Changing from GET to POST.

2012-02-08 14:10:33 -05:00 · 2012-02-08 14:10:33 -05:00 · 2da3cb2812
commit 2da3cb2812
parent 795160f8eb
2 changed files with 26 additions and 23 deletions
--- a/contrib/pools/main.php
+++ b/contrib/pools/main.php
@ -137,32 +137,32 @@ class Pools extends SimpleExtension {
 					break;
 				case "edit":
-					$poolID = int_escape($event->get_arg(1));
+					//$poolID = int_escape($event->get_arg(1));
-					$pools = $this->get_pool($poolID);
+					//$pools = $this->get_pool($poolID);
-					foreach($pools as $pool) {
+					//foreach($pools as $pool) {
 						if ($this->have_permission($user, $pool)) {
 							$this->theme->edit_pool($page, $this->get_pool($poolID), $this->edit_posts($poolID));
 						} else {
 							$page->set_mode("redirect");
 							$page->set_redirect(make_link("pool/view/".$poolID));
 						}
-					}
+					//}
 					break;
 				case "order":
-					if($_SERVER["REQUEST_METHOD"] == "GET") {
+					if (isset($_POST["order_view"])) {
-						$poolID = int_escape($event->get_arg(1));
+						//$poolID = int_escape($event->get_arg(1));
-						$pools = $this->get_pool($poolID);
+						//$pools = $this->get_pool($poolID);
-						foreach($pools as $pool) {
+						//foreach($pools as $pool) {
 							if ($this->have_permission($user, $pool)) {
 								$this->theme->edit_order($page, $this->get_pool($poolID), $this->edit_order($poolID));
 							} else {
 								$page->set_mode("redirect");
 								$page->set_redirect(make_link("pool/view/".$poolID));
 							}
-						}
+						//}
 					}
 					else {
 						if ($this->have_permission($user, $pool)) {
--- a/contrib/pools/theme.php
+++ b/contrib/pools/theme.php
@ -168,21 +168,24 @@ class PoolsTheme extends Themelet {
 	public function sidebar_options(Page $page, $pool, $check_all) {
 		global $user;
-		$editor = "
+		$editor = "\n".make_form( make_link('pool/import') ).'
-			".make_form(make_link("pool/import"))."
+				<input type="text" name="pool_tag" id="edit_pool_tag" value="Please enter a tag" onclick="this.value=\'\';"/>
-			<input type='text' name='pool_tag' id='edit_pool_tag' value='Please enter a tag' onclick='this.value=\"\";'/>
+				<input type="submit" name="edit" id="edit_pool_import_btn" value="Import"/>
-			<input type='submit' name='edit' id='edit_pool_import_btn' value='Import'/>
+				<input type="hidden" name="pool_id" value="'.$pool['id'].'">
 			<input type='hidden' name='pool_id' value='".$pool['id']."'>
 			</form>
-			<form method='GET' action='".make_link("pool/edit/".$pool['id'])."'>
+			'.make_form( make_link('pool/edit') ).'
-			<input type='submit' name='edit' id='edit_pool_btn' value='Edit Pool'/>
+				<input type="submit" name="edit" id="edit_pool_btn" value="Edit Pool"/>
 				<input type="hidden" name="edit_pool" value="yes">
 				<input type="hidden" name="pool_id" value="'.$pool['id'].'">
 			</form>
-			<form method='GET' action='".make_link("pool/order/".$pool['id'])."'>
+			'.make_form( make_link('pool/order') ).'
-			<input type='submit' name='edit' id='edit_pool_order_btn' value='Order Pool'/>
+				<input type="submit" name="edit" id="edit_pool_order_btn" value="Order Pool"/>
 				<input type="hidden" name="order_view" value="yes">
 				<input type="hidden" name="pool_id" value="'.$pool['id'].'">
 			</form>
-			";
+			';
 		if($user->id == $pool['user_id'] || $user->is_admin()){
 			$editor .= "
@ -193,8 +196,8 @@ class PoolsTheme extends Themelet {
 				</script>
 				".make_form(make_link("pool/nuke"))."
-				<input type='submit' name='delete' id='delete_pool_btn' value='Delete Pool' onclick='return confirm_action()' />
+					<input type='submit' name='delete' id='delete_pool_btn' value='Delete Pool' onclick='return confirm_action()' />
-				<input type='hidden' name='pool_id' value='".$pool['id']."'>
+					<input type='hidden' name='pool_id' value='".$pool['id']."'>
 				</form>
 				";
 		}