From 470d61abafc0f32293374eeee26696a3c482566c Mon Sep 17 00:00:00 2001 From: Madhura Jayaratne Date: Fri, 8 May 2015 15:40:47 +0530 Subject: [PATCH] bug #4894 Deleting without confirmation Signed-off-by: Madhura Jayaratne --- ChangeLog | 1 + js/functions.js | 23 ++++++++++++----- js/sql.js | 20 +++++++++------ libraries/DisplayResults.class.php | 2 +- libraries/Util.class.php | 40 +++++++++++++++++++----------- 5 files changed, 56 insertions(+), 30 deletions(-) diff --git a/ChangeLog b/ChangeLog index 59b892e6f2de..83a77c17393f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,7 @@ phpMyAdmin - ChangeLog 4.4.7.0 (not yet released) - bug #4876 Settings issues (Favorite tables shown twice in Settings) - bug #4896 Non-styled error page when following results link +- bug #4894 Deleting without confirmation 4.4.6.0 (2015-05-07) - bug #4890 webkitStorageInfo and webkitIndexedDB is deprecated diff --git a/js/functions.js b/js/functions.js index a81062617d3d..45b59a01471e 100644 --- a/js/functions.js +++ b/js/functions.js @@ -3823,13 +3823,10 @@ AJAX.registerOnload('functions.js', function () { * Enables the text generated by PMA_Util::linkOrButton() to be clickable */ $(document).on('click', 'a.formLinkSubmit', function (e) { - - if ($(this).attr('href').indexOf('=') != -1) { - var data = $(this).attr('href').substr($(this).attr('href').indexOf('#') + 1).split('=', 2); - $(this).parents('form').append(''); + if (! $(this).hasClass('requireConfirm')) { + submitFormLink($(this)); + return false; } - $(this).parents('form').submit(); - return false; }); if ($('#update_recent_tables').length) { @@ -3866,6 +3863,20 @@ AJAX.registerOnload('functions.js', function () { } }); // end of $() +/** + * Submits the form placed in place of a link due to the excessive url length + * + * @param $link anchor + * @returns {Boolean} + */ +function submitFormLink($link) +{ + if ($link.attr('href').indexOf('=') != -1) { + var data = $link.attr('href').substr($link.attr('href').indexOf('#') + 1).split('=', 2); + $link.parents('form').append(''); + } + $link.parents('form').submit(); +} /** * Initializes slider effect. diff --git a/js/sql.js b/js/sql.js index f80923b21f98..af1dd1c0df5b 100644 --- a/js/sql.js +++ b/js/sql.js @@ -155,14 +155,18 @@ AJAX.registerOnload('sql.js', function () { var $link = $(this); $link.PMA_confirm(question, $link.attr('href'), function (url) { $msgbox = PMA_ajaxShowMessage(); - $.get(url, {'ajax_request': true, 'is_js_confirmed': true}, function (data) { - if (data.success) { - PMA_ajaxShowMessage(data.message); - $link.closest('tr').remove(); - } else { - PMA_ajaxShowMessage(data.error, false); - } - }); + if ($link.hasClass('formLinkSubmit')) { + submitFormLink($link); + } else { + $.get(url, {'ajax_request': true, 'is_js_confirmed': true}, function (data) { + if (data.success) { + PMA_ajaxShowMessage(data.message); + $link.closest('tr').remove(); + } else { + PMA_ajaxShowMessage(data.error, false); + } + }); + } }); }); diff --git a/libraries/DisplayResults.class.php b/libraries/DisplayResults.class.php index 8b983fb3de00..f15e72ca6395 100644 --- a/libraries/DisplayResults.class.php +++ b/libraries/DisplayResults.class.php @@ -5550,7 +5550,7 @@ private function _getDeleteLink($del_url, $del_str, $js_conf, $class) $ajax = PMA_Response::getInstance()->isAjax() ? ' ajax' : ''; $ret .= 'center" ' . ' >' . PMA_Util::linkOrButton( - $del_url, $del_str, array('class' => 'delete_row' . $ajax), false + $del_url, $del_str, array('class' => 'delete_row requireConfirm' . $ajax), false ) . '
' . $js_conf . '
' . ''; diff --git a/libraries/Util.class.php b/libraries/Util.class.php index 1521fd32ae93..9ac202bcbf81 100644 --- a/libraries/Util.class.php +++ b/libraries/Util.class.php @@ -1797,15 +1797,6 @@ public static function linkOrButton( $tag_params['target'] = htmlentities($target); } - $tag_params_strings = array(); - foreach ($tag_params as $par_name => $par_value) { - // htmlspecialchars() only on non javascript - $par_value = /*overload*/mb_substr($par_name, 0, 2) == 'on' - ? $par_value - : htmlspecialchars($par_value); - $tag_params_strings[] = $par_name . '="' . $par_value . '"'; - } - $displayed_message = ''; // Add text if not already added if (stristr($message, ' $par_value) { + // htmlspecialchars() only on non javascript + $par_value = /*overload*/mb_substr($par_name, 0, 2) == 'on' + ? $par_value + : htmlspecialchars($par_value); + $tag_params_strings[] = $par_name . '="' . $par_value . '"'; + } + // no whitespace within an else Safari will make it part of the link $ret = "\n" . '' @@ -1850,11 +1850,6 @@ public static function linkOrButton( // or after the hidden fields // IE will display them all - // add class=link to submit button - if (empty($tag_params['class'])) { - $tag_params['class'] = 'link'; - } - if (! isset($query_parts)) { $query_parts = self::splitURLQuery($url); } @@ -1886,7 +1881,22 @@ public static function linkOrButton( . htmlspecialchars(urldecode($eachval)) . '" />'; } // end while - $ret .= "\n" . ' $par_value) { + // htmlspecialchars() only on non javascript + $par_value = /*overload*/mb_substr($par_name, 0, 2) == 'on' + ? $par_value + : htmlspecialchars($par_value); + $tag_params_strings[] = $par_name . '="' . $par_value . '"'; + } + + $ret .= "\n" . '' . $message . ' ' . $displayed_message . '' . "\n";