zydronium/neocities
1
0
Fork 0
mirror of https://github.com/neocities/neocities.git synced 2025-04-28 11:12:30 +02:00
Code Issues Projects Releases Packages Wiki Activity

site profile: no csrf/flash unless signed in

Browse source
This commit is contained in:
Kyle Drake 2025-04-26 17:34:34 -05:00
parent 380bd5f484
commit 369f1655a9
2 changed files with 69 additions and 65 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

84
views/_tags.erb
View file

@ -19,45 +19,47 @@
<% end %>
<% end %>
<div class="modal hide" id="addTag" tabindex="-1" role="dialog" aria-labelledby="addTagLabel" aria-hidden="true">
<form method="POST" action="/tags/add">
<input type="hidden" value="<%= csrf_token %>" name="csrf_token">
<div class="modal-header">
<button class="close" type="button" data-dismiss="modal" aria-hidden="true"><i class="fa fa-times"></i></button>
<h3 id="addTagLabel">Add a Tag</h3>
</div>
<div class="modal-body">
<p>
A tag can only be a single word, and can only contain letters and numbers.
</p>
<input type="text" name="tags" class="typeahead">
</div>
<div class="modal-footer">
<button class="btn cancel" data-dismiss="modal" aria-hidden="true">Cancel</button>
<button type="submit" class="btn-Action">Add Tag</button>
</div>
</form>
</div>
<% if current_site && current_site == site %>
<div class="modal hide" id="addTag" tabindex="-1" role="dialog" aria-labelledby="addTagLabel" aria-hidden="true">
<form method="POST" action="/tags/add">
<input type="hidden" value="<%= csrf_token %>" name="csrf_token">
<div class="modal-header">
<button class="close" type="button" data-dismiss="modal" aria-hidden="true"><i class="fa fa-times"></i></button>
<h3 id="addTagLabel">Add a Tag</h3>
</div>
<div class="modal-body">
<p>
A tag can only be a single word, and can only contain letters and numbers.
</p>
<input type="text" name="tags" class="typeahead">
</div>
<div class="modal-footer">
<button class="btn cancel" data-dismiss="modal" aria-hidden="true">Cancel</button>
<button type="submit" class="btn-Action">Add Tag</button>
</div>
</form>
</div>
<div class="modal hide" id="removeTag" tabindex="-1" role="dialog" aria-labelledby="removeTagLabel" aria-hidden="true">
<form method="POST" action="/tags/remove">
<input type="hidden" value="<%= csrf_token %>" name="csrf_token">
<div class="modal-header">
<button class="close" type="button" data-dismiss="modal" aria-hidden="true"><i class="fa fa-times"></i></button>
<h3 id="removeTagLabel">Remove Tags</h3>
</div>
<div class="modal-body">
<p>
Select the tags you would like to remove:
</p>
<% site.tags.each do |tag| %>
<input name="tags[]" type="checkbox" value="<%= tag.name %>"> <%= tag.name %>
<br>
<% end %>
</div>
<div class="modal-footer">
<button class="btn cancel" data-dismiss="modal" aria-hidden="true">Cancel</button>
<button type="submit" class="btn-Action">Remove Tag(s)</button>
</div>
</form>
</div>
<div class="modal hide" id="removeTag" tabindex="-1" role="dialog" aria-labelledby="removeTagLabel" aria-hidden="true">
<form method="POST" action="/tags/remove">
<input type="hidden" value="<%= csrf_token %>" name="csrf_token">
<div class="modal-header">
<button class="close" type="button" data-dismiss="modal" aria-hidden="true"><i class="fa fa-times"></i></button>
<h3 id="removeTagLabel">Remove Tags</h3>
</div>
<div class="modal-body">
<p>
Select the tags you would like to remove:
</p>
<% site.tags.each do |tag| %>
<input name="tags[]" type="checkbox" value="<%= tag.name %>"> <%= tag.name %>
<br>
<% end %>
</div>
<div class="modal-footer">
<button class="btn cancel" data-dismiss="modal" aria-hidden="true">Cancel</button>
<button type="submit" class="btn-Action">Remove Tag(s)</button>
</div>
</form>
</div>
<% end %>

50
views/site.erb
View file

@ -1,5 +1,5 @@
<div class="header-Outro with-site-image">
<% if flash.keys.length > 0 %>
<% if current_site && flash.keys.length > 0 %>
<div class="row content">
<div class="alert txt-Center">
<% flash.keys.each do |key| %>
@ -90,28 +90,30 @@
</div></div>
</div>
<div class="modal hide" id="block" tabindex="-1" role="dialog" aria-labelledby="blockLabel" aria-hidden="true">
<form method="POST" action="/site/<%= site.username %>/block">
<input type="hidden" value="<%= csrf_token %>" name="csrf_token">
<div class="modal-header">
<button class="close" type="button" data-dismiss="modal" aria-hidden="true"><i class="fa fa-times"></i></button>
<h3 id="blockLabel">Block Site</h3>
</div>
<div class="modal-body">
<p>You are going to block this site. This will do the following:</p>
<% if current_site %>
<div class="modal hide" id="block" tabindex="-1" role="dialog" aria-labelledby="blockLabel" aria-hidden="true">
<form method="POST" action="/site/<%= site.username %>/block">
<input type="hidden" value="<%= csrf_token %>" name="csrf_token">
<div class="modal-header">
<button class="close" type="button" data-dismiss="modal" aria-hidden="true"><i class="fa fa-times"></i></button>
<h3 id="blockLabel">Block Site</h3>
</div>
<div class="modal-body">
<p>You are going to block this site. This will do the following:</p>
<ul>
<li>You will no longer see this site in searches.</li>
<li>Site will no longer see your site in searches.</li>
<li>Site will not be able to comment on your site profile.</li>
<li>Any comments this site has posted to your profile will not be displayed.</li>
</ul>
<ul>
<li>You will no longer see this site in searches.</li>
<li>Site will no longer see your site in searches.</li>
<li>Site will not be able to comment on your site profile.</li>
<li>Any comments this site has posted to your profile will not be displayed.</li>
</ul>
<p>Are you sure you want to do this?</p>
</div>
<div class="modal-footer">
<button class="btn cancel" data-dismiss="modal" aria-hidden="true">Cancel</button>
<button type="submit" class="btn-Action">Block Site</button>
</div>
</form>
</div>
<p>Are you sure you want to do this?</p>
</div>
<div class="modal-footer">
<button class="btn cancel" data-dismiss="modal" aria-hidden="true">Cancel</button>
<button type="submit" class="btn-Action">Block Site</button>
</div>
</form>
</div>
<% end %>