FavorAction upgraded to extend FormAction

Includes some minor changes to other things as well, such as the session
token input element now having the same 'name' attribute as everyone else.
(it still retains a 'token-'+noticeid 'id' attribute for clientside JS)
This commit is contained in:
Mikael Nordfeldth 2013-09-23 11:34:15 +02:00
parent f711f9ee75
commit 5f1fea1488
7 changed files with 80 additions and 135 deletions

View File

@ -5,11 +5,12 @@
* PHP version 5 * PHP version 5
* *
* @category Action * @category Action
* @package StatusNet * @package GNUSocial
* @author Evan Prodromou <evan@status.net> * @author Evan Prodromou <evan@status.net>
* @author Robin Millette <millette@status.net> * @author Robin Millette <millette@status.net>
* @author Mikael Nordfeldth <mmn@hethane.se>
* @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
* @link http://status.net/ * @link http://www.gnu.org/software/social/
* *
* StatusNet - the distributed open-source microblogging tool * StatusNet - the distributed open-source microblogging tool
* Copyright (C) 2008, 2009, StatusNet, Inc. * Copyright (C) 2008, 2009, StatusNet, Inc.
@ -28,70 +29,52 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
if (!defined('STATUSNET') && !defined('LACONICA')) { if (!defined('GNUSOCIAL')) { exit(1); }
exit(1);
}
require_once INSTALLDIR.'/lib/favorform.php';
/** /**
* Disfavor class. * DisfavorAction class.
* *
* @category Action * @category Action
* @package StatusNet * @package GNUSocial
* @author Evan Prodromou <evan@status.net> * @author Evan Prodromou <evan@status.net>
* @author Robin Millette <millette@status.net> * @author Robin Millette <millette@status.net>
* @author Mikael Nordfeldth <mmn@hethane.se>
* @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
* @link http://status.net/ * @link http://www.gnu.org/software/social/
*/ */
class DisfavorAction extends Action class DisfavorAction extends FormAction
{ {
/** public function showForm($msg=null, $success=false)
* Class handler.
*
* @param array $args query arguments
*
* @return void
*/
function handle($args)
{ {
parent::handle($args); if ($success) {
if (!common_logged_in()) {
// TRANS: Error message displayed when trying to perform an action that requires a logged in user.
$this->clientError(_('Not logged in.'));
return;
}
$user = common_current_user();
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
common_redirect(common_local_url('showfavorites', common_redirect(common_local_url('showfavorites',
array('nickname' => $user->nickname))); array('nickname' => $this->scoped->nickname)), 303);
return;
} }
parent::showForm($msg, $success);
}
protected function handlePost()
{
$id = $this->trimmed('notice'); $id = $this->trimmed('notice');
$notice = Notice::getKV($id); $notice = Notice::getKV($id);
$token = $this->trimmed('token-'.$notice->id); if (!$notice instanceof Notice) {
if (!$token || $token != common_session_token()) { $this->serverError(_('Notice not found'));
// TRANS: Client error displayed when the session token does not match or is not given.
$this->clientError(_('There was a problem with your session token. Try again, please.'));
return;
} }
$fave = new Fave(); $fave = new Fave();
$fave->user_id = $user->id; $fave->user_id = $this->scoped->id;
$fave->notice_id = $notice->id; $fave->notice_id = $notice->id;
if (!$fave->find(true)) { if (!$fave->find(true)) {
// TRANS: Client error displayed when trying to remove favorite status for a notice that is not a favorite. throw new NoResultException($fave);
$this->clientError(_('This notice is not a favorite!'));
return;
} }
$result = $fave->delete(); $result = $fave->delete();
if (!$result) { if (!$result) {
common_log_db_error($fave, 'DELETE', __FILE__); common_log_db_error($fave, 'DELETE', __FILE__);
// TRANS: Server error displayed when removing a favorite from the database fails. // TRANS: Server error displayed when removing a favorite from the database fails.
$this->serverError(_('Could not delete favorite.')); $this->serverError(_('Could not delete favorite.'));
return;
} }
$user->blowFavesCache(); $this->scoped->blowFavesCache();
if ($this->boolean('ajax')) { if (StatusNet::isAjax()) {
$this->startHTML('text/xml;charset=utf-8'); $this->startHTML('text/xml;charset=utf-8');
$this->elementStart('head'); $this->elementStart('head');
// TRANS: Title for page on which favorites can be added. // TRANS: Title for page on which favorites can be added.
@ -102,10 +85,7 @@ class DisfavorAction extends Action
$favor->show(); $favor->show();
$this->elementEnd('body'); $this->elementEnd('body');
$this->elementEnd('html'); $this->elementEnd('html');
} else { exit;
common_redirect(common_local_url('showfavorites',
array('nickname' => $user->nickname)),
303);
} }
} }
} }

View File

@ -5,11 +5,12 @@
* PHP version 5 * PHP version 5
* *
* @category Action * @category Action
* @package StatusNet * @package GNUSocial
* @author Evan Prodromou <evan@status.net> * @author Evan Prodromou <evan@status.net>
* @author Robin Millette <millette@status.net> * @author Robin Millette <millette@status.net>
* @author Mikael Nordfeldth <mmn@hethane.se>
* @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
* @link http://status.net/ * @link http://www.gnu.org/software/social/
* *
* StatusNet - the distributed open-source microblogging tool * StatusNet - the distributed open-source microblogging tool
* Copyright (C) 2008, 2009, StatusNet, Inc. * Copyright (C) 2008, 2009, StatusNet, Inc.
@ -28,68 +29,53 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
if (!defined('STATUSNET') && !defined('LACONICA')) { if (!defined('GNUSOCIAL')) { exit(1); }
exit(1);
}
require_once INSTALLDIR.'/lib/mail.php'; require_once INSTALLDIR.'/lib/mail.php';
require_once INSTALLDIR.'/lib/disfavorform.php';
/** /**
* Favor class. * FavorAction class.
* *
* @category Action * @category Action
* @package StatusNet * @package GNUSocial
* @author Evan Prodromou <evan@status.net> * @author Evan Prodromou <evan@status.net>
* @author Robin Millette <millette@status.net> * @author Robin Millette <millette@status.net>
* @author Mikael Nordfeldth <mmn@hethane.se>
* @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
* @link http://status.net/ * @link http://www.gnu.org/software/social/
*/ */
class FavorAction extends Action class FavorAction extends FormAction
{ {
/** // We overload this because success should redirect
* Class handler. public function showForm($msg=null, $success=false)
*
* @param array $args query arguments
*
* @return void
*/
function handle($args)
{ {
parent::handle($args); if ($success) {
if (!common_logged_in()) {
// TRANS: Error message displayed when trying to perform an action that requires a logged in user.
$this->clientError(_('Not logged in.'));
return;
}
$user = common_current_user();
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
common_redirect(common_local_url('showfavorites', common_redirect(common_local_url('showfavorites',
array('nickname' => $user->nickname))); array('nickname' => $user->nickname)), 303);
return;
} }
parent::showForm($msg, $success);
}
protected function handlePost()
{
$id = $this->trimmed('notice'); $id = $this->trimmed('notice');
$notice = Notice::getKV($id); $notice = Notice::getKV($id);
$token = $this->trimmed('token-'.$notice->id); if (!($notice instanceof Notice)) {
if (!$token || $token != common_session_token()) { $this->serverError(_('Notice not found'));
// TRANS: Client error displayed when the session token does not match or is not given.
$this->clientError(_('There was a problem with your session token. Try again, please.'));
return;
} }
if ($user->hasFave($notice)) { if ($this->scoped->hasFave($notice)) {
// TRANS: Client error displayed when trying to mark a notice as favorite that already is a favorite. // TRANS: Client error displayed when trying to mark a notice as favorite that already is a favorite.
$this->clientError(_('This notice is already a favorite!')); $this->clientError(_('This notice is already a favorite!'));
return;
} }
$fave = Fave::addNew($user->getProfile(), $notice); $fave = Fave::addNew($this->scoped, $notice);
if (!$fave) { if (!$fave) {
// TRANS: Server error displayed when trying to mark a notice as favorite fails in the database. // TRANS: Server error displayed when trying to mark a notice as favorite fails in the database.
$this->serverError(_('Could not create favorite.')); $this->serverError(_('Could not create favorite.'));
return;
} }
$this->notify($notice, $user); $this->notify($notice, $this->scoped->getUser());
$user->blowFavesCache(); $this->scoped->blowFavesCache();
if ($this->boolean('ajax')) { if (StatusNet::isAjax()) {
$this->startHTML('text/xml;charset=utf-8'); $this->startHTML('text/xml;charset=utf-8');
$this->elementStart('head'); $this->elementStart('head');
// TRANS: Page title for page on which favorite notices can be unfavourited. // TRANS: Page title for page on which favorite notices can be unfavourited.
@ -100,11 +86,11 @@ class FavorAction extends Action
$disfavor->show(); $disfavor->show();
$this->elementEnd('body'); $this->elementEnd('body');
$this->elementEnd('html'); $this->elementEnd('html');
} else { exit;
common_redirect(common_local_url('showfavorites',
array('nickname' => $user->nickname)),
303);
} }
common_redirect(common_local_url('showfavorites',
array('nickname' => $this->scoped->nickname)),
303);
} }
/** /**

View File

@ -20,29 +20,27 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
* *
* @category Form * @category Form
* @package StatusNet * @package GNUSocial
* @author Evan Prodromou <evan@status.net> * @author Evan Prodromou <evan@status.net>
* @author Sarven Capadisli <csarven@status.net> * @author Sarven Capadisli <csarven@status.net>
* @author Mikael Nordfeldth <mmn@hethane.se>
* @copyright 2009 StatusNet, Inc. * @copyright 2009 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/ * @link http://www.gnu.org/software/social/
*/ */
if (!defined('STATUSNET') && !defined('LACONICA')) { if (!defined('GNUSOCIAL')) { exit(1); }
exit(1);
}
require_once INSTALLDIR.'/lib/form.php';
/** /**
* Form for disfavoring a notice * Form for disfavoring a notice
* *
* @category Form * @category Form
* @package StatusNet * @package GNUSocial
* @author Evan Prodromou <evan@status.net> * @author Evan Prodromou <evan@status.net>
* @author Sarven Capadisli <csarven@status.net> * @author Sarven Capadisli <csarven@status.net>
* @author Mikael Nordfeldth <mmn@hethane.se>
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/ * @link http://www.gnu.org/software/social/
* *
* @see FavorForm * @see FavorForm
*/ */
@ -94,7 +92,8 @@ class DisfavorForm extends Form
function sessionToken() function sessionToken()
{ {
$this->out->hidden('token-' . $this->notice->id, $this->out->hidden('token-' . $this->notice->id,
common_session_token()); common_session_token(),
'token');
} }
/** /**

View File

@ -20,29 +20,27 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
* *
* @category Form * @category Form
* @package StatusNet * @package GNUSocial
* @author Evan Prodromou <evan@status.net> * @author Evan Prodromou <evan@status.net>
* @author Sarven Capadisli <csarven@status.net> * @author Sarven Capadisli <csarven@status.net>
* @author Mikael Nordfeldth <mmn@hethane.se>
* @copyright 2009 StatusNet, Inc. * @copyright 2009 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/ * @link http://www.gnu.org/software/social/
*/ */
if (!defined('STATUSNET') && !defined('LACONICA')) { if (!defined('GNUSOCIAL')) { exit(1); }
exit(1);
}
require_once INSTALLDIR.'/lib/form.php';
/** /**
* Form for favoring a notice * Form for favoring a notice
* *
* @category Form * @category Form
* @package StatusNet * @package GNUSocial
* @author Evan Prodromou <evan@status.net> * @author Evan Prodromou <evan@status.net>
* @author Sarven Capadisli <csarven@status.net> * @author Sarven Capadisli <csarven@status.net>
* @author Mikael Nordfeldth <mmn@hethane.se>
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/ * @link http://www.gnu.org/software/social/
* *
* @see DisfavorForm * @see DisfavorForm
*/ */
@ -94,7 +92,8 @@ class FavorForm extends Form
function sessionToken() function sessionToken()
{ {
$this->out->hidden('token-' . $this->notice->id, $this->out->hidden('token-' . $this->notice->id,
common_session_token()); common_session_token(),
'token');
} }
/** /**

View File

@ -27,9 +27,7 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
if (!defined('STATUSNET')) { if (!defined('GNUSOCIAL')) { exit(1); }
exit(1);
}
/** /**
* Anonymous disfavor class * Anonymous disfavor class
@ -65,22 +63,14 @@ class AnonDisfavorAction extends RedirectingAction
$id = $this->trimmed('notice'); $id = $this->trimmed('notice');
$notice = Notice::getKV($id); $notice = Notice::getKV($id);
$token = $this->trimmed('token-' . $notice->id); $token = $this->checkSessionToken();
if (!$token || $token != common_session_token()) {
// TRANS: Client error.
$this->clientError(_m('There was a problem with your session token. Try again, please.'));
return;
}
$fave = new Fave(); $fave = new Fave();
$fave->user_id = $profile->id; $fave->user_id = $profile->id;
$fave->notice_id = $notice->id; $fave->notice_id = $notice->id;
if (!$fave->find(true)) { if (!$fave->find(true)) {
// TRANS: Client error. throw new NoResultException($fave);
$this->clientError(_m('This notice is not a favorite!'));
return;
} }
$result = $fave->delete(); $result = $fave->delete();

View File

@ -27,9 +27,7 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
if (!defined('STATUSNET')) { if (!defined('GNUSOCIAL')) { exit(1); }
exit(1);
}
/** /**
* Anonymous favor class * Anonymous favor class
@ -64,14 +62,7 @@ class AnonFavorAction extends RedirectingAction
$id = $this->trimmed('notice'); $id = $this->trimmed('notice');
$notice = Notice::getKV($id); $notice = Notice::getKV($id);
$token = $this->trimmed('token-' . $notice->id); $token = $this->checkSessionToken();
if (empty($token) || $token != common_session_token()) {
// TRANS: Client error.
$this->clientError(_m('There was a problem with your session token. Try again, please.'));
return;
}
if ($profile->hasFave($notice)) { if ($profile->hasFave($notice)) {
// TRANS: Client error. // TRANS: Client error.

View File

@ -301,7 +301,7 @@ RealtimeUpdate = {
ff = "<form id=\"favor-"+id+"\" class=\"form_favor\" method=\"post\" action=\""+RealtimeUpdate._favorurl+"\">"+ ff = "<form id=\"favor-"+id+"\" class=\"form_favor\" method=\"post\" action=\""+RealtimeUpdate._favorurl+"\">"+
"<fieldset>"+ "<fieldset>"+
"<legend>Favor this notice</legend>"+ "<legend>Favor this notice</legend>"+
"<input name=\"token-"+id+"\" type=\"hidden\" id=\"token-"+id+"\" value=\""+session_key+"\"/>"+ "<input name=\"token\" type=\"hidden\" id=\"token-"+id+"\" value=\""+session_key+"\"/>"+
"<input name=\"notice\" type=\"hidden\" id=\"notice-n"+id+"\" value=\""+id+"\"/>"+ "<input name=\"notice\" type=\"hidden\" id=\"notice-n"+id+"\" value=\""+id+"\"/>"+
"<input type=\"submit\" id=\"favor-submit-"+id+"\" name=\"favor-submit-"+id+"\" class=\"submit\" value=\"Favor\" title=\"Favor this notice\"/>"+ "<input type=\"submit\" id=\"favor-submit-"+id+"\" name=\"favor-submit-"+id+"\" class=\"submit\" value=\"Favor\" title=\"Favor this notice\"/>"+
"</fieldset>"+ "</fieldset>"+
@ -348,7 +348,7 @@ RealtimeUpdate = {
rf = "<form id=\"repeat-"+id+"\" class=\"form_repeat\" method=\"post\" action=\""+RealtimeUpdate._repeaturl+"\">"+ rf = "<form id=\"repeat-"+id+"\" class=\"form_repeat\" method=\"post\" action=\""+RealtimeUpdate._repeaturl+"\">"+
"<fieldset>"+ "<fieldset>"+
"<legend>Repeat this notice?</legend>"+ "<legend>Repeat this notice?</legend>"+
"<input name=\"token-"+id+"\" type=\"hidden\" id=\"token-"+id+"\" value=\""+session_key+"\"/>"+ "<input name=\"token\" type=\"hidden\" id=\"token-"+id+"\" value=\""+session_key+"\"/>"+
"<input name=\"notice\" type=\"hidden\" id=\"notice-"+id+"\" value=\""+id+"\"/>"+ "<input name=\"notice\" type=\"hidden\" id=\"notice-"+id+"\" value=\""+id+"\"/>"+
"<input type=\"submit\" id=\"repeat-submit-"+id+"\" name=\"repeat-submit-"+id+"\" class=\"submit\" value=\"Yes\" title=\"Repeat this notice\"/>"+ "<input type=\"submit\" id=\"repeat-submit-"+id+"\" name=\"repeat-submit-"+id+"\" class=\"submit\" value=\"Yes\" title=\"Repeat this notice\"/>"+
"</fieldset>"+ "</fieldset>"+