YGGverse/YGGtracker
1
0
Fork 0
mirror of https://github.com/YGGverse/YGGtracker.git synced 2025-01-22 20:54:52 +00:00
Code Issues Projects Releases Wiki Activity

add magnet form lock to prevent moderation overwrite

Browse Source
This commit is contained in:
ghost 2023-08-28 18:35:02 +03:00
parent 3ffe4a8651
commit 64e841ec4c
4 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
database/yggtracker.mwb
View File

Binary file not shown.

2
src/config/app.php.example
View File

@ -78,6 +78,8 @@ define('MAGNET_DEFAULT_PUBLIC', false);
define('MAGNET_DEFAULT_COMMENTS', true);
define('MAGNET_DEFAULT_SENSITIVE', false);
define('MAGNET_EDITOR_LOCK_TIMEOUT', 60*60);
define('MAGNET_META_TITLE_MIN_LENGTH', 10);
define('MAGNET_META_DESCRIPTION_MIN_LENGTH', 0);

24
src/library/database.php
View File

@ -839,7 +839,6 @@ class Database {
return $this->_db->lastInsertId();
}
public function deleteMagnetToExactSourceByMagnetId(int $magnetId) : int {
$this->_debug->query->delete->total++;
@ -938,6 +937,29 @@ class Database {
return $this->addMagnetToKeywordTopic($magnetId, $keywordTopicId);
}
// Magnet lock
public function addMagnetLock(int $magnetId, int $userId, int $timeAdded) : int {
$this->_debug->query->insert->total++;
$query = $this->_db->prepare('INSERT INTO `magnetLock` SET `magnetId` = ?, `userId` = ?, `timeAdded` = ?');
$query->execute([$magnetId, $userId, $timeAdded]);
return $this->_db->lastInsertId();
}
public function findLastMagnetLock(int $magnetId) {
$this->_debug->query->select->total++;
$query = $this->_db->prepare('SELECT * FROM `magnetLock` WHERE `magnetId` = ? ORDER BY `magnetLockId` DESC LIMIT 1');
$query->execute([$magnetId]);
return $query->fetch();
}
// Magnet comment
public function getMagnetCommentsTotal(int $magnetId) : int {

14
src/public/edit.php
View File

@ -155,6 +155,20 @@ else if (!($user->address == $db->getUser($magnet->userId)->address || in_array(
// Process form
else {
// Validate magnet lock
if ($lastMagnetLock = $db->findLastMagnetLock($magnet->magnetId))
{
if ($lastMagnetLock->userId != $user->userId &&
$lastMagnetLock->timeAdded > time() - MAGNET_EDITOR_LOCK_TIMEOUT)
{
$response->success = false;
$response->message = _('This form have opened by owner or moderator, to prevent overwriting, try attempt later!');
}
}
// Lock form for moderators
$db->addMagnetLock($magnet->magnetId, $user->userId, time());
// Update form
if (!empty($_POST)) {