diff options
-rw-r--r-- | web/html/index.php | 4 | ||||
-rw-r--r-- | web/template/pkg_details.php | 6 |
2 files changed, 6 insertions, 4 deletions
diff --git a/web/html/index.php b/web/html/index.php index 1cb48ac..be6c98d 100644 --- a/web/html/index.php +++ b/web/html/index.php @@ -59,10 +59,6 @@ if (!empty($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) { return; } - if (isset($_COOKIE['AURSID'])) { - $_POST['token'] = $_COOKIE['AURSID']; - } - $_POST['IDs'] = array(pkgid_from_name($tokens[2]) => '1'); } } diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index bd54923..0484924 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -41,6 +41,7 @@ $sources = package_sources($row["ID"]); <?php if ($row["OutOfDateTS"] === NULL): ?> <li> <form action="<?= get_pkg_uri($row['Name']) . 'flag/'; ?>" method="post"> + <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> <input type="submit" class="button text-button" name="do_Flag" value="<?= __('Flag package out-of-date') ?>" /> </form> </li> @@ -48,6 +49,7 @@ $sources = package_sources($row["ID"]); ($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?> <li> <form action="<?= get_pkg_uri($row['Name']) . 'unflag/'; ?>" method="post"> + <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> <input type="submit" class="button text-button" name="do_UnFlag" value="<?= __('Unflag package') ?>" /> </form> </li> @@ -55,12 +57,14 @@ $sources = package_sources($row["ID"]); <?php if (user_voted($uid, $row['ID'])): ?> <li> <form action="<?= get_pkg_uri($row['Name']) . 'unvote/'; ?>" method="post"> + <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> <input type="submit" class="button text-button" name="do_UnVote" value="<?= __('Remove vote') ?>" /> </form> </li> <?php else: ?> <li> <form action="<?= get_pkg_uri($row['Name']) . 'vote/'; ?>" method="post"> + <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> <input type="submit" class="button text-button" name="do_Vote" value="<?= __('Vote for this package') ?>" /> </form> </li> @@ -68,12 +72,14 @@ $sources = package_sources($row["ID"]); <?php if (user_notify($uid, $row['ID'])): ?> <li> <form action="<?= get_pkg_uri($row['Name']) . 'unnotify/'; ?>" method="post"> + <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> <input type="submit" class="button text-button" name="do_UnNotify" value="<?= __('Disable notifications') ?>" /> </form> </li> <?php else: ?> <li> <form action="<?= get_pkg_uri($row['Name']) . 'notify/'; ?>" method="post"> + <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> <input type="submit" class="button text-button" name="do_Notify" value="<?= __('Notify of new comments') ?>" /> </form> </li> |