redirect after posting in noticeboard to counter repost with F5

This commit is contained in:
Savetheinternet 2011-07-30 15:56:57 +10:00
parent 9076118d00
commit dcba7462d6

View File

@ -488,8 +488,7 @@
$body = '';
if($mod['type'] >= $config['mod']['noticeboard_post']) {
if(isset($_POST['subject']) && isset($_POST['body']) && !empty($_POST['body'])) {
if(hasPermission($config['mod']['noticeboard_post']) && isset($_POST['subject']) && isset($_POST['body']) && !empty($_POST['body'])) {
$query = prepare("INSERT INTO `noticeboard` VALUES (NULL, :mod, :time, :subject, :body)");
$query->bindValue(':mod', $mod['id'], PDO::PARAM_INT);
$query->bindvalue(':time', time(), PDO::PARAM_INT);
@ -498,8 +497,11 @@
markup($_POST['body']);
$query->bindValue(':body', $_POST['body']);
$query->execute() or error(db_error($query));
}
header('Location: ?/noticeboard', true, $config['redirect_http']);
} else {
if(hasPermission($config['mod']['noticeboard_post'])) {
$body .= '<fieldset><legend>New post</legend><form style="display:inline" action="" method="post"><table>' .
'<tr>' .
'<th><label for="subject">Name</label></th>' .
@ -552,6 +554,7 @@
'mod'=>true
)
);
}
} elseif(preg_match('/^\/news\/delete\/(\d+)$/', $query, $match)) {
if(!hasPermission($config['mod']['noticeboard_delete'])) error($config['error']['noaccess']);