Commit fda3d634 authored by Mahmoud Aglan's avatar Mahmoud Aglan

fix: replace Auth::csrfField() with Auth::csrfToken() in all views

csrfField() doesn't exist — the actual pattern is a hidden input
with name="_csrf" and value from Auth::csrfToken().
Co-Authored-By: 's avatarClaude Opus 4.6 <noreply@anthropic.com>
parent e76deb6f
...@@ -57,12 +57,12 @@ ...@@ -57,12 +57,12 @@
<div class="flex gap-3 mt-5"> <div class="flex gap-3 mt-5">
<?php if (($campaign['status'] ?? '') === 'scheduled'): ?> <?php if (($campaign['status'] ?? '') === 'scheduled'): ?>
<form method="POST" action="/notifications/scheduled/<?= $campaign['id'] ?>/cancel"> <form method="POST" action="/notifications/scheduled/<?= $campaign['id'] ?>/cancel">
<?= Auth::csrfField() ?> <input type="hidden" name="_csrf" value="<?= Auth::csrfToken() ?>">
<button type="submit" class="btn btn-danger btn-sm" onclick="return confirm('إلغاء؟')">إلغاء الجدولة</button> <button type="submit" class="btn btn-danger btn-sm" onclick="return confirm('إلغاء؟')">إلغاء الجدولة</button>
</form> </form>
<?php endif; ?> <?php endif; ?>
<form method="POST" action="/notifications/<?= $campaign['id'] ?>/delete"> <form method="POST" action="/notifications/<?= $campaign['id'] ?>/delete">
<?= Auth::csrfField() ?> <input type="hidden" name="_csrf" value="<?= Auth::csrfToken() ?>">
<button type="submit" class="btn btn-ghost btn-sm" style="color:var(--danger)" onclick="return confirm('حذف نهائي؟')">حذف</button> <button type="submit" class="btn btn-ghost btn-sm" style="color:var(--danger)" onclick="return confirm('حذف نهائي؟')">حذف</button>
</form> </form>
</div> </div>
......
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
<div> <div>
<div class="card p-6"> <div class="card p-6">
<form id="push-form" method="POST" action="/notifications/compose/send"> <form id="push-form" method="POST" action="/notifications/compose/send">
<?= Auth::csrfField() ?> <input type="hidden" name="_csrf" value="<?= Auth::csrfToken() ?>">
<!-- Template Select --> <!-- Template Select -->
<div class="form-group mb-4"> <div class="form-group mb-4">
......
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
<div style="max-width:700px;"> <div style="max-width:700px;">
<div class="card p-6"> <div class="card p-6">
<form method="POST" action="/notifications/individual/send"> <form method="POST" action="/notifications/individual/send">
<?= Auth::csrfField() ?> <input type="hidden" name="_csrf" value="<?= Auth::csrfToken() ?>">
<!-- Player Search --> <!-- Player Search -->
<div class="form-group mb-4"> <div class="form-group mb-4">
......
...@@ -18,7 +18,7 @@ ...@@ -18,7 +18,7 @@
<td><span class="badge badge-info"><?= match($s['type'] ?? '') { 'broadcast' => 'بث عام', 'demographic' => 'فئة', default => $s['type'] ?? '-' } ?></span></td> <td><span class="badge badge-info"><?= match($s['type'] ?? '') { 'broadcast' => 'بث عام', 'demographic' => 'فئة', default => $s['type'] ?? '-' } ?></span></td>
<td> <td>
<form method="POST" action="/notifications/scheduled/<?= $s['id'] ?>/cancel" style="display:inline;"> <form method="POST" action="/notifications/scheduled/<?= $s['id'] ?>/cancel" style="display:inline;">
<?= Auth::csrfField() ?> <input type="hidden" name="_csrf" value="<?= Auth::csrfToken() ?>">
<button type="submit" class="btn btn-ghost btn-sm" style="color:var(--danger)" onclick="return confirm('إلغاء؟')">إلغاء</button> <button type="submit" class="btn btn-ghost btn-sm" style="color:var(--danger)" onclick="return confirm('إلغاء؟')">إلغاء</button>
</form> </form>
</td> </td>
......
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
<div style="max-width:600px;"> <div style="max-width:600px;">
<div class="card p-6"> <div class="card p-6">
<form method="POST" action="<?= $template ? "/notifications/templates/{$template['id']}/update" : '/notifications/templates/store' ?>"> <form method="POST" action="<?= $template ? "/notifications/templates/{$template['id']}/update" : '/notifications/templates/store' ?>">
<?= Auth::csrfField() ?> <input type="hidden" name="_csrf" value="<?= Auth::csrfToken() ?>">
<div class="form-group mb-4"> <div class="form-group mb-4">
<label class="form-label">اسم القالب <span class="text-danger">*</span></label> <label class="form-label">اسم القالب <span class="text-danger">*</span></label>
......
...@@ -22,7 +22,7 @@ ...@@ -22,7 +22,7 @@
<td class="flex gap-2"> <td class="flex gap-2">
<a href="/notifications/templates/<?= $t['id'] ?>/edit" class="btn btn-ghost btn-sm">تعديل</a> <a href="/notifications/templates/<?= $t['id'] ?>/edit" class="btn btn-ghost btn-sm">تعديل</a>
<form method="POST" action="/notifications/templates/<?= $t['id'] ?>/delete" style="display:inline;"> <form method="POST" action="/notifications/templates/<?= $t['id'] ?>/delete" style="display:inline;">
<?= Auth::csrfField() ?> <input type="hidden" name="_csrf" value="<?= Auth::csrfToken() ?>">
<button type="submit" class="btn btn-ghost btn-sm" style="color:var(--danger)" onclick="return confirm('حذف؟')">حذف</button> <button type="submit" class="btn btn-ghost btn-sm" style="color:var(--danger)" onclick="return confirm('حذف؟')">حذف</button>
</form> </form>
</td> </td>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment