prevent double-shuffling or double-clearing, fixes issue #6

2025-04-26 12:18:27 -04:00 · 2013-05-19 17:42:19 -04:00 · 2013-05-19 17:42:19 -04:00 · 7e25c2285f
commit 7e25c2285f
parent ee8e1f4562
4 changed files with 46 additions and 30 deletions
--- a/.htaccess
+++ b/.htaccess
@ -9,8 +9,10 @@ RewriteRule ^sms/?$                     sms.php
 RewriteRule ^print.pdf                  print.php
 RewriteRule ^shuffle/?$                 index.php?shuffle
 RewriteRule ^shuffle/confirmed/?$       index.php?shuffle&confirmed
+RewriteRule ^shuffle/done/?$            index.php?shuffle&done
 RewriteRule ^clear/?$                   index.php?clear
 RewriteRule ^clear/confirmed/?$         index.php?clear&confirmed
+RewriteRule ^clear/done/?$              index.php?clear&done
 RewriteRule ^add/?$                     add.php
 RewriteRule ^spoon/([^/.]+)/?$          index.php?spoon=$1
 RewriteRule ^revive/([^/.]+)/?$         index.php?revive=$1
--- a/header.php
+++ b/header.php
@ -1,15 +1,4 @@
-<?php
-include_once('config.php');
-
-session_start();
-if(!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] == FALSE) {
-  header("Location:" . $site_url . "/login");
-  die();
-}
-
-include_once('functions.php');
-include_once('db_connect.php');
-?>
+<?php include_once('init.php') // probably already done but just in case... ?>
 <!DOCTYPE html>
 <html lang="en">
  <head>
--- a/index.php
+++ b/index.php
@ -1,6 +1,18 @@
 <?php
+include('init.php');
+
+// needs to be at top so we can redirect to prevent double-shuffling or double-clearing
+if(isset($_GET['shuffle']) && isset($_GET['confirmed'])) {
+  shuffleSpooners();
+  header("Location:" . $site_url . "/shuffle/done");
+} else if(isset($_GET['clear']) && isset($_GET['confirmed'])) {
+  mysql_query("TRUNCATE spooners");
+  header("Location:" . $site_url . "/clear/done");
+}
+
 $page = "Home";
 include('header.php');
+
 ?>

 <style>
@ -48,11 +60,17 @@ include('header.php');
    color: #b94a48;
  }
  div.alert a.btn {
+    color: #333;
+    padding: 4px 20px !important;
+  }
+  div.alert a.btn-success {
    color: #fff;
  }
+  div.alert a.btn i {
+    margin:2px 4px 0px -8px;
+  }
  div.alert p {
-    margin-top: 10px;
-    margin-bottom: 0px;
+    margin: 10px 0px;
  }
 </style>

@ -82,19 +100,15 @@ if(isset($_GET['revive'])) {


 /*********** SHUFFLING **********/
-if(isset($_GET['shuffle']) && !isset($_GET['confirmed'])) { ?>
+if(isset($_GET['shuffle']) && !isset($_GET['confirmed']) && !isset($_GET['done'])) { ?>
 <div class="alert alert-error">
  <a type="button" class="close" data-dismiss="alert">&times;</a>
  <h4>Are you sure you wanna do that...?</h4>
  <p>Shuffling is permanent, and your head <strong>will</strong> roll if you do this at the wrong time. You might wanna <a href="<?php echo $site_url ?>/print.pdf">save a PDF</a> of the current order first.</p>
-  <a href="<?php echo $site_url ?>/shuffle/confirmed" class="btn btn-success">Yes, I'm positive.</a>
-  <a href="<?php echo $site_url ?>/" class="btn btn-warning" style="margin-left:16px;">No, please forgive me!</a>
+  <a href="<?php echo $site_url ?>/shuffle/confirmed" class="btn btn-success"><i class="icon-ok icon-white"></i> Yes, I'm positive.</a>
+  <a href="<?php echo $site_url ?>/" class="btn" style="margin-left:16px;"><i class="icon-remove"></i> No, please forgive me!</a>
 </div>
-<?php } else if(isset($_GET['shuffle']) && isset($_GET['confirmed'])) {
-  
-  shuffleSpooners();
-  
-?>
+<?php } else if(isset($_GET['shuffle']) && isset($_GET['done'])) { ?>
 <div class="alert">
  <button type="button" class="close" data-dismiss="alert">&times;</button>
  <h4>Spooners have been successfully shuffled.</h4>
@ -103,19 +117,15 @@ if(isset($_GET['shuffle']) && !isset($_GET['confirmed'])) { ?>

 <?php
 /*********** CLEARING ALL **********/
-if(isset($_GET['clear']) && !isset($_GET['confirmed'])) { ?>
+if(isset($_GET['clear']) && !isset($_GET['confirmed']) && !isset($_GET['done'])) { ?>
 <div class="alert alert-error">
  <a type="button" class="close" data-dismiss="alert">&times;</a>
  <h4>Are you sure you wanna do that...?</h4>
  <p>Clearing the list is permanent, and your head <strong>will</strong> roll if you do this at the wrong time. You might wanna <a href="<?php echo $site_url ?>/print.pdf">save a PDF</a> of the current list first.</p>
-  <a href="<?php echo $site_url ?>/clear/confirmed" class="btn btn-success">Yes, I'm positive.</a>
-  <a href="<?php echo $site_url ?>/" class="btn btn-warning" style="margin-left:16px;">No, please forgive me!</a>
+  <a href="<?php echo $site_url ?>/clear/confirmed" class="btn btn-success"><i class="icon-ok icon-white"></i> Yes, I'm positive.</a>
+  <a href="<?php echo $site_url ?>/" class="btn" style="margin-left:16px;"><i class="icon-remove"></i> No, please forgive me!</a>
 </div>
-<?php } else if(isset($_GET['clear']) && isset($_GET['confirmed'])) {
-  
-  mysql_query("TRUNCATE spooners");
-  
-?>
+<?php } else if(isset($_GET['clear']) && isset($_GET['done'])) { ?>
 <div class="alert">
  <button type="button" class="close" data-dismiss="alert">&times;</button>
  <h4>All spooners have been successfully deleted.</h4>
--- a/init.php
+++ b/init.php
@ -0,0 +1,15 @@
+<?php
+include_once('config.php');        // these have probably all been included already, but just in case...
+include_once('functions.php');
+include_once('db_connect.php');
+
+if(!$initialized) {
+  session_start();
+  if(!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] == FALSE) {
+    header("Location:" . $site_url . "/login");
+    die();
+  }
+
+  $initialized = TRUE;
+}
+?>