recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Fix an issue where Phame could post to the wrong blog

When you `getInt()` an array, PHP decides the array has value `1`. This would
cause us to post to blog #1 incorrectly. I didn't catch this locally because
I happened to be posting to blog #1.

Stop us from interpreting array values as `1`, and fix blog interpretation.

This approach is a little messy (projects has the same issue) but I'll see
if I can clean it up in some future change.

Auditors: chad

epriestley 2328e739 edcc3232

+24 -9
+5
src/aphront/AphrontRequest.php
··· 123 123 */ 124 124 public function getInt($name, $default = null) { 125 125 if (isset($this->requestData[$name])) { 126 + // Converting from array to int is "undefined". Don't rely on whatever 127 + // PHP decides to do. 128 + if (is_array($this->requestData[$name])) { 129 + return $default; 130 + } 126 131 return (int)$this->requestData[$name]; 127 132 } else { 128 133 return $default;
+19 -9
src/applications/phame/controller/post/PhamePostEditController.php
··· 32 32 } 33 33 $blog_id = $post->getBlog()->getID(); 34 34 } else { 35 - $blog_id = $request->getInt('blog'); 35 + $blog_id = head($request->getArr('blog')); 36 + if (!$blog_id) { 37 + $blog_id = $request->getStr('blog'); 38 + } 36 39 } 37 40 38 - $blog = id(new PhameBlogQuery()) 41 + $query = id(new PhameBlogQuery()) 39 42 ->setViewer($viewer) 40 - ->withIDs(array($blog_id)) 41 43 ->requireCapabilities( 42 44 array( 43 45 PhabricatorPolicyCapability::CAN_VIEW, 44 46 PhabricatorPolicyCapability::CAN_EDIT, 45 - )) 46 - ->executeOne(); 47 + )); 48 + 49 + if (ctype_digit($blog_id)) { 50 + $query->withIDs(array($blog_id)); 51 + } else { 52 + $query->withPHIDs(array($blog_id)); 53 + } 54 + 55 + $blog = $query->executeOne(); 47 56 if (!$blog) { 48 57 return new Aphront404Response(); 49 58 } ··· 60 69 $crumbs = parent::buildApplicationCrumbs(); 61 70 62 71 $blog = $this->getBlog(); 63 - 64 - $crumbs->addTextCrumb( 65 - $blog->getName(), 66 - $blog->getViewURI()); 72 + if ($blog) { 73 + $crumbs->addTextCrumb( 74 + $blog->getName(), 75 + $blog->getViewURI()); 76 + } 67 77 68 78 return $crumbs; 69 79 }