🔒 Sécurise la suppression

This commit is contained in:
Clement Desmidt 2017-11-21 07:20:06 +01:00
parent 899ccf5866
commit cc27b189b1
2 changed files with 8 additions and 3 deletions

View File

@ -5,7 +5,7 @@
<div class="row"> <div class="row">
<div class="col-md-8 col-md-offset-2"> <div class="col-md-8 col-md-offset-2">
<div class="panel panel-default"> <div class="panel panel-default">
<div class="panel-heading">Dashboard</div> <div class="panel-heading">Dashboard @if($type !== 'all') <a href="<?php echo route('home'); ?>">Revenir à la liste</a>@endif</div>
<div class="panel-body"> <div class="panel-body">
@if (session('status')) @if (session('status'))
@ -36,7 +36,12 @@
</td> </td>
<td> <td>
<a href="<?php echo route('deals.view', ['type' => $type, 'id' => $deal->getId()]); ?>">Voir</a> <a href="<?php echo route('deals.view', ['type' => $type, 'id' => $deal->getId()]); ?>">Voir</a>
<a href="<?php echo route('deals.delete', ['type' => $type, 'id' => $deal->getId()]); ?>">Supprimer</a> @if( $type === 'backup')
<form method="POST" action="<?php echo route('deals.delete', ['type' => $type, 'id' => $deal->getId()]); ?>">
{{ csrf_field() }}
<button type="submit">Supprimer</button>
</form>
@endif
</td> </td>
</tr> </tr>
@endforeach</tbody> @endforeach</tbody>

View File

@ -21,6 +21,6 @@ Route::get('/deals/list/{type}', 'HomeController@list')->name('deals.list');
Route::get('/deals/view/{type}/{id}', 'HomeController@view')->name('deals.view'); Route::get('/deals/view/{type}/{id}', 'HomeController@view')->name('deals.view');
Route::get('/deals/delete/{type}/{id}', 'HomeController@delete')->name('deals.delete'); Route::post('/deals/delete/{type}/{id}', 'HomeController@delete')->name('deals.delete');
Route::match(['GET', 'POST'], '/deals/update/{type}/{id}', 'HomeController@update')->name('deals.update'); Route::match(['GET', 'POST'], '/deals/update/{type}/{id}', 'HomeController@update')->name('deals.update');