]> git.mjollnir.org Git - moodle.git/commitdiff
projects / moodle.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7ffb7e9)
added sesskey and confirmation for deletion of blog entries
authortoyomoyo <toyomoyo>
Tue, 14 Mar 2006 06:56:58 +0000 (06:56 +0000)
committertoyomoyo <toyomoyo>
Tue, 14 Mar 2006 06:56:58 +0000 (06:56 +0000)
blog/edit.php patch | blob | history
blog/lib.php patch | blob | history

diff --git a/blog/edit.php b/blog/edit.php
index 81b33c88e32aae1602209762bfe85af97f7d1d00..d0abb380fda8e28c7c0ee111720f6aa276ea31e2 100755 (executable)
--- a/blog/edit.php
+++ b/blog/edit.php
@@ -56,13 +56,27 @@ if ( !blog_user_has_rights($PAGE->bloginfo) ) {
 
 if (isset($act) && $act == 'del' && confirm_sesskey())
 {
-    if (optional_param($confirm,0,PARAM_INT)) {
-        require_variable($postid);
+    $postid = required_param('postid', PARAM_INT);
+    if (optional_param('confirm',0,PARAM_INT)) {
         do_delete($PAGE->bloginfo, $postid);
     } else {
     /// prints blog entry and what confirmation form
-
-
+        echo '<div align="center"><form method="GET" action="edit.php">';
+        echo '<input type="hidden" name="act" value="del" />';
+        echo '<input type="hidden" name="confirm" value="1" />';
+        echo '<input type="hidden" name="postid" value="'.$postid.'" />';
+        echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
+        print_string('blogdeleteconfirm', 'blog');
+        
+        $post = get_record('post', 'id', $postid);
+        $entry = new BlogEntry($post);
+        blog_print_entry($entry);
+        echo '<br />';
+        echo '<input type="submit" value="'.get_string('delete').'" /> ';
+        echo ' <input type="button" value="'.get_string('cancel').'" onclick="javascript:history.go(-1)" />';
+        echo '</form></div>';
+        print_footer($course);
+        die;
     }
 }
 if ($usehtmleditor = can_use_richtext_editor()) {
@@ -109,7 +123,6 @@ if (($post = data_submitted( get_referer() )) && confirm_sesskey()) {
     $post->categoryid = array(1);
     $post->publishstate = 'draft';
     $post->courseid  = $courseid;
-    
 
 }
 
diff --git a/blog/lib.php b/blog/lib.php
index 872c24d6ee18c4280f0a4d02f44d24168a017cba..efa93c804d126f8152b8243577024eecdddcab06 100755 (executable)
--- a/blog/lib.php
+++ b/blog/lib.php
@@ -753,7 +753,7 @@ function blog_get_moodle_pix_path(){
  *     in its complete form (eg. archive page). If anything other than 'full'
  *     display the entry in its abbreviated format (eg. index page)
  */
-function blog_print_entry(&$blogEntry, $viewtype='full', $filtertype, $filterselect) {
+function blog_print_entry(&$blogEntry, $viewtype='full', $filtertype='', $filterselect='') {
     global $CFG, $THEME, $USER;
     static $bloginfoarray;
 
@@ -847,11 +847,11 @@ function blog_print_entry_content ($template, $entryid, $filtertype='', $filters
 
     if (isset($USER->id)) {
         if (($template['userid'] == $USER->id) or isteacher($course->id)) {
-                echo '<a href="'.$CFG->wwwroot.'/blog/edit.php?editid='.$entryid.'&amplsesskey='.sesskey().'">'.$stredit.'</a>';
+                echo '<a href="'.$CFG->wwwroot.'/blog/edit.php?editid='.$entryid.'&amp;sesskey='.sesskey().'">'.$stredit.'</a>';
         }
 
         if (($template['userid'] == $USER->id) or isteacher($course->id)) {
-            echo '| <a href="'.$CFG->wwwroot.'/blog/edit.php?act=del&amp;postid='.$entryid.'&amplsesskey='.sesskey().'">'.$strdelete.'</a>';
+            echo '| <a href="'.$CFG->wwwroot.'/blog/edit.php?act=del&amp;postid='.$entryid.'&amp;sesskey='.sesskey().'">'.$strdelete.'</a>';
         }
     }
 
Unnamed repository; edit this file to name it for gitweb.