svn commit: r796679 - /incubator/shindig/trunk/php/src/gadgets/templates/DataPipelining.php

Wed, 22 Jul 2009 04:55:30 -0700 

Author: chabotc
Date: Wed Jul 22 11:54:56 2009
New Revision: 796679

URL: http://svn.apache.org/viewvc?rev=796679&view=rev
Log:
Add detection of missing namespace tags for data pipelining & detect missing 
security token and handle gracefully

Modified:
    incubator/shindig/trunk/php/src/gadgets/templates/DataPipelining.php

Modified: incubator/shindig/trunk/php/src/gadgets/templates/DataPipelining.php
URL: 
http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/templates/DataPipelining.php?rev=796679&r1=796678&r2=796679&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/templates/DataPipelining.php 
(original)
+++ incubator/shindig/trunk/php/src/gadgets/templates/DataPipelining.php Wed 
Jul 22 11:54:56 2009
@@ -18,6 +18,8 @@
  * under the License.
  */
 
+//TODO verify os:HttpRequest
+
 class DataPipelining {
 
   /**
@@ -30,6 +32,7 @@
     $dataTags = $viewNode->getElementsByTagName('*');
     if ($dataTags->length > 0) {
       $dataPipeliningTags = array();
+      $namespaceErrorTags = array('httprequest', 'datarequest', 
'peoplerequest', 'viewerrequest', 'ownerrequest', 'activitiesrequest');
       foreach ($dataTags as $dataTag) {
         $tag = array();
         $tag['type'] = $dataTag->tagName;
@@ -40,6 +43,12 @@
             $tag[$dataAttribute] = $val;
           }
         }
+
+        // Make sure the proper name space decleration was used, either 
parsing would fail miserably
+        if (in_array(strtolower($tag['type']), $namespaceErrorTags)) {
+               throw new ExpressionException("Invalid os-data namespace, 
please use xmlns:os=\"http://ns.opensocial.org/2008/markup\"; in the script 
tag");
+        }
+
         // normalize the methods so that os:PeopleRequest becomes a 
os:DataRequest with a people.get method, and os:ViewerRequest becomes a 
people.get with a userId = @viewer & groupId = @self, this
         // makes it a whole lot simpler to implement the actual data fetching 
in the renderer
         switch ($tag['type']) {
@@ -137,6 +146,9 @@
     $httpRequests = array();
     $decodedResponse = array();
     // Using the same gadget security token for all social & http requests so 
everything happens in the right context
+    if (!isset($_GET['st'])) {
+       throw new ExpressionException("No security token set, required for 
data-pipeling");
+    }
     $securityToken = $_GET['st'];
     foreach ($requests as $request) {
       switch ($request['type']) {

Reply via email to