From 03ac3079fa82f4a2ea048594bb6641402999c230 Mon Sep 17 00:00:00 2001
From: "Committo,Ergo:sum" <esj@rezo.net>
Date: Fri, 13 Jan 2006 17:03:01 +0000
Subject: [PATCH] utiliser systematiquement generer_url_post_ecrire
---
ecrire/inc_admin_vider.php | 13 ++++---------
ecrire/inc_articles.php | 10 +++-------
ecrire/inc_articles_edit.php | 7 ++-----
ecrire/inc_auteur_infos.php | 7 ++-----
ecrire/inc_breves_edit.php | 3 +--
ecrire/inc_config-contenu.php3 | 4 ++--
ecrire/inc_config-fonctions.php | 2 +-
ecrire/inc_config-lang.php | 4 ++--
ecrire/inc_config-multilang.php3 | 2 +-
ecrire/inc_configuration.php | 2 +-
ecrire/inc_forum_envoi.php | 4 ++--
ecrire/inc_install.php | 27 ++++++++++++++-------------
ecrire/inc_lang.php3 | 4 +---
ecrire/inc_message.php | 2 +-
ecrire/inc_message_edit.php | 2 +-
ecrire/inc_mots_edit.php | 2 +-
ecrire/inc_mots_type.php | 5 ++---
ecrire/inc_rubriques_edit.php | 5 +----
18 files changed, 42 insertions(+), 63 deletions(-)
diff --git a/ecrire/inc_admin_vider.php b/ecrire/inc_admin_vider.php
index 39a2ed8c5f..5073ab0151 100644
--- a/ecrire/inc_admin_vider.php
+++ b/ecrire/inc_admin_vider.php
@@ -105,9 +105,7 @@ if ($quota_cache) {
$hash = calculer_action_auteur("$action $arg");
echo ' (', _T('cache_modifiable_webmestre'),')</p>',
- "\n<form action='",
- generer_url_public("spip_action.php"),
- "' method='POST'>",
+ "\n<form action='", generer_url_public("spip_action.php"), "' method='POST'>",
"\n<input type='hidden' name='action' value='$action' />",
"\n<input type='hidden' name='arg' value='$arg' />",
"\n<input type='hidden' name='id_auteur' value='$connect_id_auteur' />",
@@ -138,9 +136,7 @@ if ($quota_cache) {
$arg = 'vignettes';
$hash = calculer_action_auteur("$action $arg");
- echo "\n<form action='",
- generer_url_public("spip_action.php"),
- "' method='POST'>",
+ echo "\n<form action='", generer_url_public("spip_action.php"), "' method='POST'>",
"\n<input type='hidden' name='action' value='$action' />",
"\n<input type='hidden' name='arg' value='$arg' />",
"\n<input type='hidden' name='id_auteur' value='$connect_id_auteur' />",
@@ -174,10 +170,9 @@ debut_cadre_trait_couleur("racine-site-24.gif", false, "", _T('texte_effacer_don
}
- echo "\n<form action='" . generer_url_ecrire("admin_vider") . "' method='POST'>";
-
$hash = calculer_action_auteur("purger_index");
-
+
+ echo generer_url_post_ecrire("admin_vider");
echo "\n<INPUT TYPE='hidden' NAME='hash' VALUE='$hash' />";
echo "\n<INPUT TYPE='hidden' NAME='purger_index' VALUE='oui' />";
echo "\n<p><DIV align='right'><INPUT CLASS='fondo' TYPE='submit' NAME='valider' VALUE=\""._T('bouton_effacer_index')."\"></FORM></DIV>";
diff --git a/ecrire/inc_articles.php b/ecrire/inc_articles.php
index f9b4647636..c11f763325 100644
--- a/ecrire/inc_articles.php
+++ b/ecrire/inc_articles.php
@@ -362,8 +362,7 @@ function boites_de_config_articles($id_article, $id_rubrique, $flag_editable,
$message=$petition["message"];
$texte_petition=$petition["texte"];
- echo "\n<form action='".$GLOBALS['clean_link']->getUrl()
- ."' method='POST'>";
+ echo "\n<form action='".$GLOBALS['clean_link']->getUrl()."' method='POST'>";
echo "\n<input type='hidden' name='id_article' value='$id_article'>";
echo "<select name='change_petition'
@@ -441,8 +440,6 @@ function boites_de_config_articles($id_article, $id_rubrique, $flag_editable,
fin_cadre_relief();
-
-
// Redirection (article virtuel)
debut_cadre_relief("site-24.gif");
$visible = ($changer_virtuel || $virtuel);
@@ -460,8 +457,7 @@ function boites_de_config_articles($id_article, $id_rubrique, $flag_editable,
else
echo debut_block_invisible("redirection");
- echo "<form action='" . generer_url_ecrire("articles","id_article=$id_article") . "' method='post'>";
- echo "\n<INPUT TYPE='hidden' NAME='id_article' VALUE='$id_article'>";
+ echo generer_url_post_ecrire("articles", "id_article=$id_article");
echo "\n<INPUT TYPE='hidden' NAME='changer_virtuel' VALUE='oui'>";
$virtuelhttp = ($virtuel ? "" : "http://");
@@ -1225,7 +1221,7 @@ function ajouter_auteurs_articles($id_article, $les_auteurs, $flag_editable, $ru
if (spip_num_rows($result) > 0) {
- echo "<form action='" . generer_url_ecrire("articles","id_article=$id_article#auteurs") . "' method='post'>";
+ echo generer_url_post_ecrire("articles", "id_article=$id_article");;
echo "<span class='verdana1'><B>"._T('titre_cadre_ajouter_auteur')." </B></span>\n";
echo "<DIV><INPUT TYPE='Hidden' NAME='id_article' VALUE=\"$id_article\">";
diff --git a/ecrire/inc_articles_edit.php b/ecrire/inc_articles_edit.php
index 9657e14cca..d9ed2e9df4 100644
--- a/ecrire/inc_articles_edit.php
+++ b/ecrire/inc_articles_edit.php
@@ -137,12 +137,9 @@ echo "<P><HR><P>";
$texte = entites_html($texte);
$ps = entites_html($ps);
- echo "<form action='", generer_url_ecrire('articles', ($id_article ? "id_article=$id_article" : "")),
- "' method='POST' name='formulaire'>\n";
+ echo generer_url_post_ecrire("articles", ($id_article ? "id_article=$id_article" : ""),'formulaire');
- if ($id_article)
- echo "<INPUT TYPE='Hidden' NAME='id_article' VALUE='$id_article'>";
- else if ($new == 'oui')
+ if ($new == 'oui')
echo "<INPUT TYPE='Hidden' NAME='new' VALUE='oui'>";
if ($lier_trad) {
diff --git a/ecrire/inc_auteur_infos.php b/ecrire/inc_auteur_infos.php
index 469527fe16..079b227d67 100644
--- a/ecrire/inc_auteur_infos.php
+++ b/ecrire/inc_auteur_infos.php
@@ -277,9 +277,7 @@ function formulaire_auteur_infos($id_auteur, $auteur, $onfocus, $redirect, $ajou
{
global $connect_statut, $connect_toutes_rubriques,$connect_id_auteur, $options, $champs_extra ;
- echo "<form method='POST' action='", generer_url_ecrire('auteur_infos', (!$id_auteur ? "" : "?id_auteur=$id_auteur")),
- "'><input type='hidden' name='id_auteur' value='$id_auteur' />";
-
+ echo generer_url_post_ecrire('auteur_infos', (!$id_auteur ? "" : "?id_auteur=$id_auteur"));
//
// Infos personnelles
@@ -537,8 +535,7 @@ function afficher_formulaire_statut_auteur ($id_auteur, $statut, $post='') {
if ($post && $droit) {
$url_self = $post;
echo "<p />";
- echo "<form action='", generer_url_ecrire($post, "id_auteur=$id_auteur"),
- "' method='POST'>\n";
+ echo generer_url_post_ecrire($post, "id_auteur=$id_auteur");
} else
$url_self = "auteur_infos";
diff --git a/ecrire/inc_breves_edit.php b/ecrire/inc_breves_edit.php
index 0a629384b8..a09dafd410 100644
--- a/ecrire/inc_breves_edit.php
+++ b/ecrire/inc_breves_edit.php
@@ -93,10 +93,9 @@ if ($new != "oui") {
if ($connect_statut=="0minirezo" OR $statut=="prop" OR $new == "oui") {
if ($id_breve) $lien = "id_breve=$id_breve";
- echo "<form action='" . generer_url_ecrire("breves_voir","$lien") . "' method='post' name='formulaire'>";
+ echo generer_url_post_ecrire('breves_voir',$lien, 'formulaire');
echo "<INPUT TYPE='Hidden' NAME='modifier_breve' VALUE=\"oui\">";
- echo "<INPUT TYPE='Hidden' NAME='id_breve' VALUE=\"$id_breve\">";
echo "<INPUT TYPE='Hidden' NAME='statut_old' VALUE=\"$statut\">";
if ($new == "oui") echo "<INPUT TYPE='Hidden' NAME='new' VALUE=\"oui\">";
diff --git a/ecrire/inc_config-contenu.php3 b/ecrire/inc_config-contenu.php3
index 775093325d..6e628c3a44 100644
--- a/ecrire/inc_config-contenu.php3
+++ b/ecrire/inc_config-contenu.php3
@@ -45,8 +45,8 @@ debut_gauche();
debut_droite();
-echo "<form action='" . generer_url_ecrire("config-contenu") . "' method='POST'>";
-echo "<input type='hidden' name='changer_config' value='oui'>";
+ echo generer_url_post_ecrire("config-contenu");
+ echo "<input type='hidden' name='changer_config' value='oui'>";
diff --git a/ecrire/inc_config-fonctions.php b/ecrire/inc_config-fonctions.php
index a8812e5eec..280836117e 100644
--- a/ecrire/inc_config-fonctions.php
+++ b/ecrire/inc_config-fonctions.php
@@ -39,7 +39,7 @@ function config_fonctions_dist()
debut_droite();
lire_metas();
- echo "<form action='" . generer_url_ecrire("config-fonctions","") . "' method='post'>";
+ echo generer_url_post_ecrire('config-fonctions');
echo "<input type='hidden' name='changer_config' value='oui'>";
//
diff --git a/ecrire/inc_config-lang.php b/ecrire/inc_config-lang.php
index 4d28491b43..d1a81a7431 100644
--- a/ecrire/inc_config-lang.php
+++ b/ecrire/inc_config-lang.php
@@ -48,8 +48,8 @@ if ($changer_config == 'oui') {
lire_metas();
-echo "<form action='" . generer_url_ecrire("config-lang","") . "' method='post'>";
-echo "<input type='hidden' name='changer_config' value='oui'>";
+ echo generer_url_post_ecrire('config-lang');
+ echo "<input type='hidden' name='changer_config' value='oui'>";
//
diff --git a/ecrire/inc_config-multilang.php3 b/ecrire/inc_config-multilang.php3
index b2dfa96fa0..17881a0f1b 100644
--- a/ecrire/inc_config-multilang.php3
+++ b/ecrire/inc_config-multilang.php3
@@ -50,7 +50,7 @@ debut_gauche();
debut_droite();
-echo "<form action='" . generer_url_ecrire("config-multilang","") . "' method='post'>";
+echo generer_url_post_ecrire('config-multilang');
echo "<input type='hidden' name='changer_config' value='oui'>";
debut_cadre_couleur("traductions-24.gif", false, "", _T('info_multilinguisme'));
diff --git a/ecrire/inc_configuration.php b/ecrire/inc_configuration.php
index b892dcef79..a795f1f81c 100644
--- a/ecrire/inc_configuration.php
+++ b/ecrire/inc_configuration.php
@@ -62,7 +62,7 @@ avertissement_config();
// Afficher les options de config
//
-echo "<form action='" . generer_url_ecrire("configuration","") . "' method='post'>";
+echo generer_url_post_ecrire('configuration');
echo "<input type='hidden' name='changer_config' value='oui'>";
debut_cadre_couleur("racine-site-24.gif");
diff --git a/ecrire/inc_forum_envoi.php b/ecrire/inc_forum_envoi.php
index 8d384bb125..197b612333 100644
--- a/ecrire/inc_forum_envoi.php
+++ b/ecrire/inc_forum_envoi.php
@@ -149,7 +149,7 @@ if ($modif_forum == "oui") {
echo "<p><a href='$url_site'>$nom_site</a>";
}
- echo "<form action='" . generer_url_ecrire("forum_envoi","") . "' name='formulaire' method='post'>";
+ echo generer_url_post_ecrire('forum_envoi',"",'formulaire');
echo "<p><div align='right'><INPUT CLASS='fondo' TYPE='submit' NAME='valider_forum' VALUE='"._T('bouton_envoyer_message')."'></div>";
fin_cadre_thread_forum();
@@ -163,7 +163,7 @@ if ($modif_forum == "oui") {
}
}
else {
- echo "<form action='" . generer_url_ecrire("forum_envoi","") . "' name='formulaire' method='post'>";
+ echo generer_url_post_ecrire('forum_envoi',"",'formulaire');
}
echo "<div> </div>";
diff --git a/ecrire/inc_install.php b/ecrire/inc_install.php
index 2dc09ef078..7c20a97d94 100644
--- a/ecrire/inc_install.php
+++ b/ecrire/inc_install.php
@@ -158,7 +158,7 @@ function install_6()
@unlink(_FILE_CONNECT_INS . _FILE_TMP . _EXTENSION_PHP);
}
- echo "<form action='./' method='POST'>";
+ echo "<form action='./' method='post'>";
echo "<DIV align='$spip_lang_right'><INPUT TYPE='submit' CLASS='fondl' VALUE='"._T('bouton_suivant')." >>'>";
echo "</FORM>";
@@ -183,7 +183,8 @@ function install_5()
echo "<p>\n"._T('texte_informations_personnelles_2')." ";
echo _T('info_laisser_champs_vides');
- echo "<form action='" . generer_url_ecrire("install") . "' method='POST'>";
+ echo generer_url_post_ecrire('install');
+
echo "<INPUT TYPE='hidden' NAME='etape' VALUE='6'>";
echo "<fieldset><label><B>"._T('info_identification_publique')."</B><BR />\n</label>";
@@ -211,7 +212,7 @@ function install_5()
echo "<div style='border: 1px solid #404040; padding: 10px; text-align: left;'>";
echo "<b>"._T('info_authentification_externe')."</b>";
echo "<p>\n"._T('texte_annuaire_ldap_1');
- echo "<form action='" . generer_url_ecrire("install") . "' method='POST'>";
+ echo generer_url_post_ecrire('install');
echo "<INPUT TYPE='hidden' NAME='etape' VALUE='ldap1'>";
echo "<DIV align='$spip_lang_right'><INPUT TYPE='submit' CLASS='fondl' VALUE=\""._T('bouton_acces_ldap')."\">";
echo "</FORM>";
@@ -298,7 +299,7 @@ function install_4()
echo "<B>"._T('info_base_installee')."</B><P>\n"._T('info_etape_suivante_1');
- echo "<form action='" . generer_url_ecrire("install") . "' method='POST'>";
+ echo generer_url_post_ecrire('install');
echo "<INPUT TYPE='hidden' NAME='etape' VALUE='5'>";
echo "<DIV align='$spip_lang_right'><INPUT TYPE='submit' CLASS='fondl' VALUE='"._T('bouton_suivant')." >>'>";
@@ -326,7 +327,7 @@ function install_3()
echo aide ("install2");
echo "<P>\n";
- echo "<form action='" . generer_url_ecrire("install") . "' method='POST'>";
+ echo generer_url_post_ecrire('install');
echo "<INPUT TYPE='hidden' NAME='etape' VALUE='4'>";
echo "<INPUT TYPE='hidden' NAME='adresse_db' VALUE=\"$adresse_db\" SIZE='40'>";
echo "<INPUT TYPE='hidden' NAME='login_db' VALUE=\"$login_db\">";
@@ -414,7 +415,7 @@ function install_2()
if (($db_connect=="0") && $link){
echo "<B>"._T('info_connexion_ok')."</B><P> "._T('info_etape_suivante_2');
- echo "<form action='" . generer_url_ecrire("install") . "' method='POST'>";
+ echo generer_url_post_ecrire('install');
echo "<INPUT TYPE='hidden' NAME='etape' VALUE='3'>";
echo "<INPUT TYPE='hidden' NAME='adresse_db' VALUE=\"$adresse_db\" SIZE='40'>";
echo "<INPUT TYPE='hidden' NAME='login_db' VALUE=\"$login_db\">";
@@ -464,7 +465,7 @@ function install_1()
}
}
- echo "<p><form action='" . generer_url_ecrire("install") . "' method='POST'>";
+ echo generer_url_post_ecrire('install');
echo "<INPUT TYPE='hidden' NAME='etape' VALUE='2'>";
echo "<fieldset><label><B>"._T('entree_base_donnee_1')."</B><BR />\n</label>";
echo _T('entree_base_donnee_2')."<BR />\n";
@@ -530,7 +531,7 @@ function install_ldap5()
echo "<B>"._T('info_ldap_ok')."</B>";
echo "<P>"._T('info_terminer_installation');
- echo "<form action='" . generer_url_ecrire("install") . "' method='POST'>";
+ echo generer_url_post_ecrire('install');
echo "<INPUT TYPE='hidden' NAME='etape' VALUE='5'>";
echo "<DIV align='$spip_lang_right'><INPUT TYPE='submit' CLASS='fondl' VALUE='"._T('bouton_suivant')." >>'>";
@@ -581,7 +582,7 @@ function install_ldap4()
fputs($myFile, $conn);
fclose($myFile);
- echo "<p><form action='" . generer_url_ecrire("install") . "' method='POST'>";
+ echo generer_url_post_ecrire('install');
echo "<INPUT TYPE='hidden' NAME='etape' VALUE='ldap5'>";
echo "<fieldset><label><B>"._T('info_statut_utilisateurs_1')."</B></label><BR />\n";
echo _T('info_statut_utilisateurs_2')." ";
@@ -617,7 +618,7 @@ function install_ldap3()
$result = @ldap_read($ldap_link, "", "objectclass=*", array("namingContexts"));
$info = @ldap_get_entries($ldap_link, $result);
- echo "<form action='" . generer_url_ecrire("install") . "' method='POST'>";
+ echo generer_url_post_ecrire('install');
echo "<INPUT TYPE='hidden' NAME='etape' VALUE='ldap4'>";
echo "<INPUT TYPE='hidden' NAME='adresse_ldap' VALUE=\"$adresse_ldap\">";
echo "<INPUT TYPE='hidden' NAME='port_ldap' VALUE=\"$port_ldap\">";
@@ -681,7 +682,7 @@ function install_ldap2()
if ($ldap_link && ($r || !$login_ldap)) {
echo "<B>"._T('info_connexion_ldap_ok');
- echo "<form action='" . generer_url_ecrire("install") . "' method='POST'>";
+ echo generer_url_post_ecrire('install');
echo "<INPUT TYPE='hidden' NAME='etape' VALUE='ldap3'>";
echo "<INPUT TYPE='hidden' NAME='adresse_ldap' VALUE=\"$adresse_ldap\">";
echo "<INPUT TYPE='hidden' NAME='port_ldap' VALUE=\"$port_ldap\">";
@@ -722,8 +723,8 @@ function install_ldap1()
}
}
- echo "<p><form action='" . generer_url_ecrire("install") . "' method='POST'>";
- echo "<INPUT TYPE='hidden' NAME='etape' VALUE='ldap2'>";
+ echo generer_url_post_ecrire('install');
+ echo "<p><INPUT TYPE='hidden' NAME='etape' VALUE='ldap2'>";
echo "<fieldset><label><B>"._T('entree_adresse_annuaire')."</B><BR />\n</label>";
echo _T('texte_adresse_annuaire_1')."<BR />\n";
echo "<INPUT TYPE='text' NAME='adresse_ldap' CLASS='formo' VALUE=\"$adresse_ldap\" SIZE='20'><P>";
diff --git a/ecrire/inc_lang.php3 b/ecrire/inc_lang.php3
index 70d59ba029..52dfbc3f0b 100644
--- a/ecrire/inc_lang.php3
+++ b/ecrire/inc_lang.php3
@@ -273,9 +273,7 @@ function menu_langues($nom_select = 'var_lang', $default = '', $texte = '', $her
$lien = generer_url_public("spip_cookie", $args);
}
- return "<form action='"
- . $lien
- . "' method='post' style='margin:0px; padding:0px;'>"
+ return "<form action='$lien' method='post' style='margin:0px; padding:0px;'>"
. (!$cible ? '' : "<input type='hidden' name='url' value='".quote_amp($cible)."' />")
. $texte
. "<select name='$nom_select' "
diff --git a/ecrire/inc_message.php b/ecrire/inc_message.php
index 2f3528dda1..3052729d33 100644
--- a/ecrire/inc_message.php
+++ b/ecrire/inc_message.php
@@ -186,7 +186,7 @@ function http_ajouter_participants($ze_auteurs, $id_message)
if (spip_num_rows($result_ajout_auteurs) > 0) {
- echo "<FORM action='" . generer_url_ecrire("message") . "' method='POST'>";
+ echo generer_url_post_ecrire('message');
echo "<DIV align=left><FONT FACE='Verdana,Arial,Sans,sans-serif' SIZE=2><b>"._T('bouton_ajouter_participant')." </b></FONT>\n";
echo "<input TYPE='Hidden' NAME='id_message' VALUE=\"$id_message\">";
diff --git a/ecrire/inc_message_edit.php b/ecrire/inc_message_edit.php
index 9b49106781..7c05eb9fb0 100644
--- a/ecrire/inc_message_edit.php
+++ b/ecrire/inc_message_edit.php
@@ -109,7 +109,7 @@ if ($type == 'affich') {
$logo = "annonce";
}
-echo "<form action='" . generer_url_ecrire("message","id_message=$id_message") . "' method='post'>";
+ echo generer_url_post_ecrire('message',"id_message=$id_message");
debut_gauche();
diff --git a/ecrire/inc_mots_edit.php b/ecrire/inc_mots_edit.php
index 4ab019c3e2..7e0ab2a869 100644
--- a/ecrire/inc_mots_edit.php
+++ b/ecrire/inc_mots_edit.php
@@ -236,7 +236,7 @@ if ($connect_statut =="0minirezo" AND $connect_toutes_rubriques){
echo "<P>";
debut_cadre_formulaire();
- echo "<form action='" . generer_url_ecrire("mots_edit","") . "' method='post'>";
+ echo generer_url_post_ecrire("mots_edit");
echo "<div class='serif'>";
if ($id_mot)
diff --git a/ecrire/inc_mots_type.php b/ecrire/inc_mots_type.php
index 7203d07fce..faf303cc53 100644
--- a/ecrire/inc_mots_type.php
+++ b/ecrire/inc_mots_type.php
@@ -85,12 +85,11 @@ echo aide("motsgroupes");
if ($connect_statut =="0minirezo"){
$type=entites_html(urldecode($type));
echo "<p><font face='Verdana,Arial,Sans,sans-serif'>";
- echo "<form action='" . generer_url_ecrire("mots_tous","") . "' method='post'>\n";
+ echo generer_url_post_ecrire("mots_tous", "$id_groupe=$id_groupe");
echo "<INPUT TYPE='Hidden' NAME='modifier_groupe' VALUE=\"oui\">\n";
- echo "<INPUT TYPE='Hidden' NAME='id_groupe' VALUE=\"$id_groupe\">\n";
echo "<INPUT TYPE='Hidden' NAME='ancien_type' VALUE=\"$ancien_type\">\n";
debut_cadre_formulaire();
- echo "<b>"._T('info_changer_nom_groupe')."</b><br>\n";
+ echo "<b>"._T('info_changer_nom_groupe')."</b><br />\n";
echo "<INPUT TYPE='Text' SIZE=40 CLASS='formo' NAME='change_type' VALUE=\"$type\" $onfocus>\n";
if ($options == 'avancees' OR $descriptif) {
diff --git a/ecrire/inc_rubriques_edit.php b/ecrire/inc_rubriques_edit.php
index 69a77b707b..f173a43c1d 100644
--- a/ecrire/inc_rubriques_edit.php
+++ b/ecrire/inc_rubriques_edit.php
@@ -101,10 +101,7 @@ gros_titre($titre);
echo "</td></tr></table>";
echo "<p>";
-if ($id_rubrique > 0)
- echo "<form action='" . generer_url_ecrire("naviguer","id_rubrique=$id_rubrique") . "' method='post'>";
-else
- echo "<form action='" . generer_url_ecrire("naviguer","") . "' method='post'>";
+ generer_url_post_ecrire("naviguer",($id_rubrique ? "id_rubrique=$id_rubrique" : ""));
$titre = entites_html($titre);
--
GitLab