15.203.137.73 - - [26/May/2010:15:41:28 +0300] "GET /photo/undefined HTTP/1.1" 200 2490 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9" 15.203.137.73 - - [26/May/2010:15:41:29 +0300] "GET /themes/exnews/js/jquery/development-bundle/themes/base/images/ui-bg_diagonals-thick_20_666666_40x40.png HTTP/1.1" 304 - "http://7est2.mqsto.com/themes/exnews/js/jquery/development-bundle/themes/base/jquery.ui.theme.css" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9" 15.203.137.73 - - [26/May/2010:15:41:29 +0300] "GET /themes/exnews/js/jquery/development-bundle/themes/base/images/ui-bg_gloss-wave_35_f6a828_500x100.png HTTP/1.1" 304 - "http://7est2.mqsto.com/themes/exnews/js/jquery/development-bundle/themes/base/jquery.ui.theme.css" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9" 15.203.137.73 - - [26/May/2010:15:41:29 +0300] "GET /themes/exnews/js/jquery/development-bundle/themes/base/images/ui-icons_ffffff_256x240.png HTTP/1.1" 304 - "http://7est2.mqsto.com/themes/exnews/js/jquery/development-bundle/themes/base/jquery.ui.theme.css" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9" 15.203.137.73 - - [26/May/2010:15:41:29 +0300] "GET /themes/exnews/js/jquery/development-bundle/themes/base/images/ui-bg_glass_100_fdf5ce_1x400.png HTTP/1.1" 304 - "http://7est2.mqsto.com/themes/exnews/js/jquery/development-bundle/themes/base/jquery.ui.theme.css" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9" 15.203.137.73 - - [26/May/2010:15:41:30 +0300] "GET /themes/exnews/js/jquery/development-bundle/themes/base/images/ui-icons_ef8c08_256x240.png HTTP/1.1" 304 - "http://7est2.mqsto.com/themes/exnews/js/jquery/development-bundle/themes/base/jquery.ui.theme.css" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9" 15.203.137.73 - - [26/May/2010:15:41:30 +0300] "GET /photo/delete.php?token=27653 HTTP/1.1" 200 2493 "http://7est2.mqsto.com/photo/27653" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9" Code (markup): Is there a way to submit the original form with the jQuery ? I think would be a lot easier
I think I know where the problem is: <input type="hidden" name="picture" id="delete-filename" value="<{$lang_del_pic}>" /> Code (markup): As the delete.php deletes not only picures, it should know what it deletes. this input up there tells it that it is a picture thas is being deleted. Here is a part from the delete.php: if (!isset($_GET['what']) && !isset($_POST['what']) && !isset($_POST['picture'])) { redirect_header('index.php',2,_MD_PARAM_MISSING); } if (!isset($_GET['what']) && !isset($_POST['what']) && isset($_POST['picture'])) { $what='picture'; } else { $what = isset($_GET['what']) ? $_GET['what'] : $_POST['what']; } switch ($what){ // // Album manager (don't necessarily delete something ;-) // case 'picture': if (!(USER_IS_ADMIN || USER_ADMIN_MODE)) redirect_header('index.php',2,_MD_ACCESS_DENIED); //$pid = (int)$_POST['id']; $pid = $_GET['token']; $out_caption = _MD_DEL_DELPIC; $aid = delete_picture($pid); $data = array(); $data[]= array('del_message' => '','pic_del'=>$del_pic); $continueURL = "thumbnails.php?album={$aid}"; $create_update=''; break; // // Album // case 'album': ......................... Code (markup): I did try this: $.getJSON('delete.php',{token:$('#delete-token').val(), what:$('#delete-filename').val()}, Code (markup): <input type="hidden" name="picture" id="delete-filename" value="picture" /> Code (markup): $pid = $_GET['token']; Code (markup): and it DELETED the files, all the files, this thumb, the normal, and the big images .. YEEEeeeeeeeeeeeeeeeeeeeeeeeeeee However, it just deletes them, the modal dialog closed after pressing the DELTE button, and nothing happened, it does not forward to the delete.php page, where an info of the deletion is provided. How can I fix that. I tested this URL .../photo/delete.php?token=1234&what=picture and it also deleted all files. Only if the user has right to delete them. But is not that insecure ?!?
Look at: 15.203.137.73 - - [26/May/2010:15:41:30 +0300] "GET /photo/delete.php?token=27653 Code (markup): When 27653 is the id you need to delete whatever then $pid = $_GET['token']; Code (markup): should work. The question is, do you get there if the request is no POST so may replace this: 173 /* doing the ajax call */ 174 $.getJSON('delete.php',{token:$('#delete-token').val()}, 175 function(data) { 176 var options = {}; 177 $('#delete-message').html(data.msg); 178 if (data.result != 'ok') { 179 $('#delete-message').css({'color':'red'}); 180 } else { 181 $('#delete-message').css({'color':'green'}); 182 } 183 } 184 ); Code (markup): just with; $.post("delete.php", {token:$('#delete-token').val() } ); Code (markup): and use at delete.php: $pid = $_POST['token']; Code (markup):
You probably did not read my update up. It worked. I will try this now, just to see will I go to delete.php page Update: your second suggestion works also (with the what after token), but stil nothing, after pressing jq dialog delete button, the dialog closes, and I stay on the same picture (which has been deleted on the background) In my post up, there is info that it should go to the delete.php file where a deletion info is displayed. Update 2: I guess it would be easier, to set another follow-up JQ dialog after pressing the 1st JQ Dialog delete button, which just to say that the picture has been deleted successfully, and then to redirect in 3 seconds in the main directory /photo/
Well I managed to do it (the second result window that appears, after the file is deleted): <!-- jQuery UI modal start --> <script type="text/javascript"> /* starting when dom is ready */ $(function() { /* preparing the deletion dialog */ $("#dialog-result").dialog({ autoOpen: false, title: '<{$lang_del_pic}>', resizable: false, height:140, modal: true, buttons: { 'OK': function() { /* doing the ajax call */ $(this).dialog('close'); document.location = 'http://domain.com'; }, } }); $("#dialog-confirm").dialog({ autoOpen: false, title: '<{$lang_del_pic}>', resizable: false, height:140, modal: true, buttons: { 'Delete all items': function() { /* doing the ajax call */ $.post("delete.php", {token:$('#delete-token').val(), what:$('#delete-filename').val() } ); $(this).dialog('close'); $("#dialog-result").dialog('open'); }, Cancel: function() { // canceling out $(this).dialog('close'); } } }); /* bind of the delete button the button */ $("#delete-button").click(function(){ $("#dialog-confirm").dialog('open'); }); $("#delete-button").button("destroy"); // make it a real good looking button }); </script> <!-- jQuery UI modal end --> Code (markup): and the two divs: <!-- confirmation dialogs --> <div id="dialog-confirm" style="display:none"> <p> <span class="ui-icon ui-icon-alert" style="float:left; margin:0 7px 20px 0;"></span> <{$lang_confirm_del}> </p> </div> <div id="dialog-result" style="display:none"> <p> <span class="ui-icon ui-icon-alert" style="float:left; margin:0 7px 20px 0;"></span> kur tate banica </p> </div> <!-- confirmation dialogs end --> Code (markup): This replaces the fist delete dialog, with info dialod that the picture is deleted. And after clicking OK, goes to main page. However, Can I do something else.... On pressing delete button Delete not to delete the picture, but to go to specific address: delete.php?token=123&what=picture (which deletes the picture, and posts some things that I need)