From: x99bachelart Date: Tue, 9 Sep 2003 23:48:22 +0000 (+0000) Subject: refresh-post protection X-Git-Tag: 1.8~416 X-Git-Url: http://git.polytechnique.org/?a=commitdiff_plain;ds=sidebyside;h=25d27cb73ea48a9cd75316fd96b125d8e0446835;p=banana.git refresh-post protection --- diff --git a/install.d/session.inc.php b/install.d/session.inc.php index 8925b89..485315d 100644 --- a/install.d/session.inc.php +++ b/install.d/session.inc.php @@ -28,4 +28,19 @@ if (!isset($_SESSION['profile']) && (!isset($_POST['action']) || $_SESSION['displaytype'] = $_POST['displaytype']; $_SESSION['profile'] = true; } + +// refresh-post protection +$sname = $_SERVER['SCRIPT_NAME']; +$array = explode('/',$sname); +$sname = array_pop($array); +unset($array); +switch ($sname) { + case "thread.php": + if (!isset($_SESSION['bananapostok'])) + $_SESSION['bananapostok']=true; + break; + default: + $_SESSION['bananapostok']=true; + break; +} ?> diff --git a/thread.php b/thread.php index f289fc0..abade85 100644 --- a/thread.php +++ b/thread.php @@ -65,7 +65,8 @@ $first = (isset($_REQUEST['first'])? $last = (isset($_REQUEST['first'])? (floor($_REQUEST['first']/$max+1)*$max):$max); -if (isset($_REQUEST['action']) && (isset($_REQUEST['type']))) { +if (isset($_REQUEST['action']) && (isset($_REQUEST['type'])) && +(isset($_SESSION['bananapostok'])) && ($_SESSION['bananapostok'])) { switch ($_REQUEST['type']) { case 'cancel': $mid = array_search($id,$spool->ids); @@ -140,6 +141,7 @@ if (isset($_REQUEST['action']) && (isset($_REQUEST['type']))) { } break; } + $_SESSION['bananapostok']=false; $spool = new spool($mynntp,$group,$profile['display'], $profile['lastnews']); if (!$spool) {