Use a POST form to delete posts.

[Sone.git] / src / main / resources / templates / include / viewPost.html

diff --git a/src/main/resources/templates/include/viewPost.html b/src/main/resources/templates/include/viewPost.html
index c40047d..8d1f8ce 100644 (file)
--- a/src/main/resources/templates/include/viewPost.html
+++ b/src/main/resources/templates/include/viewPost.html
@@ -5,7 +5,14 @@
        </div>
        <div class="status-line">
                <div class="time"><a href="viewPost.html?post=<% post.id|html>"><% post.time|date format="MMM d, yyyy, HH:mm:ss"></a></div>
-               <%if post.sone.current><div class="delete"><a href="deletePost.html?post=<% post.id|html>"><%= View.Post.DeleteLink|l10n|html></a></div><%/if>
+               <%if post.sone.current>
+                       <form class="delete" action="deletePost.html" method="post">
+                               <input type="hidden" name="formPassword" value="<% formPassword|html>" />
+                               <input type="hidden" name="returnPage" value="<% request.uri|html>" />
+                               <input type="hidden" name="post" value="<% post.id|html>" />
+                               <button type="submit"><%= View.Post.DeleteLink|l10n|html></button>
+                       </form>
+               <%/if>
        </div>
        <div class="replies">
                <%foreach post.replies reply>