mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-01 03:02:43 +01:00
d817dfa8fc
Summary: Found by `sgrep_php -e '"...".phutil_escape_html(...)'`. Test Plan: / /D1 /uiexample/ /countdown/1/ /herald/transcript/1/all/ Reviewers: epriestley Reviewed By: epriestley CC: aran, Korvin Maniphest Tasks: T2432 Differential Revision: https://secure.phabricator.com/D4869
46 lines
1.1 KiB
PHP
46 lines
1.1 KiB
PHP
<?php
|
|
|
|
/**
|
|
* @group maniphest
|
|
*/
|
|
final class ManiphestSavedQueryDeleteController extends ManiphestController {
|
|
|
|
private $id;
|
|
|
|
public function willProcessRequest(array $data) {
|
|
$this->id = $data['id'];
|
|
}
|
|
|
|
public function processRequest() {
|
|
$request = $this->getRequest();
|
|
$user = $request->getUser();
|
|
|
|
$id = $this->id;
|
|
$query = id(new ManiphestSavedQuery())->load($id);
|
|
if (!$query) {
|
|
return new Aphront404Response();
|
|
}
|
|
if ($query->getUserPHID() != $user->getPHID()) {
|
|
return new Aphront400Response();
|
|
}
|
|
|
|
if ($request->isDialogFormPost()) {
|
|
$query->delete();
|
|
return id(new AphrontRedirectResponse())->setURI('/maniphest/custom/');
|
|
}
|
|
|
|
$name = $query->getName();
|
|
|
|
$dialog = id(new AphrontDialogView())
|
|
->setUser($user)
|
|
->setTitle('Really delete this query?')
|
|
->appendChild(hsprintf(
|
|
'<p>Really delete the query "%s"? It will be lost forever!</p>',
|
|
$name))
|
|
->addCancelButton('/maniphest/custom/')
|
|
->addSubmitButton('Delete');
|
|
|
|
return id(new AphrontDialogResponse())->setDialog($dialog);
|
|
}
|
|
|
|
}
|