r102007 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r102006‎ \| r102007 \| r102008 >
Date:	16:40, 4 November 2011
Author:	ialex
Status:	ok
Tags:
Comment:	And while I'm at it, move token check to onView() so that if action=markpatrolled is called without parameters, the user will see 'markedaspatrollederror' error and not 'sessionfailure'
Modified paths:	/trunk/phase3/includes/actions/MarkpatrolledAction.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/actions/MarkpatrolledAction.php
—	—	@@ -36,23 +36,22 @@
37	37	return '';
38	38	}
39	39
40		~~- protected function checkCanExecute( User $user ) {~~
41		~~- if ( !$user->matchEditToken( $this->getRequest()->getVal( 'token' ), $this->getRequest()->getInt( 'rcid' ) ) ) {~~
42		~~- throw new ErrorPageError( 'sessionfailure-title', 'sessionfailure' );~~
43		~~- }~~
44		-
45		~~- return parent::checkCanExecute( $user );~~
46		~~- }~~
47		-
48	40	public function onView() {
49		~~- $rc = RecentChange::newFromId( $this->getRequest()->getInt( 'rcid' ) );~~
	41	+ $request = $this->getRequest();
50	42
	43	+ $rcId = $request->getInt( 'rcid' );
	44	+ $rc = RecentChange::newFromId( $rcId );
51	45	if ( is_null( $rc ) ) {
52	46	throw new ErrorPageError( 'markedaspatrollederror', 'markedaspatrollederrortext' );
53	47	}
54	48
55		~~- $errors = $rc->doMarkPatrolled( $this->getUser() );~~
	49	+ $user = $this->getUser();
	50	+ if ( !$user->matchEditToken( $request->getVal( 'token' ), $rcId ) ) {
	51	+ throw new ErrorPageError( 'sessionfailure-title', 'sessionfailure' );
	52	+ }
56	53
	54	+ $errors = $rc->doMarkPatrolled( $user );
	55	+
57	56	if ( in_array( array( 'rcpatroldisabled' ), $errors ) ) {
58	57	throw new ErrorPageError( 'rcpatroldisabled', 'rcpatroldisabledtext' );
59	58	}

User	Flag	Date
Nikerabbit	inspected	14:08, 5 November 2011

01:29, 17 December 2011 Aaron Schulz (talk | contribs) changed the status of r102007 [removed: new added: ok]