Index: spamcleaner.php =================================================================== RCS file: /cvsroot/moodle/contrib/tools/spamcleaner/spamcleaner.php,v retrieving revision 1.1 diff -c -r1.1 spamcleaner.php *** spamcleaner.php 6 Nov 2008 06:36:06 -0000 1.1 --- spamcleaner.php 6 Nov 2008 13:13:21 -0000 *************** *** 63,69 **** // Implement some AJAX calls ! if (!empty($del)) { // delete this user $record = $DB->get_record('user', array('id'=>$id)); if($ret = delete_user($record)) { --- 63,69 ---- // Implement some AJAX calls ! if (!empty($del) && confirm_sesskey()) { // delete this user $record = $DB->get_record('user', array('id'=>$id)); if($ret = delete_user($record)) { *************** *** 74,80 **** } exit; } ! if (!empty($delall)) { if (!empty($SESSION->users_result)) { foreach($SESSION->users_result as $key=>$value) { if($ret = delete_user($value)) { --- 74,80 ---- } exit; } ! if (!empty($delall) && confirm_sesskey()) { if (!empty($SESSION->users_result)) { foreach($SESSION->users_result as $key=>$value) { if($ret = delete_user($value)) { *************** *** 120,126 **** YAHOO.util.Event.addListener("removeall_btn", "click", function(){ var yes = confirm('Are you sure you want to delete all these user accounts? You can not undo this.'); if(yes){ ! var cObj = YAHOO.util.Connect.asyncRequest('POST', '?delall=yes', delall_cb); } }); } --- 120,126 ---- YAHOO.util.Event.addListener("removeall_btn", "click", function(){ var yes = confirm('Are you sure you want to delete all these user accounts? You can not undo this.'); if(yes){ ! var cObj = YAHOO.util.Connect.asyncRequest('POST', '?delall=yes&sesskey=', delall_cb); } }); } *************** *** 168,179 **** var yes = confirm('Are you sure you want to delete this entry? You can not undo this.'); if(yes){ row = obj; ! var cObj = YAHOO.util.Connect.asyncRequest('POST', '?del=yes&id='+id, del_cb); } } function ignore_user(obj, id) { row = obj; ! var cObj = YAHOO.util.Connect.asyncRequest('POST', '?ignore=yes&id='+id, ignore_cb); } YAHOO.util.Event.onDOMReady(init); --- 168,179 ---- var yes = confirm('Are you sure you want to delete this entry? You can not undo this.'); if(yes){ row = obj; ! var cObj = YAHOO.util.Connect.asyncRequest('POST', '?del=yes&sesskey=&id='+id, del_cb); } } function ignore_user(obj, id) { row = obj; ! var cObj = YAHOO.util.Connect.asyncRequest('POST', '?ignore=yes&sesskey=&id='+id, ignore_cb); } YAHOO.util.Event.onDOMReady(init);