Merge branch '0.9.x' into activityexport

[quix0rs-gnu-social.git] / actions / editapplication.php

diff --git a/actions/editapplication.php b/actions/editapplication.php
index a0ed3117a709e8eb22c228a26f768c959a7c5eca..477bcd6f0b25b79649b2994310e5237de065ca02 100644 (file)
--- a/actions/editapplication.php
+++ b/actions/editapplication.php
@@ -45,9 +45,9 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
 
 class EditApplicationAction extends OwnerDesignAction
 {
-    var $msg = null;
-
-    var $app = null;
+    var $msg   = null;
+    var $owner = null;
+    var $app   = null;
 
     function title()
     {
@@ -68,7 +68,14 @@ class EditApplicationAction extends OwnerDesignAction
         }
 
         $id = (int)$this->arg('id');
-        $this->app = Oauth_application::staticGet($id);
+
+        $this->app   = Oauth_application::staticGet($id);
+        $this->owner = User::staticGet($this->app->owner);
+        $cur         = common_current_user();
+
+        if ($cur->id != $this->owner->id) {
+            $this->clientError(_('You are not the owner of this application.'), 401);
+        }
 
         if (!$this->app) {
             $this->clientError(_('No such application.'));
@@ -125,10 +132,7 @@ class EditApplicationAction extends OwnerDesignAction
 
         if ($this->arg('cancel')) {
             common_redirect(common_local_url('showapplication',
-                                             array(
-                                                   'nickname' => $cur->nickname,
-                                                   'id' => $this->app->id)
-                                             ), 303);
+                                             array('id' => $this->app->id)), 303);
         } elseif ($this->arg('save')) {
             $this->trySave();
         } else {
@@ -175,13 +179,16 @@ class EditApplicationAction extends OwnerDesignAction
         } elseif (mb_strlen($name) > 255) {
             $this->showForm(_('Name is too long (max 255 chars).'));
             return;
+        } else if ($this->nameExists($name)) {
+            $this->showForm(_('Name already in use. Try another one.'));
+            return;
         } elseif (empty($description)) {
             $this->showForm(_('Description is required.'));
             return;
         } elseif (Oauth_application::descriptionTooLong($description)) {
             $this->showForm(sprintf(
                 _('Description is too long (max %d chars).'),
-                                    Oauth_application::maxDescription()));
+                                    Oauth_application::maxDesc()));
             return;
         } elseif (mb_strlen($source_url) > 255) {
             $this->showForm(_('Source URL is too long.'));
@@ -246,15 +253,38 @@ class EditApplicationAction extends OwnerDesignAction
 
         $result = $this->app->update($orig);
 
-        if (!$result) {
+        // Note: 0 means no rows changed, which can happen if the only
+        // thing we changed was the icon, since it's not altered until
+        // the next step.
+        if ($result === false) {
             common_log_db_error($this->app, 'UPDATE', __FILE__);
             $this->serverError(_('Could not update application.'));
         }
 
         $this->app->uploadLogo();
 
-        common_redirect(common_local_url('apps',
-            array('nickname' => $cur->nickname)), 303);
+        common_redirect(common_local_url('oauthappssettings'), 303);
+    }
+
+    /**
+     * Does the app name already exist?
+     *
+     * Checks the DB to see someone has already registered an app
+     * with the same name.
+     *
+     * @param string $name app name to check
+     *
+     * @return boolean true if the name already exists
+     */
+
+    function nameExists($name)
+    {
+        $newapp = Oauth_application::staticGet('name', $name);
+        if (empty($newapp)) {
+            return false;
+        } else {
+            return $newapp->id != $this->app->id;
+        }
     }
 
 }