mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-04-10 14:02:12 +09:00
Fix #836 compatibility with third-party modules that use document_srl for their own purposes
This commit is contained in:
Kijin Sung
parent
11707a8821
commit
0be7e72fe5
2 changed files with 15 additions and 30 deletions
|
|
@ -198,22 +198,7 @@ class ModuleHandler extends Handler
|
|||
if($this->document_srl)
|
||||
{
|
||||
$module_info = $oModuleModel->getModuleInfoByDocumentSrl($this->document_srl);
|
||||
|
||||
// If the document does not exist, remove document_srl
|
||||
if(!$module_info)
|
||||
{
|
||||
if(Context::getRequestMethod() == 'GET')
|
||||
{
|
||||
$this->error = 'The document does not exist';
|
||||
$this->httpStatusCode = '404';
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
unset($this->document_srl);
|
||||
}
|
||||
}
|
||||
else
|
||||
if($module_info)
|
||||
{
|
||||
// If it exists, compare mid based on the module information
|
||||
// if mids are not matching, set it as the document's mid
|
||||
|
|
@ -236,18 +221,18 @@ class ModuleHandler extends Handler
|
|||
{
|
||||
unset($module_info);
|
||||
}
|
||||
|
||||
// if the secret document permission does not have, specify HTTP 403
|
||||
if(Context::getRequestMethod() == 'GET')
|
||||
}
|
||||
|
||||
// Block access to secret or temporary documents.
|
||||
if(Context::getRequestMethod() == 'GET')
|
||||
{
|
||||
$oDocumentModel = getModel('document');
|
||||
$oDocument = $oDocumentModel->getDocument($this->document_srl);
|
||||
if($oDocument->isSecret() || $oDocument->get('status') === $oDocumentModel->getConfigStatus('temp'))
|
||||
{
|
||||
$oDocumentModel = getModel('document');
|
||||
$oDocument = $oDocumentModel->getDocument($this->document_srl);
|
||||
if($oDocument->isSecret() || $oDocument->get('status') === $oDocumentModel->getConfigStatus('temp'))
|
||||
if(!$oDocument->isGranted() && !$oDocument->isAccessible())
|
||||
{
|
||||
if(!$oDocument->isGranted() && !$oDocument->isAccessible())
|
||||
{
|
||||
$this->httpStatusCode = '403';
|
||||
}
|
||||
$this->httpStatusCode = '403';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -291,7 +291,7 @@ class boardView extends board
|
|||
{
|
||||
// if the document is not existed, then alert a warning message
|
||||
Context::set('document_srl','',true);
|
||||
$this->alertMessage('msg_not_founded');
|
||||
$this->alertMessage('msg_not_founded', 404);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -312,7 +312,7 @@ class boardView extends board
|
|||
{
|
||||
$oDocument = $oDocumentModel->getDocument(0);
|
||||
Context::set('document_srl','',true);
|
||||
$this->alertMessage('msg_not_permitted');
|
||||
$this->alertMessage('msg_not_permitted', 403);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -1278,12 +1278,12 @@ class boardView extends board
|
|||
* @brief the method for displaying the warning messages
|
||||
* display an error message if it has not a special design
|
||||
**/
|
||||
function alertMessage($message)
|
||||
function alertMessage($message, $code = 403)
|
||||
{
|
||||
$script = sprintf('<script> jQuery(function(){ alert("%s"); } );</script>', lang($message));
|
||||
Context::addHtmlFooter($script);
|
||||
|
||||
$this->setHttpStatusCode(403);
|
||||
$this->setHttpStatusCode($code);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue