CentralNotice

kaldari Tue, 03 Aug 2010 17:23:43 -0700

http://www.mediawiki.org/wiki/Special:Code/MediaWiki/70440


Revision: 70440
Author:   kaldari
Date:     2010-08-04 00:05:48 +0000 (Wed, 04 Aug 2010)

Log Message:
-----------
Fix for form issues

Modified Paths:
--------------
    trunk/extensions/CentralNotice/SpecialCentralNotice.php
    trunk/extensions/CentralNotice/SpecialNoticeTemplate.php

Modified: trunk/extensions/CentralNotice/SpecialCentralNotice.php
===================================================================
--- trunk/extensions/CentralNotice/SpecialCentralNotice.php     2010-08-03 
23:37:45 UTC (rev 70439)
+++ trunk/extensions/CentralNotice/SpecialCentralNotice.php     2010-08-04 
00:05:48 UTC (rev 70440)
@@ -42,8 +42,8 @@
                
                $method = $wgRequest->getVal( 'method' );
                // Handle form sumissions
-               if ( $this->editable && $wgRequest->wasPosted() ) {
-
+                if ( $this->editable && $wgRequest->wasPosted() && 
$wgUser->matchEditToken( $wgRequest->getVal( 'authtoken' ) ) ) {
+                       
                        // Handle removing
                        $toRemove = $wgRequest->getArray( 'removeNotices' );
                        if ( isset( $toRemove ) ) {
@@ -185,28 +185,26 @@
 
                // Handle adding of notice
                $this->showAll = $wgRequest->getVal( 'showAll' );
-               if ( $this->editable && $method == 'addNotice' ) {
+               if ( $this->editable && $method == 'addNotice' && 
$wgUser->matchEditToken( $wgRequest->getVal( 'authtoken' ) ) ) {
                        $noticeName        = $wgRequest->getVal( 'noticeName' );
                        $start             = $wgRequest->getArray( 'start' );
                        $project_name      = $wgRequest->getVal( 'project_name' 
);
                        $project_languages = $wgRequest->getArray( 
'project_languages' );
                        if ( $noticeName == '' ) {
-                               //$wgOut->addWikiMsg ( 
'centralnotice-null-string' );
                                $wgOut->addHTML( Xml::element( 'div', array( 
'class' => 'cn-error' ), wfMsg( 'centralnotice-null-string' ) ) );
-                       }
-                       else {
+                       } else {
                                $this->addNotice( $noticeName, '0', $start, 
$project_name, $project_languages );
                        }
                }
 
                // Handle removing of notice
-               if ( $this->editable && $method == 'removeNotice' ) {
+               if ( $this->editable && $method == 'removeNotice' && 
$wgUser->matchEditToken( $wgRequest->getVal( 'authtoken' ) ) ) {
                        $noticeName = $wgRequest->getVal ( 'noticeName' );
                        $this->removeNotice ( $noticeName );
                }
 
                // Handle adding of template
-               if ( $this->editable && $method == 'addTemplateTo' ) {
+               if ( $this->editable && $method == 'addTemplateTo' && 
$wgUser->matchEditToken( $wgRequest->getVal( 'authtoken' ) ) ) {
                        $noticeName = $wgRequest->getVal( 'noticeName' );
                        $templateName = $wgRequest->getVal( 'templateName' );
                        $templateWeight = $wgRequest->getVal ( 'weight' );
@@ -217,7 +215,7 @@
                }
 
                // Handle removing of template
-               if ( $this->editable && $method == 'removeTemplateFor' ) {
+               if ( $this->editable && $method == 'removeTemplateFor' && 
$wgUser->matchEditToken( $wgRequest->getVal( 'authtoken' ) ) ) {
                        $noticeName = $wgRequest->getVal ( 'noticeName' );
                        $templateName = $wgRequest->getVal ( 'templateName ' );
                        $this->removeTemplateFor( $noticeName , $templateName );
@@ -520,6 +518,7 @@
                                $htmlOut .= $this->tableRow( $fields );
                        }
                        $htmlOut .= Xml::closeElement( 'table' );
+                       $htmlOut .= Xml::hidden( 'authtoken', 
$wgUser->editToken() );
                        if ( $this->editable ) {
                                $htmlOut .= Xml::openElement( 'div', array( 
'class' => 'cn-buttons' ) );
                                $htmlOut .= Xml::submitButton( wfMsg( 
'centralnotice-modify' ),
@@ -585,6 +584,7 @@
                        $htmlOut .= Xml::closeElement( 'tr' );
                        $htmlOut .= Xml::closeElement( 'table' );
                        $htmlOut .= Xml::hidden( 'change', 'weight' );
+                       $htmlOut .= Xml::hidden( 'authtoken', 
$wgUser->editToken() );
                        
                        // Submit button
                        $htmlOut .= Xml::tags( 'div', 
@@ -604,7 +604,8 @@
 
        function listNoticeDetail( $notice ) {
                global $wgOut, $wgRequest, $wgUser;
-               if ( $wgRequest->wasPosted() ) {
+               if ( $wgRequest->wasPosted() && $wgUser->matchEditToken( 
$wgRequest->getVal( 'authtoken' ) ) ) {
+               
                        // Handle removing of templates
                        $templateToRemove = $wgRequest->getArray( 
'removeTemplates' );
                        if ( isset( $templateToRemove ) ) {
@@ -688,6 +689,8 @@
                                }
                        }
                        if ( $this->editable ) {
+                                $htmlOut .= Xml::hidden( 'authtoken', 
$wgUser->editToken() );
+                               
                                // Submit button
                                $htmlOut .= Xml::tags( 'div', 
                                        array( 'class' => 'cn-buttons' ), 

Modified: trunk/extensions/CentralNotice/SpecialNoticeTemplate.php
===================================================================
--- trunk/extensions/CentralNotice/SpecialNoticeTemplate.php    2010-08-03 
23:37:45 UTC (rev 70439)
+++ trunk/extensions/CentralNotice/SpecialNoticeTemplate.php    2010-08-04 
00:05:48 UTC (rev 70440)
@@ -39,7 +39,7 @@
                // Begin Banners tab content
                $wgOut->addHTML( Xml::openElement( 'div', array( 'id' => 
'preferences' ) ) );
                
-               if ( $this->editable ) {
+               if ( $this->editable && $wgUser->matchEditToken( 
$wgRequest->getVal( 'authtoken' ) ) ) {
                        // Handle forms
                        if ( $wgRequest->wasPosted() ) {
 
@@ -85,42 +85,39 @@
                        }
                }
 
-               switch ( $sub ) {
-               
-                       // Handle viewing or editing a specific banner
-                       case 'view':
-                               if ( $wgRequest->getVal( 'wpUserLanguage' ) == 
'all' ) {
-                                       // Handle viewing a banner in all 
languages
-                                       $template =  $wgRequest->getVal( 
'template' );
-                                       $this->showViewAvailable( $template );
-                               } elseif ( $wgRequest->getText( 'template' ) != 
'' ) {
-                                       $this->showView();
-                               }
-                               break;
-                               
-                       // Handle adding a banner
-                       case 'add':
-                               if ( $this->editable ) {
-                                       $this->showAdd();
-                               }
-                               break;
-                               
-                       // Handle cloning a banner
-                       case 'clone':
-                               if ( $this->editable ) {
-                                       $oldTemplate = $wgRequest->getVal( 
'oldTemplate' );
-                                       $newTemplate =  $wgRequest->getVal( 
'newTemplate' );
-                                       // We use the returned name in case any 
special characters had to be removed
-                                       $template = $this->cloneTemplate( 
$oldTemplate, $newTemplate );
-                                       $wgOut->redirect( 
SpecialPage::getTitleFor( 'NoticeTemplate', 'view' )->getLocalUrl( 
"template=$template" ) );
-                               }
-                               break;
-                               
-                       // Show list of banners by default
-                       default:
-                               $this->showList();
-                               
+               // Handle viewing of a template in all languages
+               if ( $sub == 'view' && $wgRequest->getVal( 'wpUserLanguage' ) 
== 'all' ) {
+                       $template =  $wgRequest->getVal( 'template' );
+                       $this->showViewAvailable( $template );
+                       return;
                }
+
+               // Handle viewing a specific template
+               if ( $sub == 'view' && $wgRequest->getText( 'template' ) != '' 
) {
+                       $this->showView();
+                       return;
+               }
+
+               if ( $this->editable ) {
+                       // Handle "Add a banner" link
+                       if ( $sub == 'add' ) {
+                               $this->showAdd();
+                               return;
+                       }
+                       
+                       // Handle cloning a specific template
+                       if ( $sub == 'clone' && $wgUser->matchEditToken( 
$wgRequest->getVal( 'authtoken' ) ) ) {
+                               $oldTemplate = $wgRequest->getVal( 
'oldTemplate' );
+                               $newTemplate =  $wgRequest->getVal( 
'newTemplate' );
+                               // We use the returned name in case any special 
characters had to be removed
+                               $template = $this->cloneTemplate( $oldTemplate, 
$newTemplate );
+                               $wgOut->redirect( SpecialPage::getTitleFor( 
'NoticeTemplate', 'view' )->getLocalUrl( "template=$template" ) );
+                               return;
+                       }
+               }
+
+               // Show list by default
+               $this->showList();
                
                // End Banners tab content
                $wgOut->addHTML( Xml::closeElement( 'div' ) );
@@ -175,7 +172,7 @@
        }
 
        function showAdd() {
-               global $wgOut;
+               global $wgOut, $wgUser;
 
                // Build HTML
                $htmlOut = '';
@@ -194,6 +191,7 @@
                $htmlOut .= Xml::tags( 'p', null,
                        Xml::textarea( 'templateBody', '', 60, 20 )
                );
+               $htmlOut .= Xml::hidden( 'authtoken', $wgUser->editToken() );
                
                // Submit button
                $htmlOut .= Xml::tags( 'div', 
@@ -337,7 +335,7 @@
                                $htmlOut .= Xml::closeElement( 'tr' );
                        }
                        if ( $this->editable ) {
-                               $htmlOut .= Xml::hidden( 'token', $token );
+                               $htmlOut .= Xml::hidden( 'authtoken', $token );
                                $htmlOut .= Xml::hidden( 'wpUserLanguage', 
$wpUserLang );
                                $htmlOut .= Xml::openElement( 'tr' );
                                $htmlOut .= Xml::tags( 'td', array( 'colspan' 
=> 4 ),
@@ -347,6 +345,7 @@
                        }
        
                        $htmlOut .= Xml::closeElement( 'table' );
+                       $htmlOut .= Xml::hidden( 'authtoken', 
$wgUser->editToken() );
                        $htmlOut .= Xml::closeElement( 'fieldset' );
        
                        if ( $this->editable ) {
@@ -375,6 +374,7 @@
                                Xml::tags( 'td', null, $sk->makeLinkObj( 
$newPage, wfMsgHtml( 'centralnotice-preview-all-template-translations' ), 
"template=$currentTemplate&wpUserLanguage=all" ) )
                        );
                        $htmlOut .= Xml::closeElement( 'table' );
+                       $htmlOut .= Xml::hidden( 'authtoken', 
$wgUser->editToken() );
                        $htmlOut .= Xml::closeElement( 'fieldset' );
                        $htmlOut .= Xml::closeElement( 'form' );
                }
@@ -403,6 +403,7 @@
                        );
                }
                $htmlOut .= Xml::closeElement( 'table' );
+               $htmlOut .= Xml::hidden( 'authtoken', $wgUser->editToken() );
                $htmlOut .= Xml::closeElement( 'fieldset' );
                if ( $this->editable ) {
                        $htmlOut .= Xml::closeElement( 'form' );
@@ -428,6 +429,7 @@
 
                        $htmlOut .= Xml::closeElement( 'tr' );
                        $htmlOut .= Xml::closeElement( 'table' );
+                       $htmlOut .= Xml::hidden( 'authtoken', 
$wgUser->editToken() );
                        $htmlOut .= Xml::closeElement( 'fieldset' );
                        $htmlOut .= Xml::closeElement( 'form' );
                }
@@ -539,7 +541,7 @@
                global $wgOut;
 
                if ( $body == '' || $name == '' ) {
-                       $wgOut->addWikiMsg( 'centralnotice-null-string' );
+                       $wgOut->addHTML( Xml::element( 'div', array( 'class' => 
'cn-error' ), wfMsg( 'centralnotice-null-string' ) ) );
                        return;
                }
 
@@ -555,7 +557,7 @@
                );
 
                if ( $dbr->numRows( $res ) > 0 ) {
-                       $wgOut->addWikiMsg( 'centralnotice-template-exists' );
+                       $wgOut->addHTML( Xml::element( 'div', array( 'class' => 
'cn-error' ), wfMsg( 'centralnotice-template-exists' ) ) );
                        return false;
                } else {
                        $dbw = wfGetDB( DB_MASTER );
@@ -582,7 +584,7 @@
                global $wgOut;
 
                if ( $body == '' || $name == '' ) {
-                       $wgOut->addWikiMsg( 'centralnotice-null-string' );
+                       $wgOut->addHTML( Xml::element( 'div', array( 'class' => 
'cn-error' ), wfMsg( 'centralnotice-null-string' ) ) );
                        return;
                }
 
@@ -765,6 +767,7 @@
        }
 
        function getEndBody() {
+               global $wgUser;
                $htmlOut = '';
                if ( $this->editable ) {
                        $htmlOut .= Xml::tags( 'tr', null,
@@ -774,6 +777,7 @@
                        );
                }
                $htmlOut .= Xml::closeElement( 'table' );
+               $htmlOut .= Xml::hidden( 'authtoken', $wgUser->editToken() );
                return $htmlOut;
        }
 }



_______________________________________________
MediaWiki-CVS mailing list
MediaWiki-CVS@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs

[MediaWiki-CVS] SVN: [70440] trunk/extensions/CentralNotice

Reply via email to