diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2014-10-20 21:55:36 -0500 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2014-10-20 21:55:36 -0500 |
| commit | 293d64e12268e2829918fc0bc7cfbc06bb4de9f2 (patch) | |
| tree | 675a78b37dee4400771645c2c598393b5202c687 | |
| parent | afada9ed409ca7abdb2dc95c10d1cac3aacf86a6 (diff) | |
| download | forums-293d64e12268e2829918fc0bc7cfbc06bb4de9f2.tar forums-293d64e12268e2829918fc0bc7cfbc06bb4de9f2.tar.gz forums-293d64e12268e2829918fc0bc7cfbc06bb4de9f2.tar.bz2 forums-293d64e12268e2829918fc0bc7cfbc06bb4de9f2.tar.xz forums-293d64e12268e2829918fc0bc7cfbc06bb4de9f2.zip | |
[ticket/13189] Do not use confirm box for marking all notifications read
We already use a token for preventing CSRF when marking notifications read.
Making a user confirm the marking read action serves no real purpose. No
information will be lost by just marking the notifications read but it will
prevent users from always having to confirm this action.
PHPBB3-13189
| -rw-r--r-- | phpBB/includes/ucp/ucp_notifications.php | 38 | ||||
| -rw-r--r-- | tests/functional/notification_test.php | 2 |
2 files changed, 14 insertions, 26 deletions
diff --git a/phpBB/includes/ucp/ucp_notifications.php b/phpBB/includes/ucp/ucp_notifications.php index 5691302b83..b0aeaba227 100644 --- a/phpBB/includes/ucp/ucp_notifications.php +++ b/phpBB/includes/ucp/ucp_notifications.php @@ -95,35 +95,25 @@ class ucp_notifications case 'notification_list': default: // Mark all items read - if ($request->variable('mark', '') == 'all' && (confirm_box(true) || check_link_hash($request->variable('token', ''), 'mark_all_notifications_read'))) + if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_notifications_read')) { - if (confirm_box(true)) - { - $phpbb_notifications->mark_notifications_read(false, false, $user->data['user_id'], $form_time); - - meta_refresh(3, $this->u_action); - $message = $user->lang['NOTIFICATIONS_MARK_ALL_READ_SUCCESS']; + $phpbb_notifications->mark_notifications_read(false, false, $user->data['user_id'], $form_time); - if ($request->is_ajax()) - { - $json_response = new \phpbb\json_response(); - $json_response->send(array( - 'MESSAGE_TITLE' => $user->lang['INFORMATION'], - 'MESSAGE_TEXT' => $message, - 'success' => true, - )); - } - $message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>'); + meta_refresh(3, $this->u_action); + $message = $user->lang['NOTIFICATIONS_MARK_ALL_READ_SUCCESS']; - trigger_error($message); - } - else + if ($request->is_ajax()) { - confirm_box(false, 'NOTIFICATIONS_MARK_ALL_READ', build_hidden_fields(array( - 'mark' => 'all', - 'form_time' => $form_time, - ))); + $json_response = new \phpbb\json_response(); + $json_response->send(array( + 'MESSAGE_TITLE' => $user->lang['INFORMATION'], + 'MESSAGE_TEXT' => $message, + 'success' => true, + )); } + $message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>'); + + trigger_error($message); } // Mark specific notifications read diff --git a/tests/functional/notification_test.php b/tests/functional/notification_test.php index 667d268b1e..ec03f7a6a4 100644 --- a/tests/functional/notification_test.php +++ b/tests/functional/notification_test.php @@ -82,8 +82,6 @@ class phpbb_functional_notification_test extends phpbb_functional_test_case // Get form token $link = $crawler->selectLink($this->lang('NOTIFICATIONS_MARK_ALL_READ'))->link()->getUri(); $crawler = self::request('GET', substr($link, strpos($link, 'ucp.'))); - $form = $crawler->selectButton($this->lang('YES'))->form(); - $crawler = self::submit($form); $this->assertEquals(0, $crawler->filter('#notification_list_button strong')->text()); } } |