From 3f5ededc01d8eedac2a9a75917849fbe78a3e701 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 20 May 2008 15:10:32 -0400 Subject: [PATCH] call validate before saving objects darcs-hash:20080520191032-84dde-64197121c93cd4cf3cbc614badff0bd44547f9f9.gz --- actions/avatar.php | 12 +++++++++++- actions/newnotice.php | 9 ++++++++- actions/password.php | 6 ++++++ actions/profilesettings.php | 14 ++++++++++++++ actions/register.php | 15 +++++++++++++++ actions/subscribe.php | 8 ++++++++ 6 files changed, 62 insertions(+), 2 deletions(-) diff --git a/actions/avatar.php b/actions/avatar.php index 17f56634b3..43f02a88d5 100644 --- a/actions/avatar.php +++ b/actions/avatar.php @@ -128,6 +128,17 @@ class AvatarAction extends SettingsAction { $avatar->url = common_avatar_url($filename); $avatar->created = DB_DataObject_Cast::dateTime(); # current time + $val = $avatar->validate(); + + if ($val !== TRUE) { + $err = ''; + foreach ($val as $k=>$v) { + $err .= _t('Something wrong with ') . $k; + $this->show_form($err); + return; + } + } + foreach (array(AVATAR_PROFILE_SIZE, AVATAR_STREAM_SIZE, AVATAR_MINI_SIZE) as $size) { $scaled[] = $this->scale_avatar($user, $avatar, $size); } @@ -139,7 +150,6 @@ class AvatarAction extends SettingsAction { common_server_error(_t('Error deleting old avatars.')); return; } - if (!$avatar->insert()) { @unlink($filepath); common_server_error(_t('Error inserting avatar.')); diff --git a/actions/newnotice.php b/actions/newnotice.php index fed3278a47..5bbc915315 100644 --- a/actions/newnotice.php +++ b/actions/newnotice.php @@ -49,7 +49,14 @@ class NewnoticeAction extends Action { $notice->profile_id = $user->id; # user id *is* profile id $notice->created = DB_DataObject_Cast::dateTime(); $notice->content = trim($this->arg('content')); - return $notice->insert(); + + $val = $notice->validate(); + if ($val === TRUE) { + return $notice->insert(); + } else { + // XXX: display some info + return NULL; + } } function show_form() { diff --git a/actions/password.php b/actions/password.php index 6eba136ceb..3a89c99d33 100644 --- a/actions/password.php +++ b/actions/password.php @@ -64,6 +64,12 @@ class PasswordAction extends SettingsAction { $user->password = common_munge_password($newpassword, $user->id); + $val = $user->validate(); + if ($val !== TRUE) { + $this->show_form(_t('Error saving user; invalid.')); + return; + } + if (!$user->update($original)) { common_server_error(_t('Can\'t save new password.')); return; diff --git a/actions/profilesettings.php b/actions/profilesettings.php index ab8175901a..a0c9527a20 100644 --- a/actions/profilesettings.php +++ b/actions/profilesettings.php @@ -70,6 +70,13 @@ class ProfilesettingsAction extends SettingsAction { $user->nickname = $this->arg('nickname'); $user->email = $this->arg('email'); + $val = $user->validate(); + if ($val !== TRUE) { + # XXX: better validation + $this->show_form(_t('Error saving user; invalid.')); + return; + } + if (!$user->update($original)) { common_server_error(_t('Couldnt update user.')); return; @@ -86,6 +93,13 @@ class ProfilesettingsAction extends SettingsAction { $profile->location = $this->arg('location'); $profile->profileurl = common_profile_url($nickname); + $val = $profile->validate(); + if ($val !== TRUE) { + # XXX: some feedback here, please! + $this->show_form(_t('Error saving profile; invalid.')); + return; + } + if (!$profile->update($orig_profile)) { common_server_error(_t('Couldnt save profile.')); return; diff --git a/actions/register.php b/actions/register.php index f9402b98f4..2fa6633890 100644 --- a/actions/register.php +++ b/actions/register.php @@ -83,6 +83,12 @@ class RegisterAction extends Action { $profile->nickname = $nickname; $profile->profileurl = common_profile_url($nickname); $profile->created = DB_DataObject_Cast::dateTime(); # current time + + $val = $profile->validate(); + if ($val !== TRUE) { + # XXX: some feedback here, please! + return FALSE; + } $id = $profile->insert(); if (!$id) { return FALSE; @@ -93,6 +99,15 @@ class RegisterAction extends Action { $user->password = common_munge_password($password, $id); $user->email = $email; $user->created = DB_DataObject_Cast::dateTime(); # current time + + $val = $user->validate(); + if ($val !== TRUE) { + # XXX: some feedback here, please! + # Try to clean up... + $profile->delete(); + return FALSE; + } + $result = $user->insert(); if (!$result) { # Try to clean up... diff --git a/actions/subscribe.php b/actions/subscribe.php index 4edf3e714e..ea3038236c 100644 --- a/actions/subscribe.php +++ b/actions/subscribe.php @@ -49,6 +49,14 @@ class SubscribeAction extends Action { $sub->subscribed = $other->id; $sub->created = DB_DataObject_Cast::dateTime(); # current time + + $val = $sub->validate(); + + if ($val !== TRUE) { + # XXX: give some error notice + common_server_error(_t('Subscription did not validate.')); + return; + } if (!$sub->insert()) { common_server_error(_t('Couldn\'t create subscription.')); -- 2.39.5