FavorAction upgraded to extend FormAction

Includes some minor changes to other things as well, such as the session
token input element now having the same 'name' attribute as everyone else.
(it still retains a 'token-'+noticeid 'id' attribute for clientside JS)

actions/disfavor.php

@@ -5,11 +5,12 @@
  * PHP version 5
  *
  * @category Action
- * @package  StatusNet
+ * @package  GNUSocial
  * @author   Evan Prodromou <evan@status.net>
  * @author   Robin Millette <millette@status.net>
+ * @author   Mikael Nordfeldth <mmn@hethane.se>
  * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
- * @link     http://status.net/
+ * @link     http://www.gnu.org/software/social/
  *
  * StatusNet - the distributed open-source microblogging tool
  * Copyright (C) 2008, 2009, StatusNet, Inc.
@@ -28,70 +29,52 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-if (!defined('STATUSNET') && !defined('LACONICA')) {
+if (!defined('GNUSOCIAL')) { exit(1); }
-    exit(1);
-}
-
-require_once INSTALLDIR.'/lib/favorform.php';
 
 /**
- * Disfavor class.
+ * DisfavorAction class.
  *
  * @category Action
- * @package  StatusNet
+ * @package  GNUSocial
  * @author   Evan Prodromou <evan@status.net>
  * @author   Robin Millette <millette@status.net>
+ * @author   Mikael Nordfeldth <mmn@hethane.se>
  * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
- * @link     http://status.net/
+ * @link     http://www.gnu.org/software/social/
  */
-class DisfavorAction extends Action
+class DisfavorAction extends FormAction
 {
-    /**
+    public function showForm($msg=null, $success=false)
-     * Class handler.
-     *
-     * @param array $args query arguments
-     *
-     * @return void
-     */
-    function handle($args)
     {
-        parent::handle($args);
+        if ($success) {
-        if (!common_logged_in()) {
-            // TRANS: Error message displayed when trying to perform an action that requires a logged in user.
-            $this->clientError(_('Not logged in.'));
-            return;
-        }
-        $user = common_current_user();
-        if ($_SERVER['REQUEST_METHOD'] != 'POST') {
             common_redirect(common_local_url('showfavorites',
-                array('nickname' => $user->nickname)));
+                array('nickname' => $this->scoped->nickname)), 303);
-            return;
         }
+        parent::showForm($msg, $success);
+    }
+
+    protected function handlePost()
+    {
         $id     = $this->trimmed('notice');
         $notice = Notice::getKV($id);
-        $token  = $this->trimmed('token-'.$notice->id);
+        if (!$notice instanceof Notice) {
-        if (!$token || $token != common_session_token()) {
+            $this->serverError(_('Notice not found'));
-            // TRANS: Client error displayed when the session token does not match or is not given.
-            $this->clientError(_('There was a problem with your session token. Try again, please.'));
-            return;
         }
+
         $fave            = new Fave();
-        $fave->user_id   = $user->id;
+        $fave->user_id   = $this->scoped->id;
         $fave->notice_id = $notice->id;
         if (!$fave->find(true)) {
-            // TRANS: Client error displayed when trying to remove favorite status for a notice that is not a favorite.
+            throw new NoResultException($fave);
-            $this->clientError(_('This notice is not a favorite!'));
-            return;
         }
         $result = $fave->delete();
         if (!$result) {
             common_log_db_error($fave, 'DELETE', __FILE__);
             // TRANS: Server error displayed when removing a favorite from the database fails.
             $this->serverError(_('Could not delete favorite.'));
-            return;
         }
-        $user->blowFavesCache();
+        $this->scoped->blowFavesCache();
-        if ($this->boolean('ajax')) {
+        if (StatusNet::isAjax()) {
             $this->startHTML('text/xml;charset=utf-8');
             $this->elementStart('head');
             // TRANS: Title for page on which favorites can be added.
@@ -102,10 +85,7 @@ class DisfavorAction extends Action
             $favor->show();
             $this->elementEnd('body');
             $this->elementEnd('html');
-        } else {
+            exit;
-            common_redirect(common_local_url('showfavorites',
-                                             array('nickname' => $user->nickname)),
-                            303);
         }
     }
 }

actions/favor.php

@@ -5,11 +5,12 @@
  * PHP version 5
  *
  * @category Action
- * @package  StatusNet
+ * @package  GNUSocial
  * @author   Evan Prodromou <evan@status.net>
  * @author   Robin Millette <millette@status.net>
+ * @author   Mikael Nordfeldth <mmn@hethane.se>
  * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
- * @link     http://status.net/
+ * @link     http://www.gnu.org/software/social/
  *
  * StatusNet - the distributed open-source microblogging tool
  * Copyright (C) 2008, 2009, StatusNet, Inc.
@@ -28,68 +29,53 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-if (!defined('STATUSNET') && !defined('LACONICA')) {
+if (!defined('GNUSOCIAL')) { exit(1); }
-    exit(1);
-}
 
 require_once INSTALLDIR.'/lib/mail.php';
-require_once INSTALLDIR.'/lib/disfavorform.php';
 
 /**
- * Favor class.
+ * FavorAction class.
  *
  * @category Action
- * @package  StatusNet
+ * @package  GNUSocial
  * @author   Evan Prodromou <evan@status.net>
  * @author   Robin Millette <millette@status.net>
+ * @author   Mikael Nordfeldth <mmn@hethane.se>
  * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
- * @link     http://status.net/
+ * @link     http://www.gnu.org/software/social/
  */
-class FavorAction extends Action
+class FavorAction extends FormAction
 {
-    /**
+    // We overload this because success should redirect
-     * Class handler.
+    public function showForm($msg=null, $success=false)
-     *
-     * @param array $args query arguments
-     *
-     * @return void
-     */
-    function handle($args)
     {
-        parent::handle($args);
+        if ($success) {
-        if (!common_logged_in()) {
-            // TRANS: Error message displayed when trying to perform an action that requires a logged in user.
-            $this->clientError(_('Not logged in.'));
-            return;
-        }
-        $user = common_current_user();
-        if ($_SERVER['REQUEST_METHOD'] != 'POST') {
             common_redirect(common_local_url('showfavorites',
-                array('nickname' => $user->nickname)));
+                array('nickname' => $user->nickname)), 303);
-            return;
         }
+
+        parent::showForm($msg, $success);
+    }
+
+    protected function handlePost()
+    {
         $id     = $this->trimmed('notice');
         $notice = Notice::getKV($id);
-        $token  = $this->trimmed('token-'.$notice->id);
+        if (!($notice instanceof Notice)) {
-        if (!$token || $token != common_session_token()) {
+            $this->serverError(_('Notice not found'));
-            // TRANS: Client error displayed when the session token does not match or is not given.
-            $this->clientError(_('There was a problem with your session token. Try again, please.'));
-            return;
         }
-        if ($user->hasFave($notice)) {
+        if ($this->scoped->hasFave($notice)) {
             // TRANS: Client error displayed when trying to mark a notice as favorite that already is a favorite.
             $this->clientError(_('This notice is already a favorite!'));
-            return;
         }
-        $fave = Fave::addNew($user->getProfile(), $notice);
+        $fave = Fave::addNew($this->scoped, $notice);
         if (!$fave) {
             // TRANS: Server error displayed when trying to mark a notice as favorite fails in the database.
             $this->serverError(_('Could not create favorite.'));
-            return;
         }
-        $this->notify($notice, $user);
+        $this->notify($notice, $this->scoped->getUser());
-        $user->blowFavesCache();
+        $this->scoped->blowFavesCache();
-        if ($this->boolean('ajax')) {
+        if (StatusNet::isAjax()) {
             $this->startHTML('text/xml;charset=utf-8');
             $this->elementStart('head');
             // TRANS: Page title for page on which favorite notices can be unfavourited.
@@ -100,11 +86,11 @@ class FavorAction extends Action
             $disfavor->show();
             $this->elementEnd('body');
             $this->elementEnd('html');
-        } else {
+            exit;
-            common_redirect(common_local_url('showfavorites',
-                                             array('nickname' => $user->nickname)),
-                            303);
         }
+        common_redirect(common_local_url('showfavorites',
+                                         array('nickname' => $this->scoped->nickname)),
+                            303);
     }
 
     /**

lib/disfavorform.php

@@ -20,29 +20,27 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  *
  * @category  Form
- * @package   StatusNet
+ * @package   GNUSocial
  * @author    Evan Prodromou <evan@status.net>
  * @author    Sarven Capadisli <csarven@status.net>
+ * @author    Mikael Nordfeldth <mmn@hethane.se>
  * @copyright 2009 StatusNet, Inc.
  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
- * @link      http://status.net/
+ * @link      http://www.gnu.org/software/social/
  */
 
-if (!defined('STATUSNET') && !defined('LACONICA')) {
+if (!defined('GNUSOCIAL')) { exit(1); }
-    exit(1);
-}
-
-require_once INSTALLDIR.'/lib/form.php';
 
 /**
  * Form for disfavoring a notice
  *
  * @category Form
- * @package  StatusNet
+ * @package  GNUSocial
  * @author   Evan Prodromou <evan@status.net>
  * @author   Sarven Capadisli <csarven@status.net>
+ * @author   Mikael Nordfeldth <mmn@hethane.se>
  * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
- * @link     http://status.net/
+ * @link     http://www.gnu.org/software/social/
  *
  * @see      FavorForm
  */
@@ -94,7 +92,8 @@ class DisfavorForm extends Form
     function sessionToken()
     {
         $this->out->hidden('token-' . $this->notice->id,
-                           common_session_token());
+                           common_session_token(),
+                           'token');
     }
 
     /**

lib/favorform.php

@@ -20,29 +20,27 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  *
  * @category  Form
- * @package   StatusNet
+ * @package   GNUSocial
  * @author    Evan Prodromou <evan@status.net>
  * @author    Sarven Capadisli <csarven@status.net>
+ * @author    Mikael Nordfeldth <mmn@hethane.se>
  * @copyright 2009 StatusNet, Inc.
  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
- * @link      http://status.net/
+ * @link      http://www.gnu.org/software/social/
  */
 
-if (!defined('STATUSNET') && !defined('LACONICA')) {
+if (!defined('GNUSOCIAL')) { exit(1); }
-    exit(1);
-}
-
-require_once INSTALLDIR.'/lib/form.php';
 
 /**
  * Form for favoring a notice
  *
  * @category Form
- * @package  StatusNet
+ * @package  GNUSocial
  * @author   Evan Prodromou <evan@status.net>
  * @author   Sarven Capadisli <csarven@status.net>
+ * @author   Mikael Nordfeldth <mmn@hethane.se>
  * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
- * @link     http://status.net/
+ * @link     http://www.gnu.org/software/social/
  *
  * @see      DisfavorForm
  */
@@ -94,7 +92,8 @@ class FavorForm extends Form
     function sessionToken()
     {
         $this->out->hidden('token-' . $this->notice->id,
-                           common_session_token());
+                           common_session_token(),
+                           'token');
     }
 
     /**

plugins/AnonymousFave/actions/anondisfavor.php

@@ -27,9 +27,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-if (!defined('STATUSNET')) {
+if (!defined('GNUSOCIAL')) { exit(1); }
-    exit(1);
-}
 
 /**
  * Anonymous disfavor class
@@ -65,22 +63,14 @@ class AnonDisfavorAction extends RedirectingAction
 
         $id     = $this->trimmed('notice');
         $notice = Notice::getKV($id);
-        $token  = $this->trimmed('token-' . $notice->id);
+        $token  = $this->checkSessionToken();
-
-        if (!$token || $token != common_session_token()) {
-            // TRANS: Client error.
-            $this->clientError(_m('There was a problem with your session token. Try again, please.'));
-            return;
-        }
 
         $fave            = new Fave();
         $fave->user_id   = $profile->id;
         $fave->notice_id = $notice->id;
 
         if (!$fave->find(true)) {
-            // TRANS: Client error.
+            throw new NoResultException($fave);
-            $this->clientError(_m('This notice is not a favorite!'));
-            return;
         }
 
         $result = $fave->delete();

plugins/AnonymousFave/actions/anonfavor.php

@@ -27,9 +27,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-if (!defined('STATUSNET')) {
+if (!defined('GNUSOCIAL')) { exit(1); }
-    exit(1);
-}
 
 /**
  * Anonymous favor class
@@ -64,14 +62,7 @@ class AnonFavorAction extends RedirectingAction
 
         $id     = $this->trimmed('notice');
         $notice = Notice::getKV($id);
-        $token  = $this->trimmed('token-' . $notice->id);
+        $token  = $this->checkSessionToken();
-
-        if (empty($token) || $token != common_session_token()) {
-            // TRANS: Client error.
-            $this->clientError(_m('There was a problem with your session token. Try again, please.'));
-            return;
-        }
-
 
         if ($profile->hasFave($notice)) {
             // TRANS: Client error.

plugins/Realtime/realtimeupdate.js

@@ -301,7 +301,7 @@ RealtimeUpdate = {
           ff = "<form id=\"favor-"+id+"\" class=\"form_favor\" method=\"post\" action=\""+RealtimeUpdate._favorurl+"\">"+
                 "<fieldset>"+
                "<legend>Favor this notice</legend>"+
-               "<input name=\"token-"+id+"\" type=\"hidden\" id=\"token-"+id+"\" value=\""+session_key+"\"/>"+
+               "<input name=\"token\" type=\"hidden\" id=\"token-"+id+"\" value=\""+session_key+"\"/>"+
                "<input name=\"notice\" type=\"hidden\" id=\"notice-n"+id+"\" value=\""+id+"\"/>"+
                "<input type=\"submit\" id=\"favor-submit-"+id+"\" name=\"favor-submit-"+id+"\" class=\"submit\" value=\"Favor\" title=\"Favor this notice\"/>"+
                 "</fieldset>"+
@@ -348,7 +348,7 @@ RealtimeUpdate = {
           rf = "<form id=\"repeat-"+id+"\" class=\"form_repeat\" method=\"post\" action=\""+RealtimeUpdate._repeaturl+"\">"+
                "<fieldset>"+
                "<legend>Repeat this notice?</legend>"+
-               "<input name=\"token-"+id+"\" type=\"hidden\" id=\"token-"+id+"\" value=\""+session_key+"\"/>"+
+               "<input name=\"token\" type=\"hidden\" id=\"token-"+id+"\" value=\""+session_key+"\"/>"+
                "<input name=\"notice\" type=\"hidden\" id=\"notice-"+id+"\" value=\""+id+"\"/>"+
                "<input type=\"submit\" id=\"repeat-submit-"+id+"\" name=\"repeat-submit-"+id+"\" class=\"submit\" value=\"Yes\" title=\"Repeat this notice\"/>"+
                "</fieldset>"+