diff --git a/assets/less/confirm.less b/assets/less/confirm.less new file mode 100644 index 00000000..4a30ca44 --- /dev/null +++ b/assets/less/confirm.less @@ -0,0 +1,18 @@ +.confirm { + max-width: 400px; + margin: 0 auto; + + &__message { + padding: 2px 5px; + } + + &__buttons { + display: flex; + padding: 5px; + justify-content: center; + } + + &__button { + margin-right: 5px; + } +} diff --git a/assets/less/main.less b/assets/less/main.less index b5fa9367..040ee141 100644 --- a/assets/less/main.less +++ b/assets/less/main.less @@ -161,6 +161,7 @@ html { @import "header"; @import "footer"; @import "permissions"; +@import "confirm"; // Main page styling @import "home"; diff --git a/public/index.php b/public/index.php index 08eb688d..49951bce 100644 --- a/public/index.php +++ b/public/index.php @@ -2,6 +2,7 @@ namespace Misuzu; use Misuzu\Http\HttpServerRequestMessage; +use Misuzu\Http\Filters\Filter; use Misuzu\Http\Handlers\Handler; use Misuzu\Http\Routing\Router; use Misuzu\Http\Routing\Route; @@ -20,6 +21,9 @@ $router->addRoutes( Route::get('/info', Handler::call('index@InfoHandler')), Route::get('/info/([A-Za-z0-9_/]+)', true, Handler::call('page@InfoHandler')), + // Forum + Route::create(['GET', 'POST'], '/forum/mark-as-read', Handler::call('markAsRead@ForumHandler')), + // Sock Chat Route::create(['GET', 'POST'], '/_sockchat.php', Handler::call('phpFile@SockChatHandler')), Route::get('/_sockchat/emotes', Handler::call('emotes@SockChatHandler')), diff --git a/src/Http/Filters/EnforceLoggedInFilter.php b/src/Http/Filters/EnforceLoggedInFilter.php new file mode 100644 index 00000000..5152d54a --- /dev/null +++ b/src/Http/Filters/EnforceLoggedInFilter.php @@ -0,0 +1,15 @@ +getMethod() !== 'GET' && $request->getMethod() !== 'DELETE') { + $token = $request->getBodyParam('_csrf'); + + if(empty($token) || !CSRF::validate($token)) + return new HttpResponseMessage(400); + } + + return null; + } +} diff --git a/src/Http/Handlers/ForumHandler.php b/src/Http/Handlers/ForumHandler.php new file mode 100644 index 00000000..d74369b5 --- /dev/null +++ b/src/Http/Handlers/ForumHandler.php @@ -0,0 +1,17 @@ +getMethod() === 'GET') { + $response->setTemplate('confirm', [ + 'message' => 'Are you sure you want to mark the entire forum as read?', + 'return' => url('forum-index'), + ]); + return; + } + + return 'now POSTing'; + } +} diff --git a/templates/confirm.twig b/templates/confirm.twig new file mode 100644 index 00000000..4b556883 --- /dev/null +++ b/templates/confirm.twig @@ -0,0 +1,22 @@ +{% extends 'master.twig' %} +{% from 'macros.twig' import container_title %} +{% from '_layout/input.twig' import input_csrf %} + +{% set title = title|default('Confirm your action') %} + +{% block content %} +
+ {{ container_title(' ' ~ title) }} + {{ input_csrf() }} + {% for name, value in params|default([]) %} + + {% endfor %} +
+ {{ message|default('Are you sure you w') }} +
+
+ + No +
+
+{% endblock %}