public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-13 17:15:55 +00:00
Code Issues Releases Wiki Activity

* add (disabled) shortcut syntax for plugin methods

Browse Source 
* add controls shortcut for pluginhandler tags
 * add similar shortcut for frontend
 * allow plugins to selectively exclude their methods from CSRF checking
This commit is contained in:
Andrew Dolgov
2021-02-17 21:44:21 +03:00
parent b16abc157e
commit e4609c18ef
19 changed files with 65 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
plugins/af_redditimgur/init.php
View File

@@ -41,9 +41,7 @@ class Af_RedditImgur extends Plugin {
<form dojoType='dijit.form.Form'>
<?= \Controls\hidden_tag("op", "pluginhandler") ?>
<?= \Controls\hidden_tag("method", "save") ?>
<?= \Controls\hidden_tag("plugin", "af_redditimgur") ?>
<?= \Controls\pluginhandler_tags($this, "save") ?>
<script type='dojo/method' event='onSubmit' args='evt'>
evt.preventDefault();
@@ -633,6 +631,10 @@ class Af_RedditImgur extends Plugin {
$entry->parentNode->insertBefore($img, $entry);*/
}
function csrf_ignore($method) {
return $method === "testurl";
}
function testurl() {
$url = clean($_POST["url"]);
@@ -651,7 +653,6 @@ class Af_RedditImgur extends Plugin {
<input type="hidden" name="op" value="pluginhandler">
<input type="hidden" name="method" value="testurl">
<input type="hidden" name="plugin" value="af_redditimgur">
<input type="hidden" name="csrf_token" value="<?= $_SESSION["csrf_token"] ?>">
<fieldset>
<label>URL:</label>
<input name="url" size="100" value="<?= htmlspecialchars($url) ?>"></input>