![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
[dw-free] Bad behavior of current memories system
[commit: http://hg.dwscoalition.org/dw-free/rev/57eaba5c72e2]
http://bugs.dwscoalition.org/show_bug.cgi?id=1260
Let users delete memories for entries they no longer have access to .
Patch by![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
meowth.
Files modified:
http://bugs.dwscoalition.org/show_bug.cgi?id=1260
Let users delete memories for entries they no longer have access to .
Patch by
meowth.Files modified:
- htdocs/tools/memadd.bml
--------------------------------------------------------------------------------
diff -r 0876cb7a6087 -r 57eaba5c72e2 htdocs/tools/memadd.bml
--- a/htdocs/tools/memadd.bml Sat Oct 24 21:12:36 2009 +0000
+++ b/htdocs/tools/memadd.bml Sun Oct 25 04:31:04 2009 +0000
@@ -83,6 +83,36 @@
return;
}
+ # check to see if it already is memorable (thus we're editing, not adding);
+ my $memory = LJ::Memories::get_by_ditemid($memoryu, $oldstyle ? 0 : $jid, $ditemid);
+
+ # Always allow for a user to delete their memories, regardless of other permissions.
+ if ($POST{'mode'} eq "save")
+ {
+ unless ($POST{'des'}) {
+ # we're deleting.
+ unless (LJ::check_form_auth()) {
+ $body = "<?h1 $ML{'Error'} h1?><?p $ML{'error.invalidform'} p?>";
+ return;
+ }
+ if (defined $memory) {
+ LJ::Memories::delete_by_id($memoryu, $memory->{memid});
+ LJ::Memories::updated_keywords($memoryu);
+ $title = $ML{'.title.deleted'};
+ $body = "<?h1 $ML{'.error.deleted.title'} h1?><?p " .
+ BML::ml(".error.deleted.body", { 'desc' => $memory->{'des'} }) .
+ "p?>";
+ return;
+ } else {
+ $title = $ML{'Error'};
+ $body = "<?h1 $ML{'.error.nodescription.title'} h1?><?p ";
+ $body .= BML::ml('.error.nodescription.body');
+ $body .= " p?>";
+ return;
+ }
+ }
+ }
+
# do access check to see if they can see this entry
my $log = LJ::get_log2_row($ju, $itemid);
if ( $log ) {
@@ -90,14 +120,24 @@
if ( $entry && ! $entry->visible_to( $remote ) ) {
$title = $ML{'Error'};
$body = "You are not authorized to view this entry.<br/>";
+
+ if ($memoryu->{user} eq $authas && defined $memory) {
+ $body .= "<br /><form action='memadd$authextra' method='POST'>";
+ $body .= LJ::form_auth();
+ $body .= LJ::html_hidden(journal => $GET{journal}) if $GET{journal};
+ $body .= LJ::html_hidden(itemid => $GET{itemid});
+ $body .= LJ::html_hidden(des => "");
+ $body .= LJ::html_hidden('mode' => 'save');
+ $body .= LJ::html_submit('delete', 'Delete this memory') . "\n";
+ $body .= "</form>\n";
+ }
+
return;
}
}
- # check to see if it already is memorable (thus we're editing, not adding);
- my $memory = LJ::Memories::get_by_ditemid($memoryu, $oldstyle ? 0 : $jid, $ditemid);
-
- if (!$log && !$POST{'mode'}) {
+ # do check to see if entry is deleted
+ unless ( $log || $POST{'mode'}) {
$title = $ML{'Error'};
$body = "The entry that this memory references has been deleted.<br/>";
@@ -263,29 +303,6 @@
my $dbh = LJ::get_db_writer();
- if (! $POST{'des'}) {
- # then we're deleting.
- unless (LJ::check_form_auth()) {
- $body = "<?h1 $ML{'Error'} h1?><?p $ML{'error.invalidform'} p?>";
- return;
- }
- if (defined $memory) {
- LJ::Memories::delete_by_id($memoryu, $memory->{memid});
- LJ::Memories::updated_keywords($memoryu);
- $title = $ML{'.title.deleted'};
- $body = "<?h1 $ML{'.error.deleted.title'} h1?><?p " .
- BML::ml(".error.deleted.body", { 'desc' => $memory->{'des'} }) .
- "p?>";
- return;
- } else {
- $title = $ML{'Error'};
- $body = "<?h1 $ML{'.error.nodescription.title'} h1?><?p ";
- $body .= BML::ml('.error.nodescription.body');
- $body .= " p?>";
- return;
- }
- }
-
#### we're inserting/replacing now into memories
my @keywords;
{
--------------------------------------------------------------------------------