# XXX: Ajax!
if (!common_logged_in()) {
- common_user_error(_t('Not logged in.'));
+ common_user_error(_('Not logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->save_new_notice();
} else {
function save_new_notice() {
+ # CSRF protection - token set in common_notice_form()
+ $token = $this->trimmed('token');
+ if (!$token || $token != common_session_token()) {
+ $this->client_error(_('There was a problem with your session token. Try again, please.'));
+ return;
+ }
+
$user = common_current_user();
assert($user); # XXX: maybe an error instead...
- $notice = DB_DataObject::factory('notice');
- assert($notice);
- $notice->profile_id = $user->id; # user id *is* profile id
- $notice->created = DB_DataObject_Cast::dateTime();
- # Default theme uses 'content' for something else
- $notice->content = $this->trimmed('status_textarea');
-
- if (!$notice->content) {
- $this->show_form(_t('No content!'));
- return;
- } else if (strlen($notice->content) > 140) {
- $this->show_form(_t('That\'s too long. Max notice size is 140 chars.'));
+ $content = $this->trimmed('status_textarea');
+
+ if (!$content) {
+ $this->show_form(_('No content!'));
return;
+// } else if (mb_strlen($content) > 140) {
+ } else {
+ $content = common_shorten_links($content);
+
+ if (mb_strlen($content) > 140) {
+ common_debug("Content = '$content'", __FILE__);
+ common_debug("mb_strlen(\$content) = " . mb_strlen($content), __FILE__);
+ $this->show_form(_('That\'s too long. Max notice size is 140 chars.'));
+ return;
+ }
}
- $id = $notice->insert();
+ $inter = new CommandInterpreter();
- if (!$id) {
- common_server_error(_t('Problem saving notice.'));
+ $cmd = $inter->handle_command($user, $content);
+
+ if ($cmd) {
+ $cmd->execute(new WebChannel());
return;
}
- $orig = clone($notice);
- $notice->uri = common_notice_uri($notice);
+ $replyto = $this->trimmed('inreplyto');
+
+ common_debug("Replyto = $replyto\n");
+
+ $notice = Notice::saveNew($user->id, $content, 'web', 1, ($replyto == 'false') ? NULL : $replyto);
- if (!$notice->update($orig)) {
- common_server_error(_t('Problem saving notice.'));
+ if (is_string($notice)) {
+ $this->show_form($notice);
return;
}
common_broadcast_notice($notice);
+
$returnto = $this->trimmed('returnto');
+
if ($returnto) {
$url = common_local_url($returnto,
array('nickname' => $user->nickname));
} else {
$url = common_local_url('shownotice',
- array('notice' => $id));
+ array('notice' => $notice->id));
}
common_redirect($url, 303);
}
function show_form($msg=NULL) {
$content = $this->trimmed('status_textarea');
- common_show_header(_t('New notice'), NULL, $content,
+ if (!$content) {
+ $replyto = $this->trimmed('replyto');
+ $profile = Profile::staticGet('nickname', $replyto);
+ if ($profile) {
+ $content = '@' . $profile->nickname . ' ';
+ }
+ }
+ common_show_header(_('New notice'), NULL, $content,
array($this, 'show_top'));
if ($msg) {
common_element('p', 'error', $msg);
projects / quix0rs-gnu-social.git / blobdiff