From 551f2ccc47c1a710ceb42e03628c3c64036cce93 Mon Sep 17 00:00:00 2001 From: blackcoder87 Date: Sun, 17 Nov 2024 16:45:17 +0100 Subject: [PATCH] User module: Check if dialog was found (#1117) * Check if c_id is numeric. * Don't try to create a new dialog with a user that doesn't exist --- .../modules/user/controllers/Panel.php | 44 ++++++++++++++----- application/modules/user/translations/de.php | 1 + application/modules/user/translations/en.php | 3 +- 3 files changed, 35 insertions(+), 13 deletions(-) diff --git a/application/modules/user/controllers/Panel.php b/application/modules/user/controllers/Panel.php index 8fb8396d0..c54f7924b 100644 --- a/application/modules/user/controllers/Panel.php +++ b/application/modules/user/controllers/Panel.php @@ -420,8 +420,20 @@ public function dialogAction() $c_id = $this->getRequest()->getParam('id'); if ($c_id) { + if (!is_numeric($c_id)) { + $this->redirect() + ->withMessage('dialogNotExisting', 'danger') + ->to(['action' => 'dialog']); + } + $user = $dialogMapper->getDialogCheckByCId($c_id); + if (!$user) { + $this->redirect() + ->withMessage('dialogNotExisting', 'danger') + ->to(['action' => 'dialog']); + } + if ($this->getUser()->getId() != $user->getUserTwo()) { $user_one = $user->getUserTwo(); $user_two = $user->getUserOne(); @@ -539,25 +551,33 @@ public function dialognewAction() { $DialogMapper = new DialogMapper(); $ilchdate = new IlchDate(); + $userMapper = new UserMapper(); $user_one = $this->getUser()->getId(); $user_two = $this->getRequest()->getParam('id'); - if ($user_one != $user_two) { + if ($user_two && is_numeric($user_two) && ($user_one != $user_two)) { $c_exist = $DialogMapper->getDialogCheck($user_one, $user_two); - if ($c_exist == null) { - $model = new DialogModel(); - $model->setUserOne($user_one) - ->setUserTwo($user_two) - ->setTime($ilchdate->toDb()); - $DialogMapper->save($model); - - $c_id = $DialogMapper->getDialogId($user_one); - $this->redirect(['action' => 'dialog', 'id' => $c_id->getCId()]); - } - $this->redirect(['action' => 'dialog', 'id' => $c_exist->getCId()]); + if (!$c_exist) { + if ($userMapper->userWithIdExists($user_two)) { + $model = new DialogModel(); + $model->setUserOne($user_one) + ->setUserTwo($user_two) + ->setTime($ilchdate->toDb()); + $DialogMapper->save($model); + + $c_id = $DialogMapper->getDialogId($user_one); + $this->redirect(['action' => 'dialog', 'id' => $c_id->getCId()]); + } + } else { + $this->redirect(['action' => 'dialog', 'id' => $c_exist->getCId()]); + } } + + $this->redirect() + ->withMessage('userNotFound', 'danger') + ->to(['action' => 'dialog']); } public function galleryAction() diff --git a/application/modules/user/translations/de.php b/application/modules/user/translations/de.php index 3182f9a81..7904a4f1a 100644 --- a/application/modules/user/translations/de.php +++ b/application/modules/user/translations/de.php @@ -220,6 +220,7 @@ 'dialogsHidden' => 'Einige Dialoge sind ausgeblendet. Hier klicken um sie anzuzeigen.', 'deleteDialogConfirm' => 'Soll der Dialog wirklich gelöscht werden?', 'noDialog' => 'Keine Nachrichten vorhanden.', + 'dialogNotExisting' => 'Dialog existiert nicht.', 'menuPanel' => 'User Panel', 'menuSetting' => 'Einstellung', 'menuSettingsAvatar' => 'Avatar', diff --git a/application/modules/user/translations/en.php b/application/modules/user/translations/en.php index 9222dfc70..fdd7ad66f 100644 --- a/application/modules/user/translations/en.php +++ b/application/modules/user/translations/en.php @@ -219,7 +219,8 @@ 'unhideDialogSuccess' => 'Dialog unhidden.', 'dialogsHidden' => 'Some dialogs are hidden. Click here to show them.', 'deleteDialogConfirm' => 'Delete this conversation?', - 'noDialog' => 'No Messages available.', + 'noDialog' => 'No messages available.', + 'dialogNotExisting' => 'Dialog doesn\'t exist.', 'menuPanel' => 'User Panel', 'menuSetting' => 'Setting', 'menuSettingsAvatar' => 'Avatar',