mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-17 21:49:15 +01:00
Code Issues Projects Releases Wiki Activity

MDL-69807 blocks: remove redundant sesskey loading edit/delete page.

Browse Source
This commit is contained in:
Paul Holden 2020-10-16 14:54:25 +01:00
parent 149fdcf075
commit fdd5aef039
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/blocklib.php
View File

@ -1282,8 +1282,10 @@ class block_manager {
if ($this->page->user_can_edit_blocks() || $block->user_can_edit()) {
// Edit config icon - always show - needed for positioning UI.
$str = new lang_string('configureblock', 'block', $blocktitle);
$editactionurl = new moodle_url($actionurl, ['bui_editid' => $block->instance->id]);
$editactionurl->remove_params(['sesskey']);
$controls[] = new action_menu_link_secondary(
new moodle_url($actionurl, array('bui_editid' => $block->instance->id)),
$editactionurl,
new pix_icon('t/edit', $str, 'moodle', array('class' => 'iconsmall', 'title' => '')),
$str,
array('class' => 'editing_edit')
@ -1346,8 +1348,10 @@ class block_manager {
if ($this->user_can_delete_block($block)) {
// Delete icon.
$str = new lang_string('deleteblock', 'block', $blocktitle);
$deleteactionurl = new moodle_url($actionurl, ['bui_deleteid' => $block->instance->id]);
$deleteactionurl->remove_params(['sesskey']);
$controls[] = new action_menu_link_secondary(
new moodle_url($actionurl, array('bui_deleteid' => $block->instance->id)),
$deleteactionurl,
new pix_icon('t/delete', $str, 'moodle', array('class' => 'iconsmall', 'title' => '')),
$str,
array('class' => 'editing_delete')
@ -1497,7 +1501,6 @@ class block_manager {
return false;
}
require_sesskey();
$block = $this->page->blocks->find_instance($blockid);
if (!$this->user_can_delete_block($block)) {
throw new moodle_exception('nopermissions', '', $this->page->url->out(), get_string('deleteablock'));
@ -1563,6 +1566,8 @@ class block_manager {
// Make sure that nothing else happens after we have displayed this form.
exit;
} else {
require_sesskey();
blocks_delete_instance($block->instance);
// bui_deleteid and bui_confirm should not be in the PAGE url.
$this->page->ensure_param_not_in_url('bui_deleteid');
@ -1616,7 +1621,6 @@ class block_manager {
return false;
}
require_sesskey();
require_once($CFG->dirroot . '/blocks/edit_form.php');
$block = $this->find_instance($blockid);