@Override
protected void processTemplate(Request request, Template template) throws RedirectException {
super.processTemplate(request, template);
- String postId = request.getHttpRequest().getParam("post", null);
- if (postId == null) {
- postId = request.getHttpRequest().getPartAsStringFailsafe("post", 36);
- }
- Post post = webInterface.core().getPost(postId);
- Sone currentSone = getCurrentSone(request.getToadletContext());
- if (!post.getSone().equals(currentSone)) {
- throw new RedirectException("noPermission.html");
- }
- if (request.getMethod() == Method.POST) {
+ if (request.getMethod() == Method.GET) {
+ String postId = request.getHttpRequest().getParam("post");
+ String returnPage = request.getHttpRequest().getParam("returnPage");
+ Post post = webInterface.core().getPost(postId);
+ template.set("post", post);
+ template.set("returnPage", returnPage);
+ return;
+ } else if (request.getMethod() == Method.POST) {
+ String postId = request.getHttpRequest().getPartAsStringFailsafe("post", 36);
+ String returnPage = request.getHttpRequest().getPartAsStringFailsafe("returnPage", 64);
+ Post post = webInterface.core().getPost(postId);
+ Sone currentSone = getCurrentSone(request.getToadletContext());
+ if (!post.getSone().equals(currentSone)) {
+ throw new RedirectException("noPermission.html");
+ }
if (request.getHttpRequest().isPartSet("confirmDelete")) {
currentSone.removePost(post);
+ throw new RedirectException(returnPage);
+ } else if (request.getHttpRequest().isPartSet("abortDelete")) {
+ throw new RedirectException(returnPage);
}
- throw new RedirectException("index.html");
+ template.set("post", post);
+ template.set("returnPage", returnPage);
}
}
<form method="post">
<input type="hidden" name="formPassword" value="<% formPassword|html>" />
+ <input type="hidden" name="returnPage" value="<% returnPage|html>" />
+ <input type="hidden" name="post" value="<% post.id|html>" />
<button type="submit" name="confirmDelete" value="1"><%= Page.DeletePost.Button.Yes|l10n|html></button>
- <button type="submit"><%= Page.DeletePost.Button.No|l10n|html></button>
+ <button type="submit" name="abortDelete" value="1"><%= Page.DeletePost.Button.No|l10n|html></button>
</form>
<%include include/tail.html>
</div>
<div class="status-line">
<div class="time"><a href="viewPost.html?post=<% post.id|html>"><% post.time|date format="MMM d, yyyy, HH:mm:ss"></a></div>
- <%if post.sone.current><div class="delete"><a href="deletePost.html?post=<% post.id|html>"><%= View.Post.DeleteLink|l10n|html></a></div><%/if>
+ <%if post.sone.current>
+ <form class="delete" action="deletePost.html" method="post">
+ <input type="hidden" name="formPassword" value="<% formPassword|html>" />
+ <input type="hidden" name="returnPage" value="<% request.uri|html>" />
+ <input type="hidden" name="post" value="<% post.id|html>" />
+ <button type="submit"><%= View.Post.DeleteLink|l10n|html></button>
+ </form>
+ <%/if>
</div>
<div class="replies">
<%foreach post.replies reply>
projects / Sone.git / commitdiff