Alexander Nicolaysen Sørnes : objectManager: Avoid losing data when session times out while filling out a form

Sun Aug 9 07:40:33 CDT 2009

Module: appdb
Branch: master
Commit: e40aec5d8404f00601c42ff65a0d5b132b193c91
URL:    http://source.winehq.org/git/appdb.git/?a=commit;h=e40aec5d8404f00601c42ff65a0d5b132b193c91

Author: Alexander Nicolaysen Sørnes <alexander at linux-xqqm.(none)>
Date:   Sat Aug  8 23:09:32 2009 +0200

objectManager: Avoid losing data when session times out while filling out a form

---

 include/objectManager.php |   18 ++++++++++++++++--
 objectManager.php         |    2 +-
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/include/objectManager.php b/include/objectManager.php
index 593c0d2..182b373 100644
--- a/include/objectManager.php
+++ b/include/objectManager.php
@@ -406,8 +406,10 @@ class ObjectManager
         }
 
         /* Only show the edit screen if the user has sufficient rights */
-        if(!$oObject->canEdit())
+        if(!$oObject->canEdit() && !getInput('sSubmit', $aClean))
             $this->error_exit('You do not have sufficient privileges to edit this entry');
+        else if(!$oObject->canEdit())
+            $this->show_form_help_session_timeout();
 
         /* Display errors, if any, and fetch form data */
         if($this->displayErrors($sErrors))
@@ -1214,12 +1216,24 @@ class ObjectManager
         echo '<input type="submit" name="sSubmit" class="button" value="Preview">';
     }
 
-    public function handle_anonymous_submission()
+    public function show_form_help_session_timeout()
+    {
+        $this->error_exit("Your session has timed out. <a target=\"_blank\" href=\"".BASE."account.php?sCmd=login\">Log in</a> and then <a href=\"javascript:location.reload();\">refresh thise page</a>.");
+    }
+
+    public function handle_anonymous_submission($aClean)
     {
         $oObject = new $this->sClass();
         if($oObject->allowAnonymousSubmissions() || $_SESSION['current']->isLoggedIn())
             return;
 
+        // Allow the user to continue filling out a form
+        if(getInput('sSubmit', $aClean))
+        {
+            apidb_header($this->get_title(getInput($sAction, $aClean)));
+            $this->show_form_help_session_timeout();
+        }
+
         login_form();
         exit;
     }
diff --git a/objectManager.php b/objectManager.php
index aa1db6d..65b867d 100644
--- a/objectManager.php
+++ b/objectManager.php
@@ -82,7 +82,7 @@ if($sAction)
     switch($aClean['sAction'])
     {
         case 'add':
-            $oObject->handle_anonymous_submission();
+            $oObject->handle_anonymous_submission($aClean);
             break;
 
         case 'changeParent':


