Closed karthik25 closed 11 years ago
The DeletePage action does not have the authorize attribute. The following javascript would delete a post/page with id X if fed the complete url to delete, (if a post/page w/ that id exists) even if the user is not authenticated!
$.ajax({ type:'POST', url: '<the_url_to_delete_post/page>', success: function(){ alert('success'); } });
The DeletePage action does not have the authorize attribute. The following javascript would delete a post/page with id X if fed the complete url to delete, (if a post/page w/ that id exists) even if the user is not authenticated!