From e9b26ffbb331f841886236beb745e7511228adbf Mon Sep 17 00:00:00 2001 From: Zach Prezkuta Date: Thu, 1 Nov 2012 17:14:42 -0600 Subject: [PATCH] prevent double posting of status updates and comments --- boot.php | 7 ++++++ include/conversation.php | 3 ++- mod/content.php | 3 ++- mod/editpost.php | 3 ++- mod/item.php | 27 ++++++++++++++++++------ mod/photos.php | 9 +++++--- object/Item.php | 3 ++- view/comment_item.tpl | 1 + view/jot.tpl | 1 + view/theme/comix-plain/comment_item.tpl | 1 + view/theme/comix/comment_item.tpl | 1 + view/theme/diabook/comment_item.tpl | 1 + view/theme/diabook/jot.tpl | 1 + view/theme/dispy/comment_item.tpl | 1 + view/theme/dispy/jot.tpl | 1 + view/theme/duepuntozero/comment_item.tpl | 1 + view/theme/facepark/comment_item.tpl | 1 + view/theme/facepark/jot.tpl | 1 + view/theme/frost-mobile/comment_item.tpl | 1 + view/theme/frost-mobile/jot.tpl | 1 + view/theme/frost/comment_item.tpl | 1 + view/theme/frost/jot.tpl | 1 + view/theme/quattro/comment_item.tpl | 1 + view/theme/quattro/jot.tpl | 1 + view/theme/smoothly/jot.tpl | 1 + view/theme/testbubble/comment_item.tpl | 1 + view/theme/testbubble/jot.tpl | 1 + 27 files changed, 62 insertions(+), 13 deletions(-) diff --git a/boot.php b/boot.php index a96d223a0e..d231d87d1c 100644 --- a/boot.php +++ b/boot.php @@ -1796,3 +1796,10 @@ function curPageURL() { return $pageURL; } +function random_digits($digits) { + $rn = ''; + for($i = 0; $i < $digits; $i++) { + $rn .= rand(0,9); + } + return $rn; +} diff --git a/include/conversation.php b/include/conversation.php index 5f44cde7fb..45736051d0 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -993,7 +993,8 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) { '$profile_uid' => $x['profile_uid'], '$preview' => t('Preview'), '$sourceapp' => t($a->sourcename), - '$cancel' => t('Cancel') + '$cancel' => t('Cancel'), + '$rand_num' => random_digits(12) )); diff --git a/mod/content.php b/mod/content.php index d827b5b57b..e0634b3e84 100644 --- a/mod/content.php +++ b/mod/content.php @@ -701,7 +701,8 @@ function render_content(&$a, $items, $mode, $update, $preview = false) { '$edvideo' => t('Video'), '$preview' => t('Preview'), '$sourceapp' => t($a->sourcename), - '$ww' => (($mode === 'network') ? $commentww : '') + '$ww' => (($mode === 'network') ? $commentww : ''), + '$rand_num' => random_digits(12) )); } } diff --git a/mod/editpost.php b/mod/editpost.php index 75b686bcd9..1dc6aea21e 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -139,7 +139,8 @@ function editpost_content(&$a) { '$preview' => t('Preview'), '$jotplugins' => $jotplugins, '$sourceapp' => t($a->sourcename), - '$cancel' => t('Cancel') + '$cancel' => t('Cancel'), + '$rand_num' => random_digits(12) )); return $o; diff --git a/mod/item.php b/mod/item.php index de6bce972c..6dbe99dfd0 100644 --- a/mod/item.php +++ b/mod/item.php @@ -46,6 +46,19 @@ function item_post(&$a) { $return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : ''); $preview = ((x($_REQUEST,'preview')) ? intval($_REQUEST['preview']) : 0); + + // Check for doubly-submitted posts, and reject duplicates + // Note that we have to ignore previews, otherwise nothing will post + // after it's been previewed + if(!$preview && x($_REQUEST['post_id_random'])) { + if(x($_SESSION['post-random']) && $_SESSION['post-random'] == $_REQUEST['post_id_random']) { + logger("item post: duplicate post", LOGGER_DEBUG); + item_post_return($a->get_baseurl(), $api_source, $return_path); + } + else + $_SESSION['post-random'] = $_REQUEST['post_id_random']; + } + /** * Is this a reply to something? */ @@ -98,7 +111,7 @@ function item_post(&$a) { // multi-level threading - preserve the info but re-parent to our single level threading //if(($parid) && ($parid != $parent)) - $thr_parent = $parent_uri; + $thr_parent = $parent_uri; if($parent_item['contact-id'] && $uid) { $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", @@ -873,30 +886,32 @@ function item_post(&$a) { logger('post_complete'); + item_post_return($a->get_baseurl(), $api_source, $return_path); + // NOTREACHED +} + +function item_post_return($baseurl, $api_source, $return_path) { // figure out how to return, depending on from whence we came if($api_source) return; if($return_path) { - goaway($a->get_baseurl() . "/" . $return_path); + goaway($baseurl . "/" . $return_path); } $json = array('success' => 1); if(x($_REQUEST,'jsreload') && strlen($_REQUEST['jsreload'])) - $json['reload'] = $a->get_baseurl() . '/' . $_REQUEST['jsreload']; + $json['reload'] = $baseurl . '/' . $_REQUEST['jsreload']; logger('post_json: ' . print_r($json,true), LOGGER_DEBUG); echo json_encode($json); killme(); - // NOTREACHED } - - function item_content(&$a) { if((! local_user()) && (! remote_user())) diff --git a/mod/photos.php b/mod/photos.php index 63b093dc37..fa4ca3fc0c 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -1406,7 +1406,8 @@ function photos_content(&$a) { '$submit' => t('Submit'), '$preview' => t('Preview'), '$sourceapp' => t($a->sourcename), - '$ww' => '' + '$ww' => '', + '$rand_num' => random_digits(12) )); } } @@ -1449,7 +1450,8 @@ function photos_content(&$a) { '$submit' => t('Submit'), '$preview' => t('Preview'), '$sourceapp' => t($a->sourcename), - '$ww' => '' + '$ww' => '', + '$rand_num' => random_digits(12) )); } } @@ -1520,7 +1522,8 @@ function photos_content(&$a) { '$submit' => t('Submit'), '$preview' => t('Preview'), '$sourceapp' => t($a->sourcename), - '$ww' => '' + '$ww' => '', + '$rand_num' => random_digits(12) )); } } diff --git a/object/Item.php b/object/Item.php index 035255466a..b5837b6b66 100644 --- a/object/Item.php +++ b/object/Item.php @@ -567,7 +567,8 @@ class Item extends BaseObject { '$preview' => t('Preview'), '$indent' => $indent, '$sourceapp' => t($a->sourcename), - '$ww' => (($conv->get_mode() === 'network') ? $ww : '') + '$ww' => (($conv->get_mode() === 'network') ? $ww : ''), + '$rand_num' => random_digits(12) )); } diff --git a/view/comment_item.tpl b/view/comment_item.tpl index 3de24ca8d2..5783a409c5 100644 --- a/view/comment_item.tpl +++ b/view/comment_item.tpl @@ -10,6 +10,7 @@ +
$mytitle diff --git a/view/jot.tpl b/view/jot.tpl index 91de628ac6..0f21766812 100644 --- a/view/jot.tpl +++ b/view/jot.tpl @@ -14,6 +14,7 @@ +
diff --git a/view/theme/comix-plain/comment_item.tpl b/view/theme/comix-plain/comment_item.tpl index 9c3facaff0..e3c686f052 100644 --- a/view/theme/comix-plain/comment_item.tpl +++ b/view/theme/comix-plain/comment_item.tpl @@ -6,6 +6,7 @@ +
$mytitle diff --git a/view/theme/comix/comment_item.tpl b/view/theme/comix/comment_item.tpl index 9c3facaff0..e3c686f052 100644 --- a/view/theme/comix/comment_item.tpl +++ b/view/theme/comix/comment_item.tpl @@ -6,6 +6,7 @@ +
$mytitle diff --git a/view/theme/diabook/comment_item.tpl b/view/theme/diabook/comment_item.tpl index fc3594fdc9..c5a24ec48e 100644 --- a/view/theme/diabook/comment_item.tpl +++ b/view/theme/diabook/comment_item.tpl @@ -6,6 +6,7 @@ +
$mytitle diff --git a/view/theme/diabook/jot.tpl b/view/theme/diabook/jot.tpl index 1d94cb6d3c..a9c0a3740b 100644 --- a/view/theme/diabook/jot.tpl +++ b/view/theme/diabook/jot.tpl @@ -13,6 +13,7 @@ +
diff --git a/view/theme/dispy/comment_item.tpl b/view/theme/dispy/comment_item.tpl index aa63a03ed2..765b41437d 100644 --- a/view/theme/dispy/comment_item.tpl +++ b/view/theme/dispy/comment_item.tpl @@ -6,6 +6,7 @@ +
$mytitle diff --git a/view/theme/dispy/jot.tpl b/view/theme/dispy/jot.tpl index 12969dd031..5809044859 100644 --- a/view/theme/dispy/jot.tpl +++ b/view/theme/dispy/jot.tpl @@ -9,6 +9,7 @@ +
diff --git a/view/theme/duepuntozero/comment_item.tpl b/view/theme/duepuntozero/comment_item.tpl index 87e0605712..0f655ba43c 100755 --- a/view/theme/duepuntozero/comment_item.tpl +++ b/view/theme/duepuntozero/comment_item.tpl @@ -10,6 +10,7 @@ +
$mytitle diff --git a/view/theme/facepark/comment_item.tpl b/view/theme/facepark/comment_item.tpl index 3503c3843e..7e71aa380b 100644 --- a/view/theme/facepark/comment_item.tpl +++ b/view/theme/facepark/comment_item.tpl @@ -6,6 +6,7 @@ +
$mytitle diff --git a/view/theme/facepark/jot.tpl b/view/theme/facepark/jot.tpl index 5fe1f954ee..6b24045ef3 100644 --- a/view/theme/facepark/jot.tpl +++ b/view/theme/facepark/jot.tpl @@ -14,6 +14,7 @@ +
diff --git a/view/theme/frost-mobile/comment_item.tpl b/view/theme/frost-mobile/comment_item.tpl index 570db68426..adcd5d75ed 100755 --- a/view/theme/frost-mobile/comment_item.tpl +++ b/view/theme/frost-mobile/comment_item.tpl @@ -21,6 +21,7 @@ + $mytitle diff --git a/view/theme/frost-mobile/jot.tpl b/view/theme/frost-mobile/jot.tpl index b491f448d7..7dd6893783 100644 --- a/view/theme/frost-mobile/jot.tpl +++ b/view/theme/frost-mobile/jot.tpl @@ -15,6 +15,7 @@ +
diff --git a/view/theme/frost/comment_item.tpl b/view/theme/frost/comment_item.tpl index 32d4d78ef9..3808038079 100755 --- a/view/theme/frost/comment_item.tpl +++ b/view/theme/frost/comment_item.tpl @@ -20,6 +20,7 @@ + $mytitle diff --git a/view/theme/frost/jot.tpl b/view/theme/frost/jot.tpl index e7a89d8e07..9f7b71c531 100644 --- a/view/theme/frost/jot.tpl +++ b/view/theme/frost/jot.tpl @@ -14,6 +14,7 @@ +
diff --git a/view/theme/quattro/comment_item.tpl b/view/theme/quattro/comment_item.tpl index 7d1d7550b2..3fbde16318 100644 --- a/view/theme/quattro/comment_item.tpl +++ b/view/theme/quattro/comment_item.tpl @@ -6,6 +6,7 @@ +
$mytitle diff --git a/view/theme/quattro/jot.tpl b/view/theme/quattro/jot.tpl index 7f9f9bbaf1..55fc322d74 100644 --- a/view/theme/quattro/jot.tpl +++ b/view/theme/quattro/jot.tpl @@ -13,6 +13,7 @@ + diff --git a/view/theme/smoothly/jot.tpl b/view/theme/smoothly/jot.tpl index 437eec4373..f990c95e11 100644 --- a/view/theme/smoothly/jot.tpl +++ b/view/theme/smoothly/jot.tpl @@ -14,6 +14,7 @@ +
diff --git a/view/theme/testbubble/comment_item.tpl b/view/theme/testbubble/comment_item.tpl index 6d9230dbf8..1054b23e24 100644 --- a/view/theme/testbubble/comment_item.tpl +++ b/view/theme/testbubble/comment_item.tpl @@ -6,6 +6,7 @@ +
$mytitle diff --git a/view/theme/testbubble/jot.tpl b/view/theme/testbubble/jot.tpl index 89150534c3..12f60b29c0 100644 --- a/view/theme/testbubble/jot.tpl +++ b/view/theme/testbubble/jot.tpl @@ -16,6 +16,7 @@ +