finish csrf and gorilla mux port work
This commit is contained in:
parent
df5dca3a52
commit
42795c6cef
12
js/funcs.js
12
js/funcs.js
|
|
@ -28,17 +28,17 @@ $(document).ready( function () {
|
|||
|
||||
$('.cat-delete').confirm({
|
||||
text: "Are you sure you want to delete this category?",
|
||||
title: "Confirmation required",
|
||||
confirmButton: "Yes",
|
||||
cancelButton: "No",
|
||||
title: "Delete confrimation",
|
||||
confirm: function(form) {
|
||||
console.log("fooo");
|
||||
form.submit();
|
||||
}
|
||||
});
|
||||
|
||||
$(".confirm-news-delete").confirm({
|
||||
"text": "Delete news item?",
|
||||
"title": "Delete confirmation",
|
||||
confirmButton: "Yes",
|
||||
cancelButton: "No",
|
||||
"confirm": function(form) {
|
||||
confirm: function(form) {
|
||||
form.submit();
|
||||
}
|
||||
});
|
||||
|
|
|
|||
|
|
@ -188,7 +188,7 @@ func editFormHandler(w http.ResponseWriter, r *http.Request, user *user.User, se
|
|||
|
||||
flashes := GetFlashes(session)
|
||||
|
||||
id, idErr := strconv.Atoi(r.FormValue("id"))
|
||||
id, idErr := strconv.Atoi(mux.Vars(r)["id"])
|
||||
if idErr != nil {
|
||||
session.AddFlash("Could not understand news id", flash_err)
|
||||
session.Save(r, w)
|
||||
|
|
@ -210,15 +210,15 @@ func editFormHandler(w http.ResponseWriter, r *http.Request, user *user.User, se
|
|||
}
|
||||
|
||||
func editPostHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
|
||||
news_id, err := strconv.Atoi(r.FormValue("id"))
|
||||
if err != nil {
|
||||
id, idErr := strconv.Atoi(mux.Vars(r)["id"])
|
||||
if idErr != nil {
|
||||
session.AddFlash("Error trying to save news item", flash_err)
|
||||
session.Save(r, w)
|
||||
http.Redirect(w, r, "/news", http.StatusFound)
|
||||
return
|
||||
}
|
||||
|
||||
news, err := news.Get(db, news_id)
|
||||
news, err := news.Get(db, id)
|
||||
if err != nil {
|
||||
fmt.Println("Error trying to edit news item that doesn't exist")
|
||||
session.AddFlash("Error trying to save news item", flash_err)
|
||||
|
|
@ -335,7 +335,7 @@ func categoryFromReqArg(arg string) *categories.Category {
|
|||
|
||||
func categoryChangeParentHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
|
||||
categories.LoadCategories(db)
|
||||
category := categoryFromReqArg(r.FormValue("cid"))
|
||||
category := categoryFromReqArg(mux.Vars(r)["id"])
|
||||
parent := categoryFromReqArg(r.FormValue("parent"))
|
||||
|
||||
if category == nil {
|
||||
|
|
@ -378,7 +378,7 @@ func categoryAddHandler(w http.ResponseWriter, r *http.Request, user *user.User,
|
|||
}
|
||||
|
||||
func categoryDeleteHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
|
||||
id, idErr := strconv.Atoi(r.FormValue("id"))
|
||||
id, idErr := strconv.Atoi(mux.Vars(r)["id"])
|
||||
|
||||
if idErr != nil {
|
||||
session.AddFlash("Invalid category to delete", flash_err)
|
||||
|
|
@ -447,19 +447,16 @@ func init_route_handlers() *mux.Router {
|
|||
|
||||
rGet.HandleFunc("/news/added", userHandler(addedHandler))
|
||||
|
||||
// TODO to post and {id}
|
||||
rPost.HandleFunc("/news/{id:[0-9]+}/delete", userHandler(deleteHandler))
|
||||
// TODO post {id} ?
|
||||
rGet.HandleFunc("/news/{id:[0-9]+}/edit", userHandler(editFormHandler))
|
||||
rPost.HandleFunc("/news/{id:[0-9]+}/edit", userHandler(editPostHandler))
|
||||
|
||||
rGet.HandleFunc("/categories", userHandler(categoriesFormHandler))
|
||||
rPost.HandleFunc("/caegories", userHandler(categoriesPostHandler))
|
||||
|
||||
// TODO post, add {id}
|
||||
rPost.HandleFunc("/categories/change-parent", userHandler(categoryChangeParentHandler))
|
||||
rPost.HandleFunc("/categories/{id:[0-9]+}/change-parent", userHandler(categoryChangeParentHandler))
|
||||
rPost.HandleFunc("/categories/add", userHandler(categoryAddHandler))
|
||||
rPost.HandleFunc("/categories/delete", userHandler(categoryDeleteHandler))
|
||||
rPost.HandleFunc("/categories/{id:[0-9]+}/delete", userHandler(categoryDeleteHandler))
|
||||
|
||||
return r
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
<h2 class="form-categories-heading">Categories</h2>
|
||||
{{template "flashes" .}}
|
||||
{{range $category := .categories}}
|
||||
{{template "row-category" dict "category" $category "categories" $.categories}}
|
||||
{{template "row-category" dict "category" $category "categories" $.categories "csrfField" $.csrfField}}
|
||||
{{end}}
|
||||
|
||||
<div class="row">
|
||||
|
|
@ -34,10 +34,12 @@ new category select
|
|||
{{.category.Name}}
|
||||
</div>
|
||||
<div class="col-xs-1">
|
||||
<a href="/categories/delete?id={{.category.Id}}" class="cat-delete">delete</a>
|
||||
<form method="POST" action="/categories/{{.category.Id}}/delete" class="cat-delete">{{ $.csrfField }}
|
||||
<input type="submit" class="btn btn-sm btn-block" value="Delete" />
|
||||
</form>
|
||||
</div>
|
||||
<div class="col-xs-3">
|
||||
<form action="/categories/change-parent?cid={{.category.Id}}" method="POST">
|
||||
<form action="/categories/{{.category.Id}}/change-parent" method="POST">
|
||||
{{ .csrfField }}
|
||||
{{if $.category.Parent.Valid }}
|
||||
{{template "select-category" dict "categories" .categories "id" $.category.Parent.Value}}
|
||||
|
|
@ -49,7 +51,7 @@ new category select
|
|||
</div>
|
||||
|
||||
{{range $child := .category.Children}}
|
||||
{{template "row-category" dict "category" $child "categories" $.categories}}
|
||||
{{template "row-category" dict "category" $child "categories" $.categories "csrfField" $.csrfField}}
|
||||
{{end}}
|
||||
|
||||
{{end}}
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@
|
|||
</div>
|
||||
<div class="news-posts">
|
||||
{{range $news_post := .news}}
|
||||
{{template "row-news" dict "post" $news_post "categories" $.categories}}
|
||||
{{template "row-news" dict "post" $news_post "categories" $.categories "csrfField" $.csrfField}}
|
||||
{{end}}
|
||||
</div>
|
||||
|
||||
|
|
@ -39,12 +39,16 @@
|
|||
<div class="col-xs-8 post-url">
|
||||
<a href="{{.post.Url}}">{{truncate .post.Url 100}}</a>
|
||||
</div>
|
||||
<div class="col-xs-2 post-edit"><a href="/edit?id={{.post.Id}}">Edit</a></div>
|
||||
<div class="col-xs-2 post-edit"><a href="/news/{{.post.Id}}/edit" class="btn btn-sm btn-block">Edit</a></div>
|
||||
</div>
|
||||
<div class="row">
|
||||
<div class="col-xs-2"> </div>
|
||||
<div class="col-xs-8 post-preview">{{truncate .post.Notes 500}}</div>
|
||||
<div class="col-xs-2 post-delete"><form method="POST" action="/news/{{.post.Id}}/delete" class="confirm-news-delete">{{ .csrfField }}<input type="submit" class="btn btn-primary btn-block" value="Delete" /></form></div>
|
||||
<div class="col-xs-2 post-delete">
|
||||
<form method="POST" action="/news/{{.post.Id}}/delete" class="confirm-news-delete">{{ .csrfField }}
|
||||
<input type="submit" class="btn btn-sm btn-block" value="Delete" />
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{{end}}
|
||||
|
|
|
|||
Loading…
Reference in New Issue