deleteModal').modal().show();
}
</script>
Expand Down
5 changes: 4 additions & 1 deletion custom/panel_templates/Default/core/emails_errors_view.tpl
View file
Expand Up @@ -132,7 +132,10 @@
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-dismiss="modal">{$NO}</button>
<a href="{$DELETE_ERROR_LINK}" class="btn btn-primary">{$YES}</a>
<form action="{$DELETE_ERROR_LINK}" method="post" style="display: inline">
<input type="hidden" name="token" value="{$TOKEN}" />
<input type="submit" class="btn btn-primary" value="{$YES}" />
</form>
</div>
</div>
</div>
Expand Down
8 changes: 7 additions & 1 deletion custom/panel_templates/Default/core/errors_view.tpl
View file
Expand Up @@ -43,6 +43,9 @@
</div>
<hr />

<!-- Success and Error Alerts -->
{include file='includes/alerts.tpl'}

{if isset($LOG)}
<pre class="error_log">
{$LOG}
Expand Down Expand Up @@ -85,7 +88,10 @@
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-dismiss="modal">{$NO}</button>
<a href="{$PURGE_LOG_LINK}" class="btn btn-primary">{$YES}</a>
<form action="{$PURGE_LOG_LINK}" method="post">
<input type="hidden" name="token" value="{$TOKEN}">
<input type="submit" class="btn btn-primary" value="{$YES}">
</form>
</div>
</div>
</div>
Expand Down
14 changes: 12 additions & 2 deletions custom/panel_templates/Default/core/users_reports_view.tpl
View file
Expand Up @@ -109,9 +109,9 @@
<input type="submit" value="{$SUBMIT}" class="btn btn-primary">
<div class="float-md-right">
{if isset($CLOSE_REPORT)}
<a href="{$CLOSE_LINK}" class="btn btn-danger">{$CLOSE_REPORT}</a>
<button type="button" onclick="closeReport()" class="btn btn-danger">{$CLOSE_REPORT}</button>
{else}
<a href="{$REOPEN_LINK}" class="btn btn-danger">{$REOPEN_REPORT}</a>
<button type="button" onclick="reopenReport()" class="btn btn-danger">{$REOPEN_REPORT}</button>
{/if}
</div>
</div>
Expand Down Expand Up @@ -139,6 +139,16 @@

{include file='scripts.tpl'}

<script type="text/javascript">
function closeReport() {
$.post("{$CLOSE_LINK}", { token: "{$TOKEN}" }).done(function () { window.location.reload(); });
}
function reopenReport() {
$.post("{$REOPEN_LINK}", { token: "{$TOKEN}" }).done(function () { window.location.reload(); });
}
</script>

</body>

</html>
6 changes: 4 additions & 2 deletions custom/panel_templates/Default/integrations/minecraft/minecraft_query_errors.tpl
View file
Expand Up @@ -126,13 +126,15 @@
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-dismiss="modal">{$NO}</button>
<a href="{$PURGE_QUERY_ERRORS_LINK}" class="btn btn-primary">{$YES}</a>
<form action="{$PURGE_QUERY_ERRORS_LINK}" method="post" style="display: inline">
<input type="hidden" name="token" value="{$TOKEN}" />
<input type="submit" class="btn btn-primary" value="{$YES}" />
</form>
</div>
</div>
</div>
</div>


<!-- End Wrapper -->
</div>

Expand Down
34 changes: 23 additions & 11 deletions modules/Core/pages/panel/emails_errors.php
View file
Expand Up @@ -21,21 +21,28 @@
require_once(ROOT_PATH . '/core/templates/backend_init.php');

if (isset($_GET['do'])) {
if ($_GET['do'] == 'purge') {
// Purge all errors
if (in_array($_GET['do'], ['delete', 'purge'])) {
if (Token::check()) {
if ($_GET['do'] == 'purge') {
// Purge all errors

DB::getInstance()->delete('email_errors', ['id', '<>', 0]);
DB::getInstance()->delete('email_errors', ['id', '<>', 0]);

Session::flash('emails_errors_success', $language->get('admin', 'email_errors_purged_successfully'));
Redirect::to(URL::build('/panel/core/emails/errors'));
}
Session::flash('emails_errors_success', $language->get('admin', 'email_errors_purged_successfully'));
Redirect::to(URL::build('/panel/core/emails/errors'));
}

if ($_GET['do'] == 'delete' && isset($_GET['id']) && is_numeric($_GET['id'])) {
if ($_GET['do'] == 'delete' && isset($_GET['id']) && is_numeric($_GET['id'])) {

DB::getInstance()->delete('email_errors', ['id', $_GET['id']]);
DB::getInstance()->delete('email_errors', ['id', $_GET['id']]);

Session::flash('emails_errors_success', $language->get('admin', 'error_deleted_successfully'));
Redirect::to(URL::build('/panel/core/emails/errors'));
Session::flash('emails_errors_success', $language->get('admin', 'error_deleted_successfully'));
Redirect::to(URL::build('/panel/core/emails/errors'));
}
} else {
Session::flash('emails_errors_error', $language->get('general', 'invalid_token'));
Redirect::to(URL::build('/panel/core/emails/errors'));
}
}

if ($_GET['do'] == 'view' && isset($_GET['id']) && is_numeric($_GET['id'])) {
Expand Down Expand Up @@ -216,6 +223,10 @@
]);
}

if (Session::exists('emails_errors_error')) {
$errors = [Session::flash('emails_errors_error')];
}

if (isset($errors) && count($errors)) {
$smarty->assign([
'ERRORS' => $errors,
Expand All @@ -231,7 +242,8 @@
'EMAILS_LINK' => URL::build('/panel/core/emails'),
'EMAIL_ERRORS' => $language->get('admin', 'email_errors'),
'PAGE' => PANEL_PAGE,
'BACK' => $language->get('general', 'back')
'BACK' => $language->get('general', 'back'),
'TOKEN' => Token::get(),
]);

$template->onPageLoad();
Expand Down
20 changes: 16 additions & 4 deletions modules/Core/pages/panel/errors.php
View file
Expand Up @@ -21,9 +21,13 @@
require_once(ROOT_PATH . '/core/templates/backend_init.php');

if (isset($_GET['log'], $_GET['do']) && $_GET['do'] == 'purge') {
file_put_contents(implode(DIRECTORY_SEPARATOR, [ROOT_PATH, 'cache', 'logs', $_GET['log'] . '-log.log']), '');
Session::flash('error_log_success', $language->get('admin', 'log_purged_successfully'));
Redirect::to(URL::build('/panel/core/errors'));
if (Token::check()) {
file_put_contents(implode(DIRECTORY_SEPARATOR, [ROOT_PATH, 'cache', 'logs', $_GET['log'] . '-log.log']), '');
Session::flash('error_log_success', $language->get('admin', 'log_purged_successfully'));
Redirect::to(URL::build('/panel/core/errors'));
} else {
Session::flash('error_log_error', $language->get('general', 'invalid_token'));
}
}

// Load modules + template
Expand Down Expand Up @@ -69,6 +73,13 @@
$smarty->assign('NO_LOG_FOUND', $language->get('admin', 'log_file_not_found'));
}

if (Session::exists('error_log_error')) {
$smarty->assign([
'ERRORS' => [Session::flash('error_log_error')],
'ERRORS_TITLE' => $language->get('general', 'error')
]);
}

$smarty->assign([
'BACK_LINK' => URL::build('/panel/core/errors'),
'LOG_NAME' => $title,
Expand Down Expand Up @@ -101,7 +112,8 @@
'DEBUGGING_AND_MAINTENANCE' => $language->get('admin', 'debugging_and_maintenance'),
'PAGE' => PANEL_PAGE,
'ERROR_LOGS' => $language->get('admin', 'error_logs'),
'BACK' => $language->get('general', 'back')
'BACK' => $language->get('general', 'back'),
'TOKEN' => Token::get(),
]);

$template->onPageLoad();
Expand Down
13 changes: 11 additions & 2 deletions modules/Core/pages/panel/minecraft_query_errors.php
View file
Expand Up @@ -23,8 +23,13 @@

if (!isset($_GET['id'])) {
if (isset($_GET['action']) && $_GET['action'] == 'purge') {
DB::getInstance()->delete('query_errors', ['id', '<>', 0]);
Session::flash('panel_query_errors_success', $language->get('admin', 'query_errors_purged_successfully'));
if (Token::check()) {
DB::getInstance()->delete('query_errors', ['id', '<>', 0]);
Session::flash('panel_query_errors_success', $language->get('admin', 'query_errors_purged_successfully'));
} else {
Session::flash('panel_query_errors_error', $language->get('general', 'invalid_token'));
}

Redirect::to(URL::build('/panel/minecraft/query_errors'));
}

Expand Down Expand Up @@ -119,6 +124,10 @@
$success = Session::flash('panel_query_errors_success');
}

if (Session::exists('panel_query_errors_error')) {
$errors = [Session::flash('panel_query_errors_error')];
}

if (isset($success)) {
$smarty->assign([
'SUCCESS' => $success,
Expand Down
42 changes: 30 additions & 12 deletions modules/Core/pages/panel/users_reports.php
View file
Expand Up @@ -306,26 +306,33 @@
// Close report
if (is_numeric($_GET['id'])) {
// Get report
$report = DB::getInstance()->get('reports', ['id', $_GET['id']])->results();
if (count($report)) {
DB::getInstance()->update('reports', $report[0]->id, [
$report = DB::getInstance()->get('reports', ['id', $_GET['id']]);
if ($report->count()) {
$report = $report->first();

if (!Token::check()) {
Session::flash('report_error', $language->get('general', 'invalid_token'));
die();
}

DB::getInstance()->update('reports', $report->id, [
'status' => 1,
'date_updated' => date('Y-m-d H:i:s'),
'updated' => date('U'),
'updated_by' => $user->data()->id
]);

DB::getInstance()->insert('reports_comments', [
'report_id' => $report[0]->id,
'report_id' => $report->id,
'commenter_id' => $user->data()->id,
'comment_date' => date('Y-m-d H:i:s'),
'date' => date('U'),
'comment_content' => $language->get('moderator', 'x_closed_report', ['user' => Output::getClean($user->data()->username)])
'comment_content' => $language->get('moderator', 'x_closed_report', ['user' => $user->getDisplayname()])
]);
}

Session::flash('report_success', $language->get('moderator', 'report_closed'));
Redirect::to(URL::build('/panel/users/reports/', 'id=' . urlencode($report[0]->id)));
Redirect::to(URL::build('/panel/users/reports/', 'id=' . urlencode($report->id)));
}

Redirect::to(URL::build('/panel/users/reports'));
Expand All @@ -335,26 +342,33 @@
// Reopen report
if (is_numeric($_GET['id'])) {
// Get report
$report = DB::getInstance()->get('reports', ['id', $_GET['id']])->results();
if (count($report)) {
DB::getInstance()->update('reports', $report[0]->id, [
$report = DB::getInstance()->get('reports', ['id', $_GET['id']]);
if ($report->count()) {
$report = $report->first();

if (!Token::check()) {
Session::flash('report_error', $language->get('general', 'invalid_token'));
die();
}

DB::getInstance()->update('reports', $report->id, [
'status' => false,
'date_updated' => date('Y-m-d H:i:s'),
'updated' => date('U'),
'updated_by' => $user->data()->id
]);

DB::getInstance()->insert('reports_comments', [
'report_id' => $report[0]->id,
'report_id' => $report->id,
'commenter_id' => $user->data()->id,
'comment_date' => date('Y-m-d H:i:s'),
'date' => date('U'),
'comment_content' => $language->get('moderator', 'x_reopened_report', ['user' => $user->data()->username])
'comment_content' => $language->get('moderator', 'x_reopened_report', ['user' => $user->getDisplayname()])
]);
}

Session::flash('report_success', $language->get('moderator', 'report_reopened'));
Redirect::to(URL::build('/panel/users/reports/', 'id=' . urlencode($report[0]->id)));
Redirect::to(URL::build('/panel/users/reports/', 'id=' . urlencode($report->id)));
}

Redirect::to(URL::build('/panel/users/reports'));
Expand All @@ -371,6 +385,10 @@
$success = Session::flash('report_success');
}

if (Session::exists('report_error')) {
$errors = [Session::flash('report_error')];
}

if (isset($success)) {
$smarty->assign([
'SUCCESS' => $success,
Expand Down

0 comments on commit 6151b62

Please sign in to comment.