mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-07-27 09:20:36 +02:00
Code Issues Projects Releases Wiki Activity

MDL-69807 blocks: remove redundant sesskey loading edit/delete page.

Browse Source
This commit is contained in:
Paul Holden
2020-10-16 14:54:25 +01:00
parent 149fdcf075
commit fdd5aef039
1 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/blocklib.php
View File

@@ -1282,8 +1282,10 @@ class block_manager {
if ($this->page->user_can_edit_blocks() || $block->user_can_edit()) { if ($this->page->user_can_edit_blocks() || $block->user_can_edit()) {
// Edit config icon - always show - needed for positioning UI. // Edit config icon - always show - needed for positioning UI.
$str = new lang_string('configureblock', 'block', $blocktitle); $str = new lang_string('configureblock', 'block', $blocktitle);
$editactionurl = new moodle_url($actionurl, ['bui_editid' => $block->instance->id]);
$editactionurl->remove_params(['sesskey']);
$controls[] = new action_menu_link_secondary( $controls[] = new action_menu_link_secondary(
new moodle_url($actionurl, array('bui_editid' => $block->instance->id)), $editactionurl,
new pix_icon('t/edit', $str, 'moodle', array('class' => 'iconsmall', 'title' => '')), new pix_icon('t/edit', $str, 'moodle', array('class' => 'iconsmall', 'title' => '')),
$str, $str,
array('class' => 'editing_edit') array('class' => 'editing_edit')
@@ -1346,8 +1348,10 @@ class block_manager {
if ($this->user_can_delete_block($block)) { if ($this->user_can_delete_block($block)) {
// Delete icon. // Delete icon.
$str = new lang_string('deleteblock', 'block', $blocktitle); $str = new lang_string('deleteblock', 'block', $blocktitle);
$deleteactionurl = new moodle_url($actionurl, ['bui_deleteid' => $block->instance->id]);
$deleteactionurl->remove_params(['sesskey']);
$controls[] = new action_menu_link_secondary( $controls[] = new action_menu_link_secondary(
new moodle_url($actionurl, array('bui_deleteid' => $block->instance->id)), $deleteactionurl,
new pix_icon('t/delete', $str, 'moodle', array('class' => 'iconsmall', 'title' => '')), new pix_icon('t/delete', $str, 'moodle', array('class' => 'iconsmall', 'title' => '')),
$str, $str,
array('class' => 'editing_delete') array('class' => 'editing_delete')
@@ -1497,7 +1501,6 @@ class block_manager {
return false; return false;
} }
require_sesskey();
$block = $this->page->blocks->find_instance($blockid); $block = $this->page->blocks->find_instance($blockid);
if (!$this->user_can_delete_block($block)) { if (!$this->user_can_delete_block($block)) {
throw new moodle_exception('nopermissions', '', $this->page->url->out(), get_string('deleteablock')); throw new moodle_exception('nopermissions', '', $this->page->url->out(), get_string('deleteablock'));
@@ -1563,6 +1566,8 @@ class block_manager {
// Make sure that nothing else happens after we have displayed this form. // Make sure that nothing else happens after we have displayed this form.
exit; exit;
} else { } else {
require_sesskey();
blocks_delete_instance($block->instance); blocks_delete_instance($block->instance);
// bui_deleteid and bui_confirm should not be in the PAGE url. // bui_deleteid and bui_confirm should not be in the PAGE url.
$this->page->ensure_param_not_in_url('bui_deleteid'); $this->page->ensure_param_not_in_url('bui_deleteid');
@@ -1616,7 +1621,6 @@ class block_manager {
return false; return false;
} }
require_sesskey();
require_once($CFG->dirroot . '/blocks/edit_form.php'); require_once($CFG->dirroot . '/blocks/edit_form.php');
$block = $this->find_instance($blockid); $block = $this->find_instance($blockid);