Changeset 2801

Timestamp:

11/12/08 09:41:15 (2 months ago)

Author:

moeffju

Message:

Leave the decision whether to continue processing after adding a redirect header up to the surrounding code.
Keeps #749 fixed.
Also removed now superfluous exit()s.

Location:

trunk/htdocs/system

Files:

• admin/login.php (modified) (1 diff)
• classes/adminhandler.php (modified) (10 diffs)
• classes/feedbackhandler.php (modified) (3 diffs)
• classes/utils.php (modified) (2 diffs)

trunk/htdocs/system/admin/login.php

@@ -65 +65 @@
         password_label = $('label[for=habari_password]');
         // to fix autofill issues, we need to check the password field on every keyup
-        $('#habari_username').keyup( function() {
+        $('#habari_username').keyup( function(){
+            setTimeout( "labeler.check( password_label );", 10 ); 
+        } ).click( function(){
             setTimeout( "labeler.check( password_label );", 10 ); 
         } );
-        // for autofill without user input
-        setTimeout( function(){ labeler.check( password_label ); }, 10 );
     })
   </script>

trunk/htdocs/system/classes/adminhandler.php

@@ -27 +27 @@
             }
             else {
-            if ( !empty( $_POST ) ) {
-                Session::add_to_set( 'last_form_data', $_POST, 'post' );
-                Session::error( _t('We saved the last form you posted. Log back in to continue its submission.'), 'expired_form_submission' );
-            }
-            if ( !empty( $_GET ) ) {
-                Session::add_to_set( 'last_form_data', $_GET, 'get' );
-                Session::error( _t('We saved the last form you posted. Log back in to continue its submission.'), 'expired_form_submission' );
-            }
-            Utils::redirect( URL::get( 'user', array( 'page' => 'login' ) ) );
+                if ( !empty( $_POST ) ) {
+                    Session::add_to_set( 'last_form_data', $_POST, 'post' );
+                    Session::error( _t('We saved the last form you posted. Log back in to continue its submission.'), 'expired_form_submission' );
+                }
+                if ( !empty( $_GET ) ) {
+                    Session::add_to_set( 'last_form_data', $_GET, 'get' );
+                    Session::error( _t('We saved the last form you posted. Log back in to continue its submission.'), 'expired_form_submission' );
+                }
+                Utils::redirect( URL::get( 'user', array( 'page' => 'login' ) ) );
             }
             exit;
@@ -297 +297 @@
         $form->save();
         Utils::redirect();
-        die();
     }
 
@@ -779 +778 @@
 
         Utils::redirect( URL::get( 'admin', $results ) );
-
     }
 
@@ -1056 +1054 @@
         if ( !isset( $_REQUEST['importer'] ) ) {
             Utils::redirect( URL::get( 'admin', 'page=import' ) );
-            exit;
         }
 
@@ -1184 +1181 @@
                             $comment->delete();
                             Utils::redirect(URL::get('admin', 'page=comments'));
-                            exit();
                         }
                         if ( $action != 'save' ) {
@@ -1300 +1296 @@
             Session::notice( _t( 'Deleted all spam comments' ) );
             Utils::redirect();
-            die();
         }
         elseif ( isset( $mass_delete ) && $status == Comment::STATUS_UNAPPROVED ) {
@@ -1307 +1302 @@
             Session::notice( _t( 'Deleted all unapproved comments' ) );
             Utils::redirect();
-            die();
         }
         // if we're updating posts, let's do so:
@@ -1403 +1397 @@
 
             Utils::redirect();
-            die();
 
         }
@@ -1876 +1869 @@
         foreach($_POST as $id => $delete) {
             // skip POST elements which are not post ids
-            if ( preg_match( '/^p\d+/', $id )  && $delete ) {
+            if ( preg_match( '/^p\d+/', $id ) && $delete ) {
                 $ids[] = substr($id, 1);
             }
@@ -2071 +2064 @@
 
             Utils::redirect();
-            die();
-
         }
 

trunk/htdocs/system/classes/feedbackhandler.php

@@ -56 +56 @@
             // now send them back to the form
             Utils::redirect( $post->permalink . '#respond' );
-            exit();
         }
 
@@ -64 +63 @@
             Session::error( _t( 'Comments on this post are disabled!' ) );
             Utils::redirect( $post->permalink );
-            exit();
         }
 
@@ -101 +99 @@
             Session::error( _t( 'Comment contains only whitespace/empty comment' ) );
             Utils::redirect( $post->permalink );
-            exit();
         }
 

trunk/htdocs/system/classes/utils.php

@@ -48 +48 @@
      * Redirects the request to a new URL
      * @param string $url The URL to redirect to, or omit to redirect to the current url
-     **/
-    public static function redirect( $url = '' )
+     * @param boolean $continue Whether to continue processing the script (default false for security reasons, cf. #749)
+     **/
+    public static function redirect( $url = '', $continue = false )
     {
         if($url == '') {
@@ -56 +57 @@
         header('Location: ' . $url, true, 302);
         
-        // prevent the rest of the page from loading - we've moved on
-        exit();
+        if (!$continue) exit;
     }