diff options
author | Steve Beaver <sbeaver@netgate.com> | 2017-02-08 15:23:39 -0500 |
---|---|---|
committer | Steve Beaver <sbeaver@netgate.com> | 2017-02-08 15:23:39 -0500 |
commit | f0136b178022cf3b04a6c3d577d457cf3bc03418 (patch) | |
tree | 5eb0e7b4946b9798061f1928127875a7c329c0cf /src/usr/local | |
parent | d3f59a8c0cb2e6f67c1ba6356bb6da3fb70c67ef (diff) | |
download | pfsense-f0136b178022cf3b04a6c3d577d457cf3bc03418.zip pfsense-f0136b178022cf3b04a6c3d577d457cf3bc03418.tar.gz |
Automatic GET to POST functions moved to pfSenseHelpers.js so they can be used by any page
Diffstat (limited to 'src/usr/local')
-rw-r--r-- | src/usr/local/www/js/pfSenseHelpers.js | 59 | ||||
-rw-r--r-- | src/usr/local/www/system_usermanager.php | 78 |
2 files changed, 59 insertions, 78 deletions
diff --git a/src/usr/local/www/js/pfSenseHelpers.js b/src/usr/local/www/js/pfSenseHelpers.js index f17e422..73db900 100644 --- a/src/usr/local/www/js/pfSenseHelpers.js +++ b/src/usr/local/www/js/pfSenseHelpers.js @@ -653,7 +653,6 @@ function moveOptions(From, To) { } } - // ------------- Service start/stop/restart functions. // If a start/stop/restart button is clicked, parse the button name and make a POST via AJAX $('[id*=restartservice-], [id*=stopservice-], [id*=startservice-]').click(function(event) { @@ -698,3 +697,61 @@ $('[id*=restartservice-], [id*=stopservice-], [id*=startservice-]').click(functi location.reload(true); }); }); + +// The scripts that follow are an EXPERIMENT in using jQuery/Javascript to automatically convert +// GET calls to POST calls +// Any anchor with the attribute "usepost" usses these functions. In this file "Edit user", "Delete user" and "Add" +// have that attribute +// These function can be moved to an included file + +// Any time an anchor is clicked and the "usepost" attibute is present, convert the href attribute +// to POST format, make a POST form and submit it +$('a').click(function(e) { + // Does the clicked anchor have the "usepost" attribute? + var attr = $(this).attr('usepost'); + + if (typeof attr !== typeof undefined && attr !== false) { + var href = $(this).attr("href"); + + postSubmit(get2post(href)); + + return false; + } +}); + +// Convert a GET argument list such as ?name=fred&action=delete into an array of POST +// parameters such as [[name, fred],[action, delete]] +function get2post(getargs) { + var arglist = new Array(); + + getargs = getargs.substring(getargs.indexOf("?") + 1); + var argarray = getargs.split('&'); + + for (var i=0;i<argarray.length;i++) { + var thisarg = argarray[i].split('='); + var arg = new Array(thisarg[0], thisarg[1]); + arglist[i] = arg; + } + + return arglist; +} + +// Create a form, add, the POST data and submit it +function postSubmit(data) { + + var form = $(document.createElement('form')); + + $(form).attr("method", "POST"); + + for (var i=0;i<data.length;i++) { + var input = $("<input>").attr("type", "hidden").attr("name", data[i][0]).val(data[i][1]); + $(form).append($(input)); + } + + // The CSRF magic is required because we will be viewing the results of the POST + var input = $("<input>").attr("type", "hidden").attr("name", "__csrf_magic").val($('[name=__csrf_magic]').val()); + $(form).append($(input)); + + $(form).appendTo('body').submit(); +} + diff --git a/src/usr/local/www/system_usermanager.php b/src/usr/local/www/system_usermanager.php index bcb378c..e4f8625 100644 --- a/src/usr/local/www/system_usermanager.php +++ b/src/usr/local/www/system_usermanager.php @@ -41,21 +41,12 @@ if (isset($_POST['userid']) && is_numericint($_POST['userid'])) { $id = $_POST['userid']; } -if (isset($_GET['userid']) && is_numericint($_GET['userid'])) { - $id = $_GET['userid']; -} - if (!isset($config['system']['user']) || !is_array($config['system']['user'])) { $config['system']['user'] = array(); } $a_user = &$config['system']['user']; - -if (isset($_POST['act'])) { - $act = $_POST['act']; -} else { - $act = $_GET['act']; -} +$act = $_POST['act']; if (isset($_SERVER['HTTP_REFERER'])) { $referer = $_SERVER['HTTP_REFERER']; @@ -653,73 +644,6 @@ foreach ($a_user as $i => $userent): ?></div> -<script type="text/javascript"> -//<![CDATA[ - -// The scripts that follow are an EXPERIMENT in using jQuery/Javascript to automatically convert -// GET calls to POST calls -// Any anchor with the attribute "usepost" usses these functions. In this file "Edit user", "Delete user" and "Add" -// have that attribute -// These function can be moved to an included file - -events.push(function() { - - // Any time an anchor is clicked and the "usepost" attibute is present, convert the href attribute - // to POST format, make a POST form and submit it - $('a').click(function(e) { - // Does the clicked anchor have the "usepost" attribute? - var attr = $(this).attr('usepost'); - - if (typeof attr !== typeof undefined && attr !== false) { - var href = $(this).attr("href"); - - postSubmit(get2post(href)); - - return false; - } - }); - - - // Convert a GET argument list such as ?name=fred&action=delete into an array of POST - // parameters such as [[name, fred],[action, delete]] - function get2post(getargs) { - var arglist = new Array(); - - getargs = getargs.substring(getargs.indexOf("?") + 1); - var argarray = getargs.split('&'); - - for (var i=0;i<argarray.length;i++) { - var thisarg = argarray[i].split('='); - var arg = new Array(thisarg[0], thisarg[1]); - arglist[i] = arg; - } - - return arglist; - } - - // Create a form, add, the POST data and submit it - function postSubmit(data) { - - var form = $(document.createElement('form')); - - $(form).attr("method", "POST"); - - for (var i=0;i<data.length;i++) { - var input = $("<input>").attr("type", "hidden").attr("name", data[i][0]).val(data[i][1]); - $(form).append($(input)); - } - - // The CSRF magic is required because we will be viewing the results of the POST - var input = $("<input>").attr("type", "hidden").attr("name", "__csrf_magic").val($('[name=__csrf_magic]').val()); - $(form).append($(input)); - - $(form).appendTo('body').submit(); - } - -}); -//]]> -</script> - <?php include("foot.inc"); exit; |