summaryrefslogtreecommitdiff
path: root/actions
diff options
context:
space:
mode:
Diffstat (limited to 'actions')
-rw-r--r--actions/apiaccountupdateprofileimage.php20
-rw-r--r--actions/apistatusesupdate.php21
-rw-r--r--actions/avatarsettings.php16
-rw-r--r--actions/passwordsettings.php31
4 files changed, 62 insertions, 26 deletions
diff --git a/actions/apiaccountupdateprofileimage.php b/actions/apiaccountupdateprofileimage.php
index 416fee45a..72fb361bf 100644
--- a/actions/apiaccountupdateprofileimage.php
+++ b/actions/apiaccountupdateprofileimage.php
@@ -87,16 +87,22 @@ class ApiAccountUpdateProfileImageAction extends ApiAuthAction
return;
}
- if (empty($this->user)) {
- $this->clientError(_('No such user!'), 404, $this->format);
+ // Workaround for PHP returning empty $_POST and $_FILES when POST
+ // length > post_max_size in php.ini
+
+ if (empty($_FILES)
+ && empty($_POST)
+ && ($_SERVER['CONTENT_LENGTH'] > 0)
+ ) {
+ $msg = _('The server was unable to handle that much POST ' .
+ 'data (%s bytes) due to its current configuration.');
+
+ $this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH']));
return;
}
- // Workaround for PHP returning empty $_FILES when POST length > PHP settings
-
- if (empty($_FILES) && ($_SERVER['CONTENT_LENGTH'] > 0)) {
- common_debug('content-length = ' . $_SERVER['CONTENT_LENGTH']);
- $this->clientError(_('Unable to handle that much POST data!'));
+ if (empty($this->user)) {
+ $this->clientError(_('No such user!'), 404, $this->format);
return;
}
diff --git a/actions/apistatusesupdate.php b/actions/apistatusesupdate.php
index 82fe5a537..e369fa71e 100644
--- a/actions/apistatusesupdate.php
+++ b/actions/apistatusesupdate.php
@@ -112,6 +112,20 @@ class ApiStatusesUpdateAction extends ApiAuthAction
return;
}
+ // Workaround for PHP returning empty $_POST and $_FILES when POST
+ // length > post_max_size in php.ini
+
+ if (empty($_FILES)
+ && empty($_POST)
+ && ($_SERVER['CONTENT_LENGTH'] > 0)
+ ) {
+ $msg = _('The server was unable to handle that much POST ' .
+ 'data (%s bytes) due to its current configuration.');
+
+ $this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH']));
+ return;
+ }
+
if (empty($this->status)) {
$this->clientError(
'Client must provide a \'status\' parameter with a value.',
@@ -126,13 +140,6 @@ class ApiStatusesUpdateAction extends ApiAuthAction
return;
}
- // Workaround for PHP returning empty $_FILES when POST length > PHP settings
-
- if (empty($_FILES) && ($_SERVER['CONTENT_LENGTH'] > 0)) {
- $this->clientError(_('Unable to handle that much POST data!'));
- return;
- }
-
$status_shortened = common_shorten_links($this->status);
if (Notice::contentTooLong($status_shortened)) {
diff --git a/actions/avatarsettings.php b/actions/avatarsettings.php
index ded419dd7..879e44842 100644
--- a/actions/avatarsettings.php
+++ b/actions/avatarsettings.php
@@ -244,11 +244,25 @@ class AvatarsettingsAction extends AccountSettingsAction
function handlePost()
{
+ // Workaround for PHP returning empty $_POST and $_FILES when POST
+ // length > post_max_size in php.ini
+
+ if (empty($_FILES)
+ && empty($_POST)
+ && ($_SERVER['CONTENT_LENGTH'] > 0)
+ ) {
+ $msg = _('The server was unable to handle that much POST ' .
+ 'data (%s bytes) due to its current configuration.');
+
+ $this->showForm(sprintf($msg, $_SERVER['CONTENT_LENGTH']));
+ return;
+ }
+
// CSRF protection
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
- $this->show_form(_('There was a problem with your session token. '.
+ $this->showForm(_('There was a problem with your session token. '.
'Try again, please.'));
return;
}
diff --git a/actions/passwordsettings.php b/actions/passwordsettings.php
index cd4beac3f..87eb45a7d 100644
--- a/actions/passwordsettings.php
+++ b/actions/passwordsettings.php
@@ -164,23 +164,32 @@ class PasswordsettingsAction extends AccountSettingsAction
$this->showForm(_('Incorrect old password'));
return;
}
+ }else{
+ $oldpassword = null;
}
- $original = clone($user);
+ $errormsg = false;
+ if(! Event::handle('ChangePassword', array($user->nickname, $oldpassword, $newpassword, &$errormsg))){
+ //no handler changed the password, so change the password internally
+ $original = clone($user);
- $user->password = common_munge_password($newpassword, $user->id);
+ $user->password = common_munge_password($newpassword, $user->id);
- $val = $user->validate();
- if ($val !== true) {
- $this->showForm(_('Error saving user; invalid.'));
- return;
- }
+ $val = $user->validate();
+ if ($val !== true) {
+ $this->showForm(_('Error saving user; invalid.'));
+ return;
+ }
- if (!$user->update($original)) {
- $this->serverError(_('Can\'t save new password.'));
- return;
+ if (!$user->update($original)) {
+ $this->serverError(_('Can\'t save new password.'));
+ return;
+ }
}
- $this->showForm(_('Password saved.'), true);
+ if($errormsg === false)
+ $this->showForm(_('Password saved.'), true);
+ else
+ $this->showForm($errormsg);
}
}