diff options
| -rw-r--r-- | mod/reportedcontent/views/default/reportedcontent/listing.php | 4 | ||||
| -rw-r--r-- | mod/sitepages/start.php | 1 | ||||
| -rw-r--r-- | views/default/output/confirmlink.php | 4 | ||||
| -rw-r--r-- | views/default/output/url.php | 2 |
4 files changed, 6 insertions, 5 deletions
diff --git a/mod/reportedcontent/views/default/reportedcontent/listing.php b/mod/reportedcontent/views/default/reportedcontent/listing.php index 54ebd6a27..99069cb8c 100644 --- a/mod/reportedcontent/views/default/reportedcontent/listing.php +++ b/mod/reportedcontent/views/default/reportedcontent/listing.php @@ -30,8 +30,8 @@ if($vars['entity']){ echo "<div class='admin_settings reported_content {$reportedcontent_background}'>"; echo "<div class='clearfloat controls'>"; if($report->state != 'archived') - echo "<a class='action_button' href=\"" . elgg_validate_action_url($vars['url'] . "action/reportedcontent/archive?item={$report->guid}") . "\">" . elgg_echo('reportedcontent:archive') . "</a>"; - echo "<a class='action_button disabled' href=\"" . elgg_validate_action_url($vars['url'] . "action/reportedcontent/delete?item={$report->guid}") . "\" onclick=\"return confirm('" . elgg_echo('reportedcontent:areyousure') . "')\">" . elgg_echo('reportedcontent:delete') . "</a></div>"; + echo "<a class='action_button' href=\"" . elgg_add_action_tokens_to_url($vars['url'] . "action/reportedcontent/archive?item={$report->guid}") . "\">" . elgg_echo('reportedcontent:archive') . "</a>"; + echo "<a class='action_button disabled' href=\"" . elgg_add_action_tokens_to_url($vars['url'] . "action/reportedcontent/delete?item={$report->guid}") . "\" onclick=\"return confirm('" . elgg_echo('reportedcontent:areyousure') . "')\">" . elgg_echo('reportedcontent:delete') . "</a></div>"; echo "<p><b>" . elgg_echo('reportedcontent:by') . ": </b><a href=\"{$user_url}\">" . $user . "</a>, " . friendly_time($report->time_created) . "</p>"; echo "<p><b>" . elgg_echo('reportedcontent:objecttitle') . ": </b>" . $report->title; echo "<br /><a onclick=\"elgg_slide_toggle(this,'.reported_content','.container{$id}');\" class='details_link'>" . elgg_echo('reportedcontent:moreinfo') . "</a></p>"; diff --git a/mod/sitepages/start.php b/mod/sitepages/start.php index 5be36842a..c7baa1314 100644 --- a/mod/sitepages/start.php +++ b/mod/sitepages/start.php @@ -13,6 +13,7 @@ * * @todo * Check for SQL injection problems. + * Force [[login_box]] in the logged out view. * Make sure this stuff doesn't show up in search. * Check entity keyword views against fullview. Force to FALSE? * DRY up actions and views diff --git a/views/default/output/confirmlink.php b/views/default/output/confirmlink.php index 9377426ad..c4c0e0bfa 100644 --- a/views/default/output/confirmlink.php +++ b/views/default/output/confirmlink.php @@ -20,7 +20,7 @@ if (!$confirm) { } // always generate missing action tokens -$link = elgg_validate_action_url($vars['href']); +$link = elgg_add_action_tokens_to_url($vars['href']); if (isset($vars['class']) && $vars['class']) { $class = 'class="' . $vars['class'] . '"'; @@ -28,4 +28,4 @@ if (isset($vars['class']) && $vars['class']) { $class = ''; } ?> -<a href="<?php echo $link; ?>" <?php echo $class; ?> onclick="return confirm('<?php echo addslashes($confirm); ?>');"><?php echo htmlentities($vars['text'], ENT_QUOTES, 'UTF-8'); ?></a>
\ No newline at end of file +<a href="<?php echo $link; ?>" <?php echo $class; ?> onclick="return confirm('<?php echo addslashes($confirm); ?>');"><?php echo htmlentities($vars['text'], ENT_QUOTES, 'UTF-8'); ?></a> diff --git a/views/default/output/url.php b/views/default/output/url.php index b77ffbf00..734df2c19 100644 --- a/views/default/output/url.php +++ b/views/default/output/url.php @@ -21,7 +21,7 @@ $url = trim($vars['href']); if (!empty($url)) { if (array_key_exists('is_action', $vars) && $vars['is_action']) { - $url = elgg_validate_action_url($url); + $url = elgg_add_action_tokens_to_url($url); } if (array_key_exists('target', $vars) && $vars['target']) { |