use POST when building search results, see #1026
This commit is contained in:
parent
4501763540
commit
a9e4c4bdb3
17 changed files with 22 additions and 32 deletions
|
@ -772,9 +772,7 @@ function make_form(string $target, string $method = "POST", bool $multipart = fa
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
if ($method == "GET") {
|
if ($method == "GET") {
|
||||||
$link = html_escape($target);
|
die("make_form: GET method is not supported");
|
||||||
$target = make_link($target);
|
|
||||||
$extra_inputs = "<input type='hidden' name='q' value='$link'>";
|
|
||||||
} else {
|
} else {
|
||||||
$extra_inputs = $user->get_auth_html();
|
$extra_inputs = $user->get_auth_html();
|
||||||
}
|
}
|
||||||
|
|
|
@ -25,7 +25,7 @@ class AutoTaggerTheme extends Themelet
|
||||||
";
|
";
|
||||||
|
|
||||||
$bulk_html = "
|
$bulk_html = "
|
||||||
".make_form(make_link("auto_tag/import"), 'post', true)."
|
".make_form(make_link("auto_tag/import"), 'POST', true)."
|
||||||
<input type='file' name='auto_tag_file'>
|
<input type='file' name='auto_tag_file'>
|
||||||
<input type='submit' value='Upload List'>
|
<input type='submit' value='Upload List'>
|
||||||
</form>
|
</form>
|
||||||
|
|
|
@ -101,7 +101,7 @@ class CommentListTheme extends Themelet
|
||||||
$html = '
|
$html = '
|
||||||
Delete comments by IP.
|
Delete comments by IP.
|
||||||
|
|
||||||
<br><br>'.make_form(make_link("comment/bulk_delete"), 'POST')."
|
<br><br>'.make_form(make_link("comment/bulk_delete"))."
|
||||||
<table class='form'>
|
<table class='form'>
|
||||||
<tr><th>IP Address</th> <td><input type='text' name='ip' size='15'></td></tr>
|
<tr><th>IP Address</th> <td><input type='text' name='ip' size='15'></td></tr>
|
||||||
<tr><td colspan='2'><input type='submit' value='Delete'></td></tr>
|
<tr><td colspan='2'><input type='submit' value='Delete'></td></tr>
|
||||||
|
|
|
@ -37,9 +37,8 @@ EOD
|
||||||
$contact_link = empty($contact_link) ? "" : "<br><a href='$contact_link'>Contact</a> –";
|
$contact_link = empty($contact_link) ? "" : "<br><a href='$contact_link'>Contact</a> –";
|
||||||
$search_html = "
|
$search_html = "
|
||||||
<div class='space' id='search'>
|
<div class='space' id='search'>
|
||||||
<form action='".search_link()."' method='GET'>
|
<form action='".search_link()."' method='POST'>
|
||||||
<input name='search' size='30' type='search' value='' class='autocomplete_tags' autofocus='autofocus' />
|
<input name='search' size='30' type='search' value='' class='autocomplete_tags' autofocus='autofocus' />
|
||||||
<input type='hidden' name='q' value='/post/list'>
|
|
||||||
<input type='submit' value='Search'/>
|
<input type='submit' value='Search'/>
|
||||||
</form>
|
</form>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -28,9 +28,9 @@ class Index extends Extension
|
||||||
{
|
{
|
||||||
global $cache, $config, $page, $user;
|
global $cache, $config, $page, $user;
|
||||||
if ($event->page_matches("post/list")) {
|
if ($event->page_matches("post/list")) {
|
||||||
if (isset($_GET['search'])) {
|
if (isset($_POST['search'])) {
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
$page->set_redirect(search_link(Tag::explode($_GET['search'], false)));
|
$page->set_redirect(search_link(Tag::explode($_POST['search'], false)));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -89,9 +89,8 @@ and of course start organising your images :-)
|
||||||
$h_search_string = html_escape(Tag::implode($search_terms));
|
$h_search_string = html_escape(Tag::implode($search_terms));
|
||||||
$h_search_link = search_link();
|
$h_search_link = search_link();
|
||||||
$h_search = "
|
$h_search = "
|
||||||
<p><form action='$h_search_link' method='GET'>
|
<p><form action='$h_search_link' method='POST'>
|
||||||
<input type='search' name='search' value='$h_search_string' placeholder='Search' class='autocomplete_tags' />
|
<input type='search' name='search' value='$h_search_string' placeholder='Search' class='autocomplete_tags' />
|
||||||
<input type='hidden' name='q' value='/post/list'>
|
|
||||||
<input type='submit' value='Find' style='display: none;' />
|
<input type='submit' value='Find' style='display: none;' />
|
||||||
</form>
|
</form>
|
||||||
";
|
";
|
||||||
|
|
|
@ -236,9 +236,9 @@ class Pools extends Extension
|
||||||
{
|
{
|
||||||
global $config, $database, $page, $user;
|
global $config, $database, $page, $user;
|
||||||
if ($event->page_matches("pool/list")) { //index
|
if ($event->page_matches("pool/list")) { //index
|
||||||
if (isset($_GET['search']) and $_GET['search'] != null) {
|
if (isset($_POST['search']) and $_POST['search'] != null) {
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
$page->set_redirect(make_link('pool/list').'/'.$_GET['search'].'/'.strval($event->try_page_num(1)));
|
$page->set_redirect(make_link('pool/list').'/'.url_escape($_POST['search']).'/'.strval($event->try_page_num(1)));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
if (count($event->args) >= 4) { // Assume first 2 args are search and page num
|
if (count($event->args) >= 4) { // Assume first 2 args are search and page num
|
||||||
|
|
|
@ -133,10 +133,9 @@ class PoolsTheme extends Themelet
|
||||||
SHM_A("pool/updated", "Pool Changes")
|
SHM_A("pool/updated", "Pool Changes")
|
||||||
);
|
);
|
||||||
|
|
||||||
$search = "<form action='".make_link('pool/list')."' method='GET'>
|
$search = "<form action='".make_link('pool/list')."' method='POST'>
|
||||||
<input name='search' type='text' style='width:75%'>
|
<input name='search' type='text' style='width:75%'>
|
||||||
<input type='submit' value='Go' style='width:20%'>
|
<input type='submit' value='Go' style='width:20%'>
|
||||||
<input type='hidden' name='q' value='pool/list'>
|
|
||||||
</form>";
|
</form>";
|
||||||
|
|
||||||
$page->add_block(new NavBlock());
|
$page->add_block(new NavBlock());
|
||||||
|
|
|
@ -14,15 +14,15 @@ class RandomList extends Extension
|
||||||
global $config, $page;
|
global $config, $page;
|
||||||
|
|
||||||
if ($event->page_matches("random")) {
|
if ($event->page_matches("random")) {
|
||||||
if (isset($_GET['search'])) {
|
if (isset($_POST['search'])) {
|
||||||
// implode(explode()) to resolve aliases and sanitise
|
// implode(explode()) to resolve aliases and sanitise
|
||||||
$search = url_escape(Tag::implode(Tag::explode($_GET['search'], false)));
|
$search = url_escape(Tag::implode(Tag::explode($_POST['search'], false)));
|
||||||
if (empty($search)) {
|
if (empty($search)) {
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
$page->set_redirect(make_link("random"));
|
$page->set_redirect(make_link("random"));
|
||||||
} else {
|
} else {
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
$page->set_redirect(make_link('random/'.$search));
|
$page->set_redirect(make_link('random/'.url_escape($search)));
|
||||||
}
|
}
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
@ -53,7 +53,6 @@ class RandomListTheme extends Themelet
|
||||||
$h_search = "
|
$h_search = "
|
||||||
<p><form action='$h_search_link' method='GET'>
|
<p><form action='$h_search_link' method='GET'>
|
||||||
<input type='search' name='search' value='$h_search_string' placeholder='Search random list' class='autocomplete_tags' />
|
<input type='search' name='search' value='$h_search_string' placeholder='Search random list' class='autocomplete_tags' />
|
||||||
<input type='hidden' name='q' value='/random'>
|
|
||||||
<input type='submit' value='Find' style='display: none;' />
|
<input type='submit' value='Find' style='display: none;' />
|
||||||
</form>
|
</form>
|
||||||
";
|
";
|
||||||
|
|
|
@ -26,7 +26,7 @@ class ResizeImageTheme extends Themelet
|
||||||
}
|
}
|
||||||
|
|
||||||
$html = rawHTML("
|
$html = rawHTML("
|
||||||
".make_form(make_link("resize/{$image->id}"), 'POST')."
|
".make_form(make_link("resize/{$image->id}"))."
|
||||||
<input type='hidden' name='image_id' value='{$image->id}'>
|
<input type='hidden' name='image_id' value='{$image->id}'>
|
||||||
<input id='original_width' name='original_width' type='hidden' value='{$image->width}'>
|
<input id='original_width' name='original_width' type='hidden' value='{$image->width}'>
|
||||||
<input id='original_height' name='original_height' type='hidden' value='{$image->height}'>
|
<input id='original_height' name='original_height' type='hidden' value='{$image->height}'>
|
||||||
|
|
|
@ -66,7 +66,7 @@ class SourceHistoryTheme extends Themelet
|
||||||
Revert source changes by a specific IP address or username, optionally limited to recent changes.
|
Revert source changes by a specific IP address or username, optionally limited to recent changes.
|
||||||
'.$validation_msg.'
|
'.$validation_msg.'
|
||||||
|
|
||||||
<br><br>'.make_form(make_link("source_history/bulk_revert"), 'POST')."
|
<br><br>'.make_form(make_link("source_history/bulk_revert"))."
|
||||||
<table class='form'>
|
<table class='form'>
|
||||||
<tr><th>Username</th> <td><input type='text' name='revert_name' size='15'></td></tr>
|
<tr><th>Username</th> <td><input type='text' name='revert_name' size='15'></td></tr>
|
||||||
<tr><th>IP Address</th> <td><input type='text' name='revert_ip' size='15'></td></tr>
|
<tr><th>IP Address</th> <td><input type='text' name='revert_ip' size='15'></td></tr>
|
||||||
|
|
|
@ -32,7 +32,7 @@ class TagEditTheme extends Themelet
|
||||||
public function mss_html(string $terms): string
|
public function mss_html(string $terms): string
|
||||||
{
|
{
|
||||||
$h_terms = html_escape($terms);
|
$h_terms = html_escape($terms);
|
||||||
$html = make_form(make_link("tag_edit/mass_source_set"), "POST") . "
|
$html = make_form(make_link("tag_edit/mass_source_set")) . "
|
||||||
<input type='hidden' name='tags' value='$h_terms'>
|
<input type='hidden' name='tags' value='$h_terms'>
|
||||||
<input type='text' name='source' value=''>
|
<input type='text' name='source' value=''>
|
||||||
<input type='submit' value='Set Source For All' onclick='return confirm(\"This will mass-edit all sources on the page.\\nAre you sure you want to do this?\")'>
|
<input type='submit' value='Set Source For All' onclick='return confirm(\"This will mass-edit all sources on the page.\\nAre you sure you want to do this?\")'>
|
||||||
|
|
|
@ -98,8 +98,7 @@ class ViewPostTheme extends Themelet
|
||||||
{
|
{
|
||||||
$h_pin = $this->build_pin($image);
|
$h_pin = $this->build_pin($image);
|
||||||
$h_search = "
|
$h_search = "
|
||||||
<p><form action='".make_link()."' method='GET'>
|
<p><form action='".search_link()."' method='POST'>
|
||||||
<input type='hidden' name='q' value='/post/list'>
|
|
||||||
<input type='search' name='search' placeholder='Search' class='autocomplete_tags'>
|
<input type='search' name='search' placeholder='Search' class='autocomplete_tags'>
|
||||||
<input type='submit' value='Find' style='display: none;'>
|
<input type='submit' value='Find' style='display: none;'>
|
||||||
</form>
|
</form>
|
||||||
|
|
|
@ -47,11 +47,10 @@ class CustomIndexTheme extends IndexTheme
|
||||||
protected function build_navigation(int $page_number, int $total_pages, array $search_terms): string
|
protected function build_navigation(int $page_number, int $total_pages, array $search_terms): string
|
||||||
{
|
{
|
||||||
$h_search_string = count($search_terms) == 0 ? "" : html_escape(implode(" ", $search_terms));
|
$h_search_string = count($search_terms) == 0 ? "" : html_escape(implode(" ", $search_terms));
|
||||||
$h_search_link = make_link();
|
$h_search_link = search_link();
|
||||||
return "
|
return "
|
||||||
<p><form action='$h_search_link' method='GET'>
|
<p><form action='$h_search_link' method='POST'>
|
||||||
<input name='search' type='text' value='$h_search_string' class='autocomplete_tags' placeholder='Search' />
|
<input name='search' type='text' value='$h_search_string' class='autocomplete_tags' placeholder='Search' />
|
||||||
<input type='hidden' name='q' value='/post/list'>
|
|
||||||
<input type='submit' value='Find' style='display: none;' />
|
<input type='submit' value='Find' style='display: none;' />
|
||||||
</form>
|
</form>
|
||||||
<div id='search_completions'></div>";
|
<div id='search_completions'></div>";
|
||||||
|
|
|
@ -31,12 +31,11 @@ class CustomIndexTheme extends IndexTheme
|
||||||
protected function build_navigation(int $page_number, int $total_pages, array $search_terms): string
|
protected function build_navigation(int $page_number, int $total_pages, array $search_terms): string
|
||||||
{
|
{
|
||||||
$h_search_string = count($search_terms) == 0 ? "" : html_escape(implode(" ", $search_terms));
|
$h_search_string = count($search_terms) == 0 ? "" : html_escape(implode(" ", $search_terms));
|
||||||
$h_search_link = make_link();
|
$h_search_link = search_link();
|
||||||
return "
|
return "
|
||||||
<p><form action='$h_search_link' method='GET'>
|
<p><form action='$h_search_link' method='POST'>
|
||||||
<input name='search' type='text' value='$h_search_string' class='autocomplete_tags' placeholder='' style='width:75%'/>
|
<input name='search' type='text' value='$h_search_string' class='autocomplete_tags' placeholder='' style='width:75%'/>
|
||||||
<input type='submit' value='Go' style='width:20%'>
|
<input type='submit' value='Go' style='width:20%'>
|
||||||
<input type='hidden' name='q' value='/post/list'>
|
|
||||||
</form>
|
</form>
|
||||||
<div id='search_completions'></div>";
|
<div id='search_completions'></div>";
|
||||||
}
|
}
|
||||||
|
|
|
@ -71,10 +71,9 @@ class CustomViewPostTheme extends ViewPostTheme
|
||||||
{
|
{
|
||||||
//$h_pin = $this->build_pin($image);
|
//$h_pin = $this->build_pin($image);
|
||||||
$h_search = "
|
$h_search = "
|
||||||
<form action='".make_link()."' method='GET'>
|
<form action='".search_link()."' method='POST'>
|
||||||
<input name='search' type='text' style='width:75%'>
|
<input name='search' type='text' style='width:75%'>
|
||||||
<input type='submit' value='Go' style='width:20%'>
|
<input type='submit' value='Go' style='width:20%'>
|
||||||
<input type='hidden' name='q' value='/post/list'>
|
|
||||||
</form>
|
</form>
|
||||||
";
|
";
|
||||||
|
|
||||||
|
|
Reference in a new issue