diff options
Diffstat (limited to 'actions')
-rw-r--r-- | actions/apiaccountupdateprofileimage.php | 20 | ||||
-rw-r--r-- | actions/apistatusesupdate.php | 21 | ||||
-rw-r--r-- | actions/avatarsettings.php | 16 | ||||
-rw-r--r-- | actions/passwordsettings.php | 31 |
4 files changed, 62 insertions, 26 deletions
diff --git a/actions/apiaccountupdateprofileimage.php b/actions/apiaccountupdateprofileimage.php index 416fee45a..72fb361bf 100644 --- a/actions/apiaccountupdateprofileimage.php +++ b/actions/apiaccountupdateprofileimage.php @@ -87,16 +87,22 @@ class ApiAccountUpdateProfileImageAction extends ApiAuthAction return; } - if (empty($this->user)) { - $this->clientError(_('No such user!'), 404, $this->format); + // Workaround for PHP returning empty $_POST and $_FILES when POST + // length > post_max_size in php.ini + + if (empty($_FILES) + && empty($_POST) + && ($_SERVER['CONTENT_LENGTH'] > 0) + ) { + $msg = _('The server was unable to handle that much POST ' . + 'data (%s bytes) due to its current configuration.'); + + $this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); return; } - // Workaround for PHP returning empty $_FILES when POST length > PHP settings - - if (empty($_FILES) && ($_SERVER['CONTENT_LENGTH'] > 0)) { - common_debug('content-length = ' . $_SERVER['CONTENT_LENGTH']); - $this->clientError(_('Unable to handle that much POST data!')); + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->format); return; } diff --git a/actions/apistatusesupdate.php b/actions/apistatusesupdate.php index 82fe5a537..e369fa71e 100644 --- a/actions/apistatusesupdate.php +++ b/actions/apistatusesupdate.php @@ -112,6 +112,20 @@ class ApiStatusesUpdateAction extends ApiAuthAction return; } + // Workaround for PHP returning empty $_POST and $_FILES when POST + // length > post_max_size in php.ini + + if (empty($_FILES) + && empty($_POST) + && ($_SERVER['CONTENT_LENGTH'] > 0) + ) { + $msg = _('The server was unable to handle that much POST ' . + 'data (%s bytes) due to its current configuration.'); + + $this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); + return; + } + if (empty($this->status)) { $this->clientError( 'Client must provide a \'status\' parameter with a value.', @@ -126,13 +140,6 @@ class ApiStatusesUpdateAction extends ApiAuthAction return; } - // Workaround for PHP returning empty $_FILES when POST length > PHP settings - - if (empty($_FILES) && ($_SERVER['CONTENT_LENGTH'] > 0)) { - $this->clientError(_('Unable to handle that much POST data!')); - return; - } - $status_shortened = common_shorten_links($this->status); if (Notice::contentTooLong($status_shortened)) { diff --git a/actions/avatarsettings.php b/actions/avatarsettings.php index ded419dd7..879e44842 100644 --- a/actions/avatarsettings.php +++ b/actions/avatarsettings.php @@ -244,11 +244,25 @@ class AvatarsettingsAction extends AccountSettingsAction function handlePost() { + // Workaround for PHP returning empty $_POST and $_FILES when POST + // length > post_max_size in php.ini + + if (empty($_FILES) + && empty($_POST) + && ($_SERVER['CONTENT_LENGTH'] > 0) + ) { + $msg = _('The server was unable to handle that much POST ' . + 'data (%s bytes) due to its current configuration.'); + + $this->showForm(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); + return; + } + // CSRF protection $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. '. + $this->showForm(_('There was a problem with your session token. '. 'Try again, please.')); return; } diff --git a/actions/passwordsettings.php b/actions/passwordsettings.php index cd4beac3f..87eb45a7d 100644 --- a/actions/passwordsettings.php +++ b/actions/passwordsettings.php @@ -164,23 +164,32 @@ class PasswordsettingsAction extends AccountSettingsAction $this->showForm(_('Incorrect old password')); return; } + }else{ + $oldpassword = null; } - $original = clone($user); + $errormsg = false; + if(! Event::handle('ChangePassword', array($user->nickname, $oldpassword, $newpassword, &$errormsg))){ + //no handler changed the password, so change the password internally + $original = clone($user); - $user->password = common_munge_password($newpassword, $user->id); + $user->password = common_munge_password($newpassword, $user->id); - $val = $user->validate(); - if ($val !== true) { - $this->showForm(_('Error saving user; invalid.')); - return; - } + $val = $user->validate(); + if ($val !== true) { + $this->showForm(_('Error saving user; invalid.')); + return; + } - if (!$user->update($original)) { - $this->serverError(_('Can\'t save new password.')); - return; + if (!$user->update($original)) { + $this->serverError(_('Can\'t save new password.')); + return; + } } - $this->showForm(_('Password saved.'), true); + if($errormsg === false) + $this->showForm(_('Password saved.'), true); + else + $this->showForm($errormsg); } } |