flash
00d1d2922d
Going forward msz_auth is always assumed to be present, even while the user is not logged in. If the cookie is not present a default, empty value will be used. The msz_uid and msz_sid cookies are also still upconverted for some reason but are no longer removed even though there's no active sessions that can possibly have those anymore. As with the previous change, shit may be broken so report any Anomalies you come across, through flashii-issues@flash.moe if necessary.
41 lines
1.4 KiB
PHP
41 lines
1.4 KiB
PHP
<?php
|
|
namespace Misuzu\Http\Handlers;
|
|
|
|
use Misuzu\CSRF;
|
|
use Misuzu\Template;
|
|
|
|
final class ForumHandler extends Handler {
|
|
public function markAsReadGET($response, $request) {
|
|
if(!$this->context->isLoggedIn())
|
|
return 403;
|
|
|
|
$forumId = (int)$request->getParam('forum', FILTER_SANITIZE_NUMBER_INT);
|
|
$response->setContent(Template::renderRaw('confirm', [
|
|
'title' => 'Mark forum as read',
|
|
'message' => 'Are you sure you want to mark ' . ($forumId === 0 ? 'the entire' : 'this') . ' forum as read?',
|
|
'return' => url($forumId ? 'forum-category' : 'forum-index', ['forum' => $forumId]),
|
|
'params' => [
|
|
'forum' => $forumId,
|
|
]
|
|
]));
|
|
}
|
|
|
|
public function markAsReadPOST($response, $request) {
|
|
if(!$this->context->isLoggedIn())
|
|
return 403;
|
|
|
|
if(!$request->isFormContent())
|
|
return 400;
|
|
|
|
$token = $request->getContent()->getParam('_csrf');
|
|
if(empty($token) || !CSRF::validate($token))
|
|
return 400;
|
|
|
|
$forumId = (int)$request->getContent()->getParam('forum', FILTER_SANITIZE_NUMBER_INT);
|
|
forum_mark_read($forumId, (int)$this->context->getActiveUser()->getId());
|
|
$redirect = url($forumId ? 'forum-category' : 'forum-index', ['forum' => $forumId]);
|
|
|
|
$response->redirect($redirect, false);
|
|
}
|
|
}
|