Secured actions are rarely directly generated by calling the
securiser_action()
function, but more frequently by calling a function which itself then calls the security function.
The
ecrire/inc/actions.php file contains a large number of these functions.
{{{generer_action_auteur()}}}
In particular, the
generer_action_auteur()
function directly calls the
securiser_action
function, passing a secured URL by default.
{{{redirige_action_auteur()}}}
This function takes two parameters instead of the 3rd redirection argument: the name of an exec file, and the arguments to be passed. SPIP then creates the redirection URL automatically.
{{{redirige_action_post()}}}
Same as the previous function except that it generates a POST form by default.
Example
Generate a link to change the display preferences in the private area:
$url = generer_action_auteur('preferer',"display:1", $self);
Run an action when editing a news item, then redirect to the news item view.
$href = redirige_action_auteur('editer_breve',$id_breve,'breves_voir', "id_breve=$id_breve");
Post a form, then redirect to the "admin_plugin" page.
$corps
contains the contents of the form to activate a plugin.
echo redirige_action_post('activer_plugins','activer', 'admin_plugin','', $corps);