Overview
Comment:Fix attachment delete
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk | stable
Files: files | file ages | folders
SHA3-256: 0ea9348ee8522dd3ca798633b1db6c581cb8f1f54ff85e33bf7e83885afc0534
User & Date: bohwaz on 2021-04-18 12:40:45
Other Links: manifest | tags
Context
2021-04-18
12:53
Fix redirect in http function check-in: 80b2aca31a user: bohwaz tags: trunk, stable
12:40
Fix attachment delete check-in: 0ea9348ee8 user: bohwaz tags: trunk, stable
12:35
Fix permissions to website check-in: fa6116ad73 user: bohwaz tags: trunk, stable
Changes

Modified src/templates/web/page.tpl from [a3e822ccef] to [419cb9b89a].

11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
		<li><a href="{$admin_url}web/?p={$page.parent}">Retour à la liste</a></li>
		{if $session->canAccess($session::SECTION_WEB, $session::ACCESS_WRITE)}
			<li><a href="{$admin_url}web/edit.php?p={$page.path}">Modifier</a></li>
		{/if}
		{if $page.status == $page::STATUS_ONLINE && !$config.site_disabled}
			<li><a href="{$page->url()}" target="_blank">Voir sur le site</a></li>
		{/if}
		{if $session->canAccess($session::SECTION_WEB, $session::ACCESS_ADMIN)}
			<li><a href="{$admin_url}web/delete.php?p={$page.path}">Supprimer</a></li>
		{/if}
	</ul>
</nav>

{if !empty($breadcrumbs)}
<nav class="breadcrumbs">







|







11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
		<li><a href="{$admin_url}web/?p={$page.parent}">Retour à la liste</a></li>
		{if $session->canAccess($session::SECTION_WEB, $session::ACCESS_WRITE)}
			<li><a href="{$admin_url}web/edit.php?p={$page.path}">Modifier</a></li>
		{/if}
		{if $page.status == $page::STATUS_ONLINE && !$config.site_disabled}
			<li><a href="{$page->url()}" target="_blank">Voir sur le site</a></li>
		{/if}
		{if $session->canAccess($session::SECTION_WEB, $session::ACCESS_WRITE)}
			<li><a href="{$admin_url}web/delete.php?p={$page.path}">Supprimer</a></li>
		{/if}
	</ul>
</nav>

{if !empty($breadcrumbs)}
<nav class="breadcrumbs">

Modified src/www/admin/web/_attach.php from [a59c3eef8c] to [c602997b78].

16
17
18
19
20
21
22
23

24
25
26
27
28
29
30


31
32
33
34
35
36
37
38

if (!$page) {
	throw new UserException('Page inconnue');
}

$csrf_key = 'attach_' . $page->id();

$form->runIf('delete', function () use ($session) {

	$file = Files::get(f('delete'));

	if (!$file || !$file->checkDeleteAccess($session)) {
		throw new UserException('Vous ne pouvez pas supprimer ce fichier');
	}

	$file->delete();


}, $csrf_key, Utils::getSelfURI());


$form->runIf(f('upload') || f('uploadHelper_mode'), function () use ($page) {
	if (f('uploadHelper_status') > 0) {
		throw new UserException('Un seul fichier peut être envoyé en même temps.');
	}








|
>
|






>
>
|







16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

if (!$page) {
	throw new UserException('Page inconnue');
}

$csrf_key = 'attach_' . $page->id();

$form->runIf('delete', function () use ($page, $session) {
	$path = Utils::dirname($page->file_path) . '/' . f('delete');
	$file = Files::get($path);

	if (!$file || !$file->checkDeleteAccess($session)) {
		throw new UserException('Vous ne pouvez pas supprimer ce fichier');
	}

	$file->delete();

	Utils::redirect(Utils::getSelfURI());
}, $csrf_key);


$form->runIf(f('upload') || f('uploadHelper_mode'), function () use ($page) {
	if (f('uploadHelper_status') > 0) {
		throw new UserException('Un seul fichier peut être envoyé en même temps.');
	}