Module delete supprimer le checkcsrf et change l'appel de la fonction profil

2023-06-28 17:51:48 +02:00 · 2023-06-28 17:51:48 +02:00 · 23c015f696
parent 0ac0e9398b
commit 23c015f696
4 changed files with 4 additions and 31 deletions
--- a/module/blog/blog.php
+++ b/module/blog/blog.php
@ -593,21 +593,13 @@ class blog extends common
 	public function delete()
 	{
 		if (
-			$this->getUser('permission', 'blog', 'delete') === false ||
+			$this->getUser('permission', __CLASS__, __FUNCTION__) === false ||
 			$this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]) === null) {
 			// Valeurs en sortie
 			$this->addOutput([
 				'access' => false
 			]);
 		}
-		// Action interdite
-		elseif ($this->checkCSRF()) {
-			// Valeurs en sortie
-			$this->addOutput([
-				'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
-				'notification' => helper::translate('Action interdite')
-			]);
-		}
 		// Suppression
 		else {
 			$this->deleteData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]);
--- a/module/form/form.php
+++ b/module/form/form.php
@ -344,9 +344,7 @@ class form extends common
 	public function delete()
 	{
 		// Action interdite
-		if (
-			$this->getUser('permission', 'form', 'delete') === false ||
-			$this->checkCSRF()) {
+		if ($this->getUser('permission', __CLASS__, __FUNCTION__) === false) {
 			// Valeurs en sortie
 			$this->addOutput([
 				'redirect' => helper::baseUrl() . $this->getUrl(0) . '/data',
--- a/module/gallery/gallery.php
+++ b/module/gallery/gallery.php
@ -498,23 +498,14 @@ class gallery extends common
 	 */
 	public function delete()
 	{
-		// $url prend l'adresse sans le token
 		// La galerie n'existe pas
-		if ($this->getUser('permission', 'gallery', 'delete') === false ||
+		if ($this->getUser('permission',  __CLASS__, __FUNCTION__) === false ||
 			$this->getData(['module', $this->getUrl(0), 'content', $this->getUrl(2)]) === null) {
 			// Valeurs en sortie
 			$this->addOutput([
 				'access' => false
 			]);
 		}
-		// Action interdite
-		if ($this->checkCSRF()) {
-			// Valeurs en sortie
-			$this->addOutput([
-				'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
-				'notification' => helper::translate('Suppression interdite')
-			]);
-		}
 		// Suppression
 		else {
 			$this->deleteData(['module', $this->getUrl(0), 'content', $this->getUrl(2)]);
--- a/module/news/news.php
+++ b/module/news/news.php
@ -365,21 +365,13 @@ class news extends common
 	public function delete()
 	{
 		// La news n'existe pas
-		if ($this->getUser('permission', 'news', 'delete') === false ||
+		if ($this->getUser('permission',  __CLASS__, __FUNCTION__) === false ||
 			$this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]) === null) {
 			// Valeurs en sortie
 			$this->addOutput([
 				'access' => false
 			]);
 		}
-		// Action interdite
-		elseif ($this->checkCSRF()) {
-			// Valeurs en sortie
-			$this->addOutput([
-				'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
-				'notification' => helper::translate('Action interdite')
-			]);
-		}
 		// Suppression
 		else {
 			$this->deleteData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]);