diff options
| author | Evan Prodromou <evan@prodromou.name> | 2008-05-20 15:10:32 -0400 |
|---|---|---|
| committer | Evan Prodromou <evan@prodromou.name> | 2008-05-20 15:10:32 -0400 |
| commit | 3f5ededc01d8eedac2a9a75917849fbe78a3e701 (patch) | |
| tree | 50627d9a90854d51f52fa398b044046b382fe3c8 /actions | |
| parent | 5d1a6f0fef3b99167babfa304ceda9b67720f399 (diff) | |
call validate before saving objects
darcs-hash:20080520191032-84dde-64197121c93cd4cf3cbc614badff0bd44547f9f9.gz
Diffstat (limited to 'actions')
| -rw-r--r-- | actions/avatar.php | 12 | ||||
| -rw-r--r-- | actions/newnotice.php | 9 | ||||
| -rw-r--r-- | actions/password.php | 6 | ||||
| -rw-r--r-- | actions/profilesettings.php | 14 | ||||
| -rw-r--r-- | actions/register.php | 15 | ||||
| -rw-r--r-- | actions/subscribe.php | 8 |
6 files changed, 62 insertions, 2 deletions
diff --git a/actions/avatar.php b/actions/avatar.php index 17f56634b..43f02a88d 100644 --- a/actions/avatar.php +++ b/actions/avatar.php @@ -128,6 +128,17 @@ class AvatarAction extends SettingsAction { $avatar->url = common_avatar_url($filename); $avatar->created = DB_DataObject_Cast::dateTime(); # current time + $val = $avatar->validate(); + + if ($val !== TRUE) { + $err = ''; + foreach ($val as $k=>$v) { + $err .= _t('Something wrong with ') . $k; + $this->show_form($err); + return; + } + } + foreach (array(AVATAR_PROFILE_SIZE, AVATAR_STREAM_SIZE, AVATAR_MINI_SIZE) as $size) { $scaled[] = $this->scale_avatar($user, $avatar, $size); } @@ -139,7 +150,6 @@ class AvatarAction extends SettingsAction { common_server_error(_t('Error deleting old avatars.')); return; } - if (!$avatar->insert()) { @unlink($filepath); common_server_error(_t('Error inserting avatar.')); diff --git a/actions/newnotice.php b/actions/newnotice.php index fed3278a4..5bbc91531 100644 --- a/actions/newnotice.php +++ b/actions/newnotice.php @@ -49,7 +49,14 @@ class NewnoticeAction extends Action { $notice->profile_id = $user->id; # user id *is* profile id $notice->created = DB_DataObject_Cast::dateTime(); $notice->content = trim($this->arg('content')); - return $notice->insert(); + + $val = $notice->validate(); + if ($val === TRUE) { + return $notice->insert(); + } else { + // XXX: display some info + return NULL; + } } function show_form() { diff --git a/actions/password.php b/actions/password.php index 6eba136ce..3a89c99d3 100644 --- a/actions/password.php +++ b/actions/password.php @@ -64,6 +64,12 @@ class PasswordAction extends SettingsAction { $user->password = common_munge_password($newpassword, $user->id); + $val = $user->validate(); + if ($val !== TRUE) { + $this->show_form(_t('Error saving user; invalid.')); + return; + } + if (!$user->update($original)) { common_server_error(_t('Can\'t save new password.')); return; diff --git a/actions/profilesettings.php b/actions/profilesettings.php index ab8175901..a0c9527a2 100644 --- a/actions/profilesettings.php +++ b/actions/profilesettings.php @@ -70,6 +70,13 @@ class ProfilesettingsAction extends SettingsAction { $user->nickname = $this->arg('nickname'); $user->email = $this->arg('email'); + $val = $user->validate(); + if ($val !== TRUE) { + # XXX: better validation + $this->show_form(_t('Error saving user; invalid.')); + return; + } + if (!$user->update($original)) { common_server_error(_t('Couldnt update user.')); return; @@ -86,6 +93,13 @@ class ProfilesettingsAction extends SettingsAction { $profile->location = $this->arg('location'); $profile->profileurl = common_profile_url($nickname); + $val = $profile->validate(); + if ($val !== TRUE) { + # XXX: some feedback here, please! + $this->show_form(_t('Error saving profile; invalid.')); + return; + } + if (!$profile->update($orig_profile)) { common_server_error(_t('Couldnt save profile.')); return; diff --git a/actions/register.php b/actions/register.php index f9402b98f..2fa663389 100644 --- a/actions/register.php +++ b/actions/register.php @@ -83,6 +83,12 @@ class RegisterAction extends Action { $profile->nickname = $nickname; $profile->profileurl = common_profile_url($nickname); $profile->created = DB_DataObject_Cast::dateTime(); # current time + + $val = $profile->validate(); + if ($val !== TRUE) { + # XXX: some feedback here, please! + return FALSE; + } $id = $profile->insert(); if (!$id) { return FALSE; @@ -93,6 +99,15 @@ class RegisterAction extends Action { $user->password = common_munge_password($password, $id); $user->email = $email; $user->created = DB_DataObject_Cast::dateTime(); # current time + + $val = $user->validate(); + if ($val !== TRUE) { + # XXX: some feedback here, please! + # Try to clean up... + $profile->delete(); + return FALSE; + } + $result = $user->insert(); if (!$result) { # Try to clean up... diff --git a/actions/subscribe.php b/actions/subscribe.php index 4edf3e714..ea3038236 100644 --- a/actions/subscribe.php +++ b/actions/subscribe.php @@ -49,6 +49,14 @@ class SubscribeAction extends Action { $sub->subscribed = $other->id; $sub->created = DB_DataObject_Cast::dateTime(); # current time + + $val = $sub->validate(); + + if ($val !== TRUE) { + # XXX: give some error notice + common_server_error(_t('Subscription did not validate.')); + return; + } if (!$sub->insert()) { common_server_error(_t('Couldn\'t create subscription.')); |