Home Explore Help
Register Sign In
NSHkD
/
Gazelle
forked from Oppaitime/Gazelle
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Send encrypted emails and IPs over POST to avoid large request URLs

spaghetti 7 years ago
parent
53e3dca294
commit
853ceb48b2
4 changed files with 22 additions and 10 deletions
Split View Show Diff Stats
  1. 4
    4
      sections/delete/delete_email.php
  2. 4
    4
      sections/delete/delete_ip.php
  3. 7
    1
      sections/userhistory/email_history_userview.php
  4. 7
    1
      sections/userhistory/ip_history_userview.php

+ 4
- 4
sections/delete/delete_email.php View File 

@@ -1,7 +1,7 @@
1 1 
 <?
2 2
3 
-if (!isset($_GET['emails']) || !is_array($_GET['emails'])) {
4 
-  error("Stop that.");
3 
+if (!isset($_POST['emails']) || !is_array($_POST['emails'])) {
4 
+  error("No email requested");
5 5 
 }
6 6
7 7 
 if (!apcu_exists('DBKEY')) {
 
@@ -17,14 +17,14 @@ View::show_header('Email Expunge Request');
17 17 
 </div>
18 18 
 <form class="create_form box pad" name="emaildelete" action="delete.php" method="post">
19 19 
   <input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
20 
-  <? foreach($_GET['emails'] as $email) { ?>
20 
+  <? foreach($_POST['emails'] as $email) { ?>
21 21 
   <input type="hidden" name="emails[]" value="<?=$email?>" />
22 22 
   <? } ?>
23 23 
   <input type="hidden" name="action" value="takeemail" />
24 24 
   <table cellspacing="1" cellpadding="3" border="0" class="layout" width="100%">
25 25 
     <tr>
26 26 
       <td class="label">Email:</td>
27 
-      <td><input type="text" size="30" value="<?=Crypto::decrypt($_GET['emails'][0])?>" disabled /></td>
27 
+      <td><input type="text" size="30" value="<?=Crypto::decrypt($_POST['emails'][0])?>" disabled /></td>
28 28 
     </tr>
29 29 
     <tr>
30 30 
       <td class="label">Reason (Optional):</td>

+ 4
- 4
sections/delete/delete_ip.php View File 

@@ -1,7 +1,7 @@
1 1 
 <?
2 2
3 
-if (!isset($_GET['ips']) || !is_array($_GET['ips'])) {
4 
-  error("Stop that.");
3 
+if (!isset($_POST['ips']) || !is_array($_POST['ips'])) {
4 
+  error("No IP requested");
5 5 
 }
6 6
7 7 
 if (!apcu_exists('DBKEY')) {
 
@@ -17,14 +17,14 @@ View::show_header('IP Address Expunge Request');
17 17 
 </div>
18 18 
 <form class="create_form box pad" name="ipdelete" action="delete.php" method="post">
19 19 
   <input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
20 
-  <? foreach($_GET['ips'] as $ip) { ?>
20 
+  <? foreach($_POST['ips'] as $ip) { ?>
21 21 
   <input type="hidden" name="ips[]" value="<?=$ip?>" />
22 22 
   <? } ?>
23 23 
   <input type="hidden" name="action" value="takeip" />
24 24 
   <table cellspacing="1" cellpadding="3" border="0" class="layout" width="100%">
25 25 
     <tr>
26 26 
       <td class="label">IP:</td>
27 
-      <td><input type="text" size="30" value="<?=Crypto::decrypt($_GET['ips'][0])?>" disabled /></td>
27 
+      <td><input type="text" size="30" value="<?=Crypto::decrypt($_POST['ips'][0])?>" disabled /></td>
28 28 
     </tr>
29 29 
     <tr>
30 30 
       <td class="label">Reason (Optional):</td>

+ 7
- 1
sections/userhistory/email_history_userview.php View File 

@@ -65,7 +65,13 @@ if (!$Self) {
65 65 
     <td><?=display_str($Email)?></td>
66 66 
     <td>
67 67 
     <? if ($Email != $Curr) { ?>
68 
-      <a href="delete.php?action=email&emails[]=<?=implode('&emails[]=', array_map('urlencode', $Encs))?>" class="brackets">X</a>
68 
+      <form action="delete.php" method="post">
69 
+        <input type="hidden" name="action" value="email">
70 
+        <? foreach ($Encs as $Enc) { ?>
71 
+        <input type="hidden" name="emails[]" value="<?=$Enc?>">
72 
+        <? } ?>
73 
+        <input type="submit" value="X">
74 
+      </form>
69 75 
     <? } ?>
70 76 
     </td>
71 77 
   </tr>

+ 7
- 1
sections/userhistory/ip_history_userview.php View File 

@@ -65,7 +65,13 @@ if (!$Self) {
65 65 
     <td><?=display_str($IP)?></td>
66 66 
     <td>
67 67 
     <? if ($IP != $Curr) { ?>
68 
-      <a href="delete.php?action=ip&ips[]=<?=implode('&ips[]=', array_map('urlencode', $Encs))?>" class="brackets">X</a>
68 
+      <form action="delete.php" method="post">
69 
+        <input type="hidden" name="action" value="ip">
70 
+        <? foreach ($Encs as $Enc) { ?>
71 
+        <input type="hidden" name="ips[]" value="<?=$Enc?>">
72 
+        <? } ?>
73 
+        <input type="submit" value="X">
74 
+      </form>
69 75 
     <? } ?>
70 76 
     </td>
71 77 
   </tr>

Write Preview
Loading…
Cancel
Save