From ea02f84d210079fbd397f8ed3d92ad1d139e2afb Mon Sep 17 00:00:00 2001
From: Rasmus Fuhse <fuhse@data-quest.de>
Date: Thu, 4 Nov 2021 16:50:47 +0100
Subject: [PATCH] destroy everything
---
controllers/lamp.php | 8 +++-----
views/lamp/_linked_brainstorm.php | 2 +-
views/lamp/_voteable_brainstorm.php | 2 +-
views/lamp/brainstorm.php | 4 ++--
views/lamp/edit.php | 4 ++--
5 files changed, 9 insertions(+), 11 deletions(-)
diff --git a/controllers/lamp.php b/controllers/lamp.php
index 2afba19..5b9c2d4 100644
--- a/controllers/lamp.php
+++ b/controllers/lamp.php
@@ -45,7 +45,7 @@ class LampController extends PluginController {
throw new AccessDeniedException();
}
- if (Request::isPost() && Request::submitted('create')) {
+ if (Request::submitted('create')) {
CSRFProtection::verifySecurityToken();
$data['user_id'] = User::findCurrent()->id;
@@ -92,14 +92,12 @@ class LampController extends PluginController {
$this->brainstorm = new Brainstorm($id);
// Insert new subbrainstorm
- if (Request::isPost() && Request::submitted('create')) {
- CSRFProtection::verifySecurityToken();
+ if (Request::submitted('create')) {
$this->brainstorm->answer(Request::get('answer'));
}
// Check if vote is required
- if (Request::isPost() && Request::submitted('vote')) {
- CSRFProtection::verifySecurityToken();
+ if (Request::submitted('vote')) {
$brainstorm = new Brainstorm(Request::get('brainstorm_id'));
$brainstorm->vote(key(Request::getArray('vote')));
}
diff --git a/views/lamp/_linked_brainstorm.php b/views/lamp/_linked_brainstorm.php
index 1332367..4248a2e 100644
--- a/views/lamp/_linked_brainstorm.php
+++ b/views/lamp/_linked_brainstorm.php
@@ -3,7 +3,7 @@
<header>
<h1>
<a href="<?= $controller->url_for('lamp/brainstorm/' . $brainstorm->id) ?>">
- <?= htmlReady($brainstorm->title) ?>
+ <?= $brainstorm->title ?>
</a>
</h1>
<nav>
diff --git a/views/lamp/_voteable_brainstorm.php b/views/lamp/_voteable_brainstorm.php
index 4bed99b..d06462a 100644
--- a/views/lamp/_voteable_brainstorm.php
+++ b/views/lamp/_voteable_brainstorm.php
@@ -10,7 +10,7 @@
</form>
</nav>
<? if ($brainstorm->title) : ?>
- <h1><?= htmlReady($brainstorm->title) ?></h1>
+ <h1><?= $brainstorm->title ?></h1>
<? endif ?>
<div class='power'>
<?= $brainstorm->power ?>
diff --git a/views/lamp/brainstorm.php b/views/lamp/brainstorm.php
index ff4a52f..0914597 100644
--- a/views/lamp/brainstorm.php
+++ b/views/lamp/brainstorm.php
@@ -1,6 +1,6 @@
<? if ($brainstorm->parent) : ?>
<a href="<?= PluginEngine::getLink($plugin, array(), "lamp/brainstorm/".$brainstorm->parent->getId()) ?>" class="parent_brainstorm">
- <div class="title"><?= htmlReady($brainstorm->parent->title) ?></div>
+ <div class="title"><?= $brainstorm->parent->title ?></div>
<div class="body">
<?= formatReady($brainstorm->parent->text) ?>
</div>
@@ -17,7 +17,7 @@
<?= date("G:i d.m.Y", $brainstorm['mkdate']) ?>
</div>
<? if ($brainstorm->title) : ?>
- <h1><?= htmlReady($brainstorm->title) ?></h1>
+ <h1><?= $brainstorm->title ?></h1>
<? endif ?>
<div class="body">
<?= formatReady($brainstorm->text) ?>
diff --git a/views/lamp/edit.php b/views/lamp/edit.php
index 9fff647..87dd8d1 100644
--- a/views/lamp/edit.php
+++ b/views/lamp/edit.php
@@ -16,7 +16,7 @@
<input type="text"
name="brainstorm[title]"
required
- value="<?= htmlReady($brainstorm['title']) ?>"
+ value="<?= $brainstorm['title'] ?>"
placeholder="<?= dgettext("aladdin","Frage oder Thema") ?>">
</label>
<? endif ?>
@@ -25,7 +25,7 @@
<?= dgettext("aladdin",'Text') ?>
<textarea name="brainstorm[text]"
required
- placeholder="<?= dgettext("aladdin","Um was soll's gehen?") ?>"><?= htmlReady($brainstorm['text']) ?></textarea>
+ placeholder="<?= dgettext("aladdin","Um was soll's gehen?") ?>"><?= $brainstorm['text'] ?></textarea>
</label>
</fieldset>
--
GitLab