From 9e9384903c0d4fd5dacfa32f05edb7d1e8572463 Mon Sep 17 00:00:00 2001
From: David Siegfried <ds.siegfried@gmail.com>
Date: Thu, 30 Nov 2023 16:22:28 +0100
Subject: cleanup, re #2660

---
 app/controllers/admin/login_faq.php      | 44 +++++++---------
 app/controllers/admin/loginstyle.php     | 86 ++++++++++++--------------------
 app/views/admin/login_style/edit_faq.php | 10 +++-
 app/views/admin/login_style/index.php    | 78 ++++++++++++++++-------------
 4 files changed, 101 insertions(+), 117 deletions(-)

diff --git a/app/controllers/admin/login_faq.php b/app/controllers/admin/login_faq.php
index e03dabb..611277f 100644
--- a/app/controllers/admin/login_faq.php
+++ b/app/controllers/admin/login_faq.php
@@ -10,6 +10,7 @@
  */
 class Admin_LoginFaqController extends AuthenticatedController
 {
+    protected $_autobind = true;
     public function before_filter(&$action, &$args)
     {
         if ($action === 'add') {
@@ -29,45 +30,35 @@ class Admin_LoginFaqController extends AuthenticatedController
     }
 
 
-    public function edit_action()
+    public function edit_action(LoginFaq $entry = null)
     {
-        $id = Request::get('entry_id') ?: null;
-        $this->entry = new LoginFaq($id);
-
         PageLayout::setTitle(
-            $this->entry->isNew() ? _('Hilfetext hinzufügen') : _('Hilfetext bearbeiten')
+            $entry->isNew() ? _('Hilfetext hinzufügen') : _('Hilfetext bearbeiten')
         );
-
     }
 
-    public function store_action()
+    public function store_action(LoginFaq $entry = null)
     {
-        if (Request::isPost()) {
-            CSRFProtection::verifyRequest();
-            $id = Request::get('id') ?: null; // Convert possible empty string to null
-            $entry = new LoginFaq($id);
-            $entry->id = Request::get('id');
-            $entry->title = Request::get('title');
-            $entry->description = Request::get('description');
+        CSRFProtection::verifyRequest();
+        $entry->setData([
+            'title' => Request::get('title'),
+            'description' => Request::get('description'),
+        ]);
 
-            if ($entry->store()) {
-                PageLayout::postSuccess(_('Hilfetext wurde gespeichert.'));
-                $this->redirect('admin/login_faq/index');
-            }
+        if ($entry->store()) {
+            PageLayout::postSuccess(_('Hilfetext wurde gespeichert.'));
         }
+        $this->redirect($this->indexURL());
     }
 
     public function delete_action($faq_entry_id)
     {
         CSRFProtection::verifyRequest();
 
-        LoginFaq::deleteBySQL('faq_id = ?', [$faq_entry_id]);
-        PageLayout::postSuccess(sprintf(
-            _("Der Hilfetext wurde gelöscht."), htmlReady(Request::get("id"))
-        ));
-
-        $redirect_url = $this->url_for('admin/login_faq/index');
-        $this->relocate($redirect_url);
+        if (LoginFaq::deleteBySQL('faq_id = ?', [$faq_entry_id])) {
+            PageLayout::postSuccess(_("Der Hilfetext wurde gelöscht."));
+        }
+        $this->relocate($this->indexURL());
     }
 
     protected function setupSidebar()
@@ -75,10 +66,9 @@ class Admin_LoginFaqController extends AuthenticatedController
         $actions = new ActionsWidget();
         $actions->addLink(
             _('Hilfetext hinzufügen'),
-            $this->url_for('admin/login_faq/add'),
+            $this->edit_URL(),
             Icon::create('add')
         )->asDialog();
         Sidebar::get()->addWidget($actions);
-
     }
 }
diff --git a/app/controllers/admin/loginstyle.php b/app/controllers/admin/loginstyle.php
index 71e68c5..6358d26 100644
--- a/app/controllers/admin/loginstyle.php
+++ b/app/controllers/admin/loginstyle.php
@@ -11,6 +11,7 @@
 
 class Admin_LoginStyleController extends AuthenticatedController
 {
+    protected $_autobind = true;
     /**
      * common tasks for all actions
      *
@@ -19,25 +20,18 @@ class Admin_LoginStyleController extends AuthenticatedController
      */
     public function before_filter(&$action, &$args)
     {
-
-        if ($action === 'add_faq') {
-            $action = 'edit_faq';
-        }
-
         parent::before_filter($action, $args);
 
-        // user must have root permission
         $GLOBALS['perm']->check('root');
 
         //setting title and navigation
         PageLayout::setTitle(_('Hintergrundbilder für den Startbildschirm'));
         Navigation::activateItem('/admin/locations/loginstyle');
 
-        $sidebar = Sidebar::get();
         $views = new ViewsWidget();
         $views->addLink(
             _('Bilder'),
-            $this->url_for('admin/loginstyle')
+            $this->indexURL()
         )->setActive($action === 'index');
 
         $views->addLink(
@@ -45,9 +39,7 @@ class Admin_LoginStyleController extends AuthenticatedController
             $this->url_for('admin/loginstyle/login_faq')
         )->setActive($action === 'login_faq');
 
-        $sidebar->addWidget($views);
-
-
+        Sidebar::Get()->addWidget($views);
     }
 
     /**
@@ -116,15 +108,16 @@ class Admin_LoginStyleController extends AuthenticatedController
                 $fail
             ), $fail));
         }
-        $this->relocate('admin/loginstyle');
+        $this->relocate($this->indexURL());
     }
 
     /**
      * Deletes the given picture.
-     * @param $id the picture to delete
+     * @param string $id the picture to delete
      */
     public function delete_pic_action($id)
     {
+        CSRFProtection::tokenTag();
         $pic = LoginBackground::find($id);
         if ($pic->in_release) {
             PageLayout::postError(_('Dieses Bild wird vom System mitgeliefert und kann daher nicht gelöscht werden.'));
@@ -134,17 +127,18 @@ class Admin_LoginStyleController extends AuthenticatedController
             PageLayout::postError(_('Das Bild konnte nicht gelöscht werden.'));
         }
 
-        $this->relocate('admin/loginstyle');
+        $this->relocate($this->indexURL());
     }
 
     /**
      * (De-)activate the given picture for given view.
-     * @param $id the picture to change activation for
-     * @param $view one of 'desktop', 'mobile', view to (de-) activate picture for
-     * @param $newStatus new activation status for given view.
+     * @param string $id the picture to change activation for
+     * @param string $view one of 'desktop', 'mobile', view to (de-) activate picture for
+     * @param string $newStatus new activation status for given view.
      */
     public function activation_action($id, $view, $newStatus)
     {
+        CSRFProtection::tokenTag();
         $pic = LoginBackground::find($id);
         $pic->$view = $newStatus;
         if ($pic->store()) {
@@ -161,52 +155,44 @@ class Admin_LoginStyleController extends AuthenticatedController
      */
     public function login_faq_action()
     {
-
         PageLayout::setTitle(_('Hinweise zum Login für den Startbildschirm'));
 
         $this->setSidebar('login_faq');
         $this->faq_entries = LoginFaq::findBySql('1');
     }
 
-    public function edit_faq_action()
+    public function edit_faq_action(LoginFaq $entry = null)
     {
-        $id = Request::get('entry_id') ?: null;
-        $this->entry = new LoginFaq($id);
-
         PageLayout::setTitle(
-            $this->entry->isNew() ? _('Hilfetext hinzufügen') : _('Hilfetext bearbeiten')
+            $entry->isNew() ? _('Hilfetext hinzufügen') : _('Hilfetext bearbeiten')
         );
-
     }
 
-    public function store_faq_action()
+    public function store_faq_action(LoginFaq $entry = null)
     {
-        if (Request::isPost()) {
-            CSRFProtection::verifyRequest();
-            $id = Request::get('id') ?: null; // Convert possible empty string to null
-            $entry = new LoginFaq($id);
-            $entry->id = Request::get('id');
-            $entry->title = Request::get('title');
-            $entry->description = Request::get('description');
-
-            $entry->store();
-            PageLayout::postSuccess(_('Hilfetext wurde gespeichert.'));
-            $this->relocate('admin/loginstyle/login_faq');
+        CSRFProtection::verifyRequest();
 
+        $entry->setData([
+            'title' => Request::get('title'),
+            'description' => Request::get('description'),
+        ]);
+
+        if ($entry->store()) {
+            PageLayout::postSuccess(_('Hilfetext wurde gespeichert.'));
         }
+
+        $this->relocate($this->login_faqURL());
     }
 
     public function delete_faq_action($faq_entry_id)
     {
         CSRFProtection::verifyRequest();
 
-        LoginFaq::deleteBySQL('faq_id = ?', [$faq_entry_id]);
-        PageLayout::postSuccess(sprintf(
-            _("Der Hilfetext wurde gelöscht."), htmlReady(Request::get("id"))
-        ));
+        if (LoginFaq::deleteBySQL('faq_id = ?', [$faq_entry_id])) {
+            PageLayout::postSuccess(_('Der Hilfetext wurde gelöscht'));
+        }
 
-        $redirect_url = $this->url_for('admin/loginstyle/login_faq');
-        $this->relocate($redirect_url);
+        $this->relocate($this->login_faqURL());
     }
 
     /**
@@ -214,29 +200,21 @@ class Admin_LoginStyleController extends AuthenticatedController
      */
     protected function setSidebar($action)
     {
-        $sidebar = Sidebar::get();
 
         $links = new ActionsWidget();
-
         if ($action === 'index') {
             $links->addLink(
                 _('Bild hinzufügen'),
-                $this->url_for('admin/loginstyle/newpic'),
-                Icon::create('add', 'clickable')
+                $this->newpicURL(),
+                Icon::create('add')
             )->asDialog('size=auto');
         } else if ($action === 'login_faq') {
             $links->addLink(
                 _('Hilfetext hinzufügen'),
-                $this->url_for('admin/loginstyle/add_faq'),
+                $this->add_faqURL(),
                 Icon::create('add')
             )->asDialog();
-
         }
-
-
-
-
-        $sidebar->addWidget($links);
-
+        Sidebar::get()->addWidget($links);
     }
 }
diff --git a/app/views/admin/login_style/edit_faq.php b/app/views/admin/login_style/edit_faq.php
index 5308dbb..768434e 100644
--- a/app/views/admin/login_style/edit_faq.php
+++ b/app/views/admin/login_style/edit_faq.php
@@ -1,4 +1,10 @@
-<form action="<?= $controller->link_for("admin/loginstyle/store_faq", ['id' => $entry->getId()]) ?>"
+<?php
+/**
+ * @var Admin_LoginStyleController $controller
+ * @var LoginFaq $entry
+ */
+?>
+<form action="<?= $controller->store_faq($entry) ?>"
       method="post"
       enctype="multipart/form-data"
       class="default">
@@ -15,7 +21,7 @@
     </label>
 
     <div data-dialog-button>
-        <?= \Studip\Button::create(_("Speichern")) ?>
+        <?= \Studip\Button::create(_('Speichern')) ?>
     </div>
 
 </form>
diff --git a/app/views/admin/login_style/index.php b/app/views/admin/login_style/index.php
index 405a2fb..24c0b70 100644
--- a/app/views/admin/login_style/index.php
+++ b/app/views/admin/login_style/index.php
@@ -4,28 +4,31 @@
  * @var Admin_LoginStyleController $controller
  */
 ?>
-<? if (count($pictures) > 0) : ?>
+<form method="post">
+    <?= CSRFProtection::tokenTag(); ?>
+
+    <? if (count($pictures) > 0) : ?>
     <table class="default">
         <caption>
             <?= _('Hintergrundbilder für den Startbildschirm') ?>
         </caption>
         <colgroup>
             <col>
-            <col width="400">
-            <col width="100">
-            <col width="25">
+            <col style="width: 400px">
+            <col style="width: 100px">
+            <col style="width: 25px">
         </colgroup>
         <thead>
-            <tr>
-                <th><?= _('Info') ?></th>
-                <th><?= _('Vorschau') ?></th>
-                <th><?= _('Aktiviert für') ?></th>
-                <th><?= _('Aktionen') ?></th>
-            </tr>
+        <tr>
+            <th><?= _('Info') ?></th>
+            <th><?= _('Vorschau') ?></th>
+            <th><?= _('Aktiviert für') ?></th>
+            <th><?= _('Aktionen') ?></th>
+        </tr>
         </thead>
         <? foreach ($pictures as $pic) :
             $dim = $pic->getDimensions();
-        ?>
+            ?>
             <tr>
                 <td>
                     <?= htmlReady($pic->filename) ?>
@@ -37,34 +40,41 @@
                     <img src="<?= $pic->getURL() ?>" width="400">
                 </td>
                 <td>
-                    <a href="<?= $controller->link_for("admin/loginstyle/activation/{$pic->id}/desktop", (int) !$pic->desktop) ?>">
-                        <?= Icon::create('computer', $pic->desktop ? Icon::ROLE_CLICKABLE : Icon::ROLE_INACTIVE)->asImg(32, [
-                            'title' => $pic->desktop
-                                     ? _('Bild nicht mehr für die Desktopansicht verwenden')
-                                     : _('Bild für die Desktopansicht verwenden')
-                        ]) ?>
-                    </a>
-                    <a href="<?= $controller->link_for("admin/loginstyle/activation/{$pic->id}/mobile", (int) !$pic->mobile) ?>">
-                        <?= Icon::create('cellphone', $pic->mobile ? Icon::ROLE_CLICKABLE : Icon::ROLE_INACTIVE)->asImg(32, [
+                    <?= Icon::create('computer', $pic->desktop ? Icon::ROLE_CLICKABLE : Icon::ROLE_INACTIVE)->asInput(
+                        32,
+                        [
+                            'title' => $pic->mobile
+                                ? _('Bild nicht mehr für die Mobilansicht verwenden')
+                                : _('Bild für die Mobilansicht verwenden'),
+                            'formaction' => $controller->activationURL($pic->id, 'desktop', (int) !$pic->desktop)
+                        ]
+                    )?>
+
+                    <?= Icon::create('cellphone', $pic->mobile ? Icon::ROLE_CLICKABLE : Icon::ROLE_INACTIVE)->asInput(
+                        32,
+                        [
                             'title' => $pic->mobile
-                                     ? _('Bild nicht mehr für die Mobilansicht verwenden')
-                                     : _('Bild für die Mobilansicht verwenden')
-                        ]) ?>
-                    </a>
+                                ? _('Bild nicht mehr für die Mobilansicht verwenden')
+                                : _('Bild für die Mobilansicht verwenden'),
+                            'formaction' => $controller->activationURL($pic->id, 'mobile', (int) !$pic->mobile)
+                        ]
+                    )?>
                 </td>
                 <td class="actions">
-                <? if (!$pic->in_release): ?>
-                    <a href="<?= $controller->link_for("admin/loginstyle/delete_pic/{$pic->id}") ?>">
-                        <?= Icon::create('trash')->asImg([
-                            'title'        => _('Bild löschen'),
-                            'data-confirm' => _('Soll das Bild wirklich gelöscht werden?'),
-                        ]) ?>
-                    </a>
-                <? endif; ?>
+                    <? if (!$pic->in_release): ?>
+                        <?= Icon::create('trash')->asInput(
+                            [
+                                'title'        => _('Bild löschen'),
+                                'data-confirm' => _('Soll das Bild wirklich gelöscht werden?'),
+                                'formaction' => $controller->delete_picURL($pic->id)
+                            ]
+                        )?>
+                    <? endif ?>
                 </td>
             </tr>
         <? endforeach ?>
     </table>
-<? else : ?>
+    <? else : ?>
     <?= MessageBox::info(_('In Ihrem System sind leider keine Bilder für den Startbildschirm hinterlegt.')) ?>
-<? endif ?>
+    <? endif ?>
+</form>
-- 
cgit v1.0