diff options
| author | Andrew Dolgov <[email protected]> | 2020-09-15 18:08:08 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2020-09-15 18:08:08 +0300 |
| commit | 0a142912d3cf9ffa226b5b024b1cf5c7a150d7e2 (patch) | |
| tree | 5f82f3a474ff432fc05c0ec63a2f047808560c71 | |
| parent | 154417d80b9f1ffb9d5d9fcbe2e6ab1dd15159bd (diff) | |
backend handler: require CSRF, remove obsolete code
| -rw-r--r-- | classes/backend.php | 78 | ||||
| -rw-r--r-- | js/App.js | 18 |
2 files changed, 12 insertions, 84 deletions
diff --git a/classes/backend.php b/classes/backend.php index 5bd724728..dad40a269 100644 --- a/classes/backend.php +++ b/classes/backend.php @@ -1,12 +1,6 @@ <?php -class Backend extends Handler { - function loading() { - header("Content-type: text/html"); - print __("Loading, please wait...") . " " . - "<img src='images/indicator_tiny.gif'>"; - } - - function digestTest() { +class Backend extends Handler_Protected { + /* function digestTest() { if (isset($_SESSION['uid'])) { header("Content-type: text/html"); @@ -19,73 +13,7 @@ class Backend extends Handler { } else { print error_json(6); } - } - - private function display_main_help() { - $info = get_hotkeys_info(); - $imap = get_hotkeys_map(); - $omap = array(); - - foreach ($imap[1] as $sequence => $action) { - if (!isset($omap[$action])) $omap[$action] = array(); - - array_push($omap[$action], $sequence); - } - - print "<ul class='panel panel-scrollable hotkeys-help' style='height : 300px'>"; - - print "<h2>" . __("Keyboard Shortcuts") . "</h2>"; - - foreach ($info as $section => $hotkeys) { - - print "<li><hr></li>"; - print "<li><h3>" . $section . "</h3></li>"; - - foreach ($hotkeys as $action => $description) { - - if (is_array($omap[$action])) { - foreach ($omap[$action] as $sequence) { - if (strpos($sequence, "|") !== FALSE) { - $sequence = substr($sequence, - strpos($sequence, "|")+1, - strlen($sequence)); - } else { - $keys = explode(" ", $sequence); - - for ($i = 0; $i < count($keys); $i++) { - if (strlen($keys[$i]) > 1) { - $tmp = ''; - foreach (str_split($keys[$i]) as $c) { - switch ($c) { - case '*': - $tmp .= __('Shift') . '+'; - break; - case '^': - $tmp .= __('Ctrl') . '+'; - break; - default: - $tmp .= $c; - } - } - $keys[$i] = $tmp; - } - } - $sequence = join(" ", $keys); - } - - print "<li>"; - print "<div class='hk'><code>$sequence</code></div>"; - print "<div class='desc'>$description</div>"; - print "</li>"; - } - } - } - } - - print "</ul>"; - - - } + } */ function help() { $topic = basename(clean($_REQUEST["topic"])); // only one for now @@ -300,19 +300,19 @@ const App = { } }, helpDialog: function(topic) { - const query = "backend.php?op=backend&method=help&topic=" + encodeURIComponent(topic); - if (dijit.byId("helpDlg")) dijit.byId("helpDlg").destroyRecursive(); - const dialog = new dijit.Dialog({ - id: "helpDlg", - title: __("Help"), - style: "width: 600px", - href: query, - }); + xhrPost("backend.php", {op: "backend", method: "help", topic: topic}, (transport) => { + const dialog = new dijit.Dialog({ + id: "helpDlg", + title: __("Help"), + style: "width: 600px", + content: transport.responseText, + }); - dialog.show(); + dialog.show(); + }); }, displayDlg: function(title, id, param, callback) { Notify.progress("Loading, please wait...", true); |