[FEATURE] Follow up: Remove further form targets

Follow up for commit a12b04d2670d2916008e53b4f5a2cc5f158cb998.

Remove further form action targets, if these forms should be send
to the same page anyway. In this case we may safely omnit the
action attribute and safe some path constructions.

diff --git a/admin.php b/admin.php
index e4321dbce9a59160851608d06908aca88d1a050f..230c512954dabe8c54dfc0a14ea53c511e240d57 100644 (file)
--- a/admin.php
+++ b/admin.php
@@ -78,7 +78,7 @@ if (php_sapi_name() == "cli") {
   elseif ((!isset($_SESSION['admin_auth']) || $_SESSION['admin_auth'] != true)
           && empty($cfg['admin_http_auth_user'])) {
       require(JIRAFEAU_ROOT . 'lib/template/header.php'); ?>
   elseif ((!isset($_SESSION['admin_auth']) || $_SESSION['admin_auth'] != true)
           && empty($cfg['admin_http_auth_user'])) {
       require(JIRAFEAU_ROOT . 'lib/template/header.php'); ?>

-      <form action = "<?php echo basename(__FILE__); ?>" method = "post">
+      <form method="post">

       <fieldset>
           <table>
           <tr>
       <fieldset>
           <table>
           <tr>


@@ -138,7 +138,7 @@ if (php_sapi_name() == "cli") {
           ?><div id = "admin">
           <fieldset><legend><?php echo t('Actions'); ?></legend>
           <table>
           ?><div id = "admin">
           <fieldset><legend><?php echo t('Actions'); ?></legend>
           <table>

-          <form action = "<?php echo basename(__FILE__); ?>" method = "post">
+          <form method="post">

           <tr>
               <input type = "hidden" name = "action" value = "clean"/>
               <td class = "info">
           <tr>
               <input type = "hidden" name = "action" value = "clean"/>
               <td class = "info">


@@ -150,7 +150,7 @@ if (php_sapi_name() == "cli") {
               </td>
           </tr>
           </form>
               </td>
           </tr>
           </form>

-          <form action = "<?php echo basename(__FILE__); ?>" method = "post">
+          <form method="post">

           <tr>
               <input type = "hidden" name = "action" value = "clean_async"/>
               <td class = "info">
           <tr>
               <input type = "hidden" name = "action" value = "clean_async"/>
               <td class = "info">


@@ -162,7 +162,7 @@ if (php_sapi_name() == "cli") {
               </td>
           </tr>
           </form>
               </td>
           </tr>
           </form>

-          <form action = "<?php echo basename(__FILE__); ?>" method = "post">
+          <form method="post">

           <tr>
               <input type = "hidden" name = "action" value = "list"/>
               <td class = "info">
           <tr>
               <input type = "hidden" name = "action" value = "list"/>
               <td class = "info">


@@ -174,7 +174,7 @@ if (php_sapi_name() == "cli") {
               </td>
           </tr>
           </form>
               </td>
           </tr>
           </form>

-          <form action = "<?php echo basename(__FILE__); ?>" method = "post">
+          <form method="post">

           <tr>
               <input type = "hidden" name = "action" value = "search_by_name"/>
               <td class = "info">
           <tr>
               <input type = "hidden" name = "action" value = "search_by_name"/>
               <td class = "info">


@@ -188,7 +188,7 @@ if (php_sapi_name() == "cli") {
               </td>
           </tr>
           </form>
               </td>
           </tr>
           </form>

-          <form action = "<?php echo basename(__FILE__); ?>" method = "post">
+          <form method="post">

           <tr>
               <input type = "hidden" name = "action" value = "search_by_file_hash"/>
               <td class = "info">
           <tr>
               <input type = "hidden" name = "action" value = "search_by_file_hash"/>
               <td class = "info">


@@ -202,7 +202,7 @@ if (php_sapi_name() == "cli") {
               </td>
           </tr>
           </form>
               </td>
           </tr>
           </form>

-          <form action = "<?php echo basename(__FILE__); ?>" method = "post">
+          <form method="post">

           <tr>
               <input type = "hidden" name = "action" value = "search_link"/>
               <td class = "info">
           <tr>
               <input type = "hidden" name = "action" value = "search_link"/>
               <td class = "info">


@@ -217,7 +217,7 @@ if (php_sapi_name() == "cli") {
           </tr>
           </form>
           </table>
           </tr>
           </form>
           </table>

-          <form action = "<?php echo basename(__FILE__); ?>" method = "post">
+          <form method="post">

               <input type = "hidden" name = "action" value = "logout" />
               <input type = "submit" value = "<?php echo t('Logout'); ?>" />
           </form>
               <input type = "hidden" name = "action" value = "logout" />
               <input type = "submit" value = "<?php echo t('Logout'); ?>" />
           </form>

diff --git a/index.php b/index.php
index 39eded554b55cff0b65e5c55e0584e1683e35d2f..6d1dc10afeb99d51644376f5a2f7f9250052e5d0 100644 (file)
--- a/index.php
+++ b/index.php
@@ -61,7 +61,7 @@ if (!jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) {
         /* Show auth page. */
         if (!isset($_SESSION['upload_auth']) || $_SESSION['upload_auth'] != true) {
             ?>
         /* Show auth page. */
         if (!isset($_SESSION['upload_auth']) || $_SESSION['upload_auth'] != true) {
             ?>

-            <form action = "<?php echo basename(__FILE__); ?>" method = "post">
+            <form method="post">

             <fieldset>
                 <table>
                 <tr>
             <fieldset>
                 <table>
                 <tr>


@@ -89,7 +89,7 @@ if (!jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) {
         }
     }
 }
         }
     }
 }

-    
+

 ?>
 <div id="upload_finished">
     <p><?php echo t('File uploaded !') ?></p>
 ?>
 <div id="upload_finished">
     <p><?php echo t('File uploaded !') ?></p>


@@ -108,7 +108,7 @@ if (!jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) {
     <p><?php echo t('View link') ?>:</p>
     <p><a id="preview_link" href=""></a></p>
     </div>
     <p><?php echo t('View link') ?>:</p>
     <p><a id="preview_link" href=""></a></p>
     </div>

-    <?php 
+    <?php

 } ?>
 
     <div id="upload_direct_download">
 } ?>
 
     <div id="upload_direct_download">


@@ -243,7 +243,7 @@ if (!jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) {
     <?php
     if (jirafeau_has_upload_password($cfg)) {
         ?>
     <?php
     if (jirafeau_has_upload_password($cfg)) {
         ?>

-    <form action = "<?php echo basename(__FILE__); ?>" method = "post">
+    <form method="post">

         <input type = "hidden" name = "action" value = "logout"/>
         <input type = "submit" value = "<?php echo t('Logout'); ?>" />
     </form>
         <input type = "hidden" name = "action" value = "logout"/>
         <input type = "submit" value = "<?php echo t('Logout'); ?>" />
     </form>

diff --git a/lib/functions.php b/lib/functions.php
index 99c11ec166e2165a926ad144957555df23ca7026..85651bafa85a5e486f44eba4745c31de5e2cf7bf 100644 (file)
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -611,17 +611,17 @@ function jirafeau_admin_list($name, $file_hash, $link_hash)
                 echo '<td>' . strftime('%c', $l['upload_date']) . '</td>';
                 echo '<td>' . $l['ip'] . '</td>';
                 echo '<td>' .
                 echo '<td>' . strftime('%c', $l['upload_date']) . '</td>';
                 echo '<td>' . $l['ip'] . '</td>';
                 echo '<td>' .

-                '<form action = "admin.php" method = "post">' .
+                '<form method="post">' .

                 '<input type = "hidden" name = "action" value = "download"/>' .
                 '<input type = "hidden" name = "link" value = "' . $node . '"/>' .
                 '<input type = "submit" value = "' . t('Download') . '" />' .
                 '</form>' .
                 '<input type = "hidden" name = "action" value = "download"/>' .
                 '<input type = "hidden" name = "link" value = "' . $node . '"/>' .
                 '<input type = "submit" value = "' . t('Download') . '" />' .
                 '</form>' .

-                '<form action = "admin.php" method = "post">' .
+                '<form method="post">' .

                 '<input type = "hidden" name = "action" value = "delete_link"/>' .
                 '<input type = "hidden" name = "link" value = "' . $node . '"/>' .
                 '<input type = "submit" value = "' . t('Del link') . '" />' .
                 '</form>' .
                 '<input type = "hidden" name = "action" value = "delete_link"/>' .
                 '<input type = "hidden" name = "link" value = "' . $node . '"/>' .
                 '<input type = "submit" value = "' . t('Del link') . '" />' .
                 '</form>' .

-                '<form action = "admin.php" method = "post">' .
+                '<form method="post">' .

                 '<input type = "hidden" name = "action" value = "delete_file"/>' .
                 '<input type = "hidden" name = "md5" value = "' . $l['md5'] . '"/>' .
                 '<input type = "submit" value = "' . t('Del file and links') . '" />' .
                 '<input type = "hidden" name = "action" value = "delete_file"/>' .
                 '<input type = "hidden" name = "md5" value = "' . $l['md5'] . '"/>' .
                 '<input type = "submit" value = "' . t('Del file and links') . '" />' .