X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fnewnotice.php;h=c8a321b91780ddf980265b8a6c92f2eb8091ab1d;hb=69a1cea319f22362d197cb8a0fc9ab19abdf8548;hp=a3ba4c9ccf77570a98eb182ff7e9ab2303ada249;hpb=50c7e4c722a39582c185eafe452f0b321dd39e7e;p=quix0rs-gnu-social.git diff --git a/actions/newnotice.php b/actions/newnotice.php index a3ba4c9ccf..c8a321b917 100644 --- a/actions/newnotice.php +++ b/actions/newnotice.php @@ -26,7 +26,7 @@ class NewnoticeAction extends Action { # XXX: Ajax! if (!common_logged_in()) { - common_user_error(_t('Not logged in.')); + common_user_error(_('Not logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->save_new_notice(); } else { @@ -36,59 +36,84 @@ class NewnoticeAction extends Action { function save_new_notice() { + # CSRF protection - token set in common_notice_form() + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->client_error(_('There was a problem with your session token. Try again, please.')); + return; + } + $user = common_current_user(); assert($user); # XXX: maybe an error instead... - $notice = DB_DataObject::factory('notice'); - assert($notice); - $notice->profile_id = $user->id; # user id *is* profile id - $notice->created = DB_DataObject_Cast::dateTime(); - # Default theme uses 'content' for something else - $notice->content = $this->trimmed('status_textarea'); - - if (!$notice->content) { - $this->show_form(_t('No content!')); - return; - } else if (strlen($notice->content) > 140) { - $this->show_form(_t('Notice content too long.')); + $content = $this->trimmed('status_textarea'); + + if (!$content) { + $this->show_form(_('No content!')); return; +// } else if (mb_strlen($content) > 140) { + } else { + $content = common_shorten_links($content); + + if (mb_strlen($content) > 140) { + common_debug("Content = '$content'", __FILE__); + common_debug("mb_strlen(\$content) = " . mb_strlen($content), __FILE__); + $this->show_form(_('That\'s too long. Max notice size is 140 chars.')); + return; + } } - $id = $notice->insert(); - - if (!$id) { - common_server_error(_t('Problem saving notice.')); + $inter = new CommandInterpreter(); + + $cmd = $inter->handle_command($user, $content); + + if ($cmd) { + $cmd->execute(new WebChannel()); return; } - $orig = clone($notice); - $notice->uri = common_mint_tag('notice:' . $id); - - if (!$notice->update($orig)) { - common_server_error(_t('Problem saving notice.')); + $replyto = $this->trimmed('inreplyto'); + + common_debug("Replyto = $replyto\n"); + + $notice = Notice::saveNew($user->id, $content, 'web', 1, ($replyto == 'false') ? NULL : $replyto); + + if (is_string($notice)) { + $this->show_form($notice); return; } - + common_broadcast_notice($notice); + $returnto = $this->trimmed('returnto'); + if ($returnto) { $url = common_local_url($returnto, array('nickname' => $user->nickname)); } else { $url = common_local_url('shownotice', - array('notice' => $id)); + array('notice' => $notice->id)); } common_redirect($url, 303); } - function show_top($msg=NULL) { - if ($msg) { - common_element('div', 'error', $msg); - } + function show_top($content=NULL) { + common_notice_form(NULL, $content); } - + function show_form($msg=NULL) { - common_show_header(_t('New notice'), NULL, $msg, array($this, 'show_top')); - common_notice_form(); + $content = $this->trimmed('status_textarea'); + if (!$content) { + $replyto = $this->trimmed('replyto'); + $profile = Profile::staticGet('nickname', $replyto); + if ($profile) { + $content = '@' . $profile->nickname . ' '; + } + } + common_show_header(_('New notice'), NULL, $content, + array($this, 'show_top')); + if ($msg) { + common_element('p', 'error', $msg); + } common_show_footer(); } -} \ No newline at end of file +}