1 files changed, 21 insertions, 13 deletions

diff --git a/actions/newnotice.php b/actions/newnotice.php
index 572adbb23..cbd04c58b 100644
--- a/actions/newnotice.php
+++ b/actions/newnotice.php
@@ -90,7 +90,7 @@ class NewnoticeAction extends Action
             $this->clientError(_('Not logged in.'));
         } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
 
-            // CSRF protection - token set in common_notice_form()
+            // CSRF protection
             $token = $this->trimmed('token');
             if (!$token || $token != common_session_token()) {
                 $this->clientError(_('There was a problem with your session token. '.
@@ -98,7 +98,12 @@ class NewnoticeAction extends Action
                 return;
             }
 
-            $this->saveNewNotice();
+            try {
+                $this->saveNewNotice();
+            } catch (Exception $e) {
+                $this->showForm($e->getMessage());
+                return;
+            }
         } else {
             $this->showForm();
         }
@@ -123,15 +128,13 @@ class NewnoticeAction extends Action
         $content = $this->trimmed('status_textarea');
 
         if (!$content) {
-            $this->showForm(_('No content!'));
-            return;
+            $this->clientError(_('No content!'));
         } else {
             $content_shortened = common_shorten_links($content);
 
             if (mb_strlen($content_shortened) > 140) {
-                $this->showForm(_('That\'s too long. '.
-                                  'Max notice size is 140 chars.'));
-                return;
+                $this->clientError(_('That\'s too long. '.
+                                     'Max notice size is 140 chars.'));
             }
         }
 
@@ -141,27 +144,32 @@ class NewnoticeAction extends Action
 
         if ($cmd) {
             if ($this->boolean('ajax')) {
-                $cmd->execute(new AjaxWebChannel());
+                $cmd->execute(new AjaxWebChannel($this));
             } else {
-                $cmd->execute(new WebChannel());
+                $cmd->execute(new WebChannel($this));
             }
             return;
         }
 
         $replyto = $this->trimmed('inreplyto');
+        #If an ID of 0 is wrongly passed here, it will cause a database error,
+        #so override it...
+        if ($replyto == 0) {
+            $replyto = 'false';
+        }
 
         $notice = Notice::saveNew($user->id, $content, 'web', 1,
                                   ($replyto == 'false') ? null : $replyto);
 
         if (is_string($notice)) {
-            $this->showForm($notice);
+            $this->clientError($notice);
             return;
         }
 
         common_broadcast_notice($notice);
 
         if ($this->boolean('ajax')) {
-            $this->startHTML('text/xml;charset=utf-8', true);
+            $this->startHTML('text/xml;charset=utf-8');
             $this->elementStart('head');
             $this->element('title', null, _('Notice posted'));
             $this->elementEnd('head');
@@ -195,7 +203,7 @@ class NewnoticeAction extends Action
 
     function ajaxErrorMsg($msg)
     {
-        common_start_html('text/xml;charset=utf-8', true);
+        $this->startHTML('text/xml;charset=utf-8', true);
         $this->elementStart('head');
         $this->element('title', null, _('Ajax Error'));
         $this->elementEnd('head');
@@ -250,7 +258,7 @@ class NewnoticeAction extends Action
             }
         }
 
-        $notice_form = new NoticeForm($this, $content);
+        $notice_form = new NoticeForm($this, '', $content);
         $notice_form->show();
     }