Committer: ailyin
LJSUP-12819 (remove form_auth field and its verification in the signup form)U trunk/cgi-bin/LJ/Widget/CreateAccount.pm U trunk/cgi-bin/LJ/Widget.pm
Modified: trunk/cgi-bin/LJ/Widget/CreateAccount.pm =================================================================== --- trunk/cgi-bin/LJ/Widget/CreateAccount.pm 2012-07-04 07:34:19 UTC (rev 22386) +++ trunk/cgi-bin/LJ/Widget/CreateAccount.pm 2012-07-04 11:25:42 UTC (rev 22387) @@ -657,4 +657,6 @@ return %from_post; } +sub need_form_auth { 0 } + 1; Modified: trunk/cgi-bin/LJ/Widget.pm =================================================================== --- trunk/cgi-bin/LJ/Widget.pm 2012-07-04 07:34:19 UTC (rev 22386) +++ trunk/cgi-bin/LJ/Widget.pm 2012-07-04 11:25:42 UTC (rev 22387) @@ -30,6 +30,8 @@ sub collapsable { } ## true for collapsable widget +sub need_form_auth { 1 } + sub start_form { my $class = shift; my %opts = @_; @@ -44,8 +46,11 @@ } my $ret = "<form method='POST'$eopts>"; - $ret .= LJ::form_auth(); + if ( $class->need_form_auth ) { + $ret .= LJ::form_auth(); + } + if ($class->authas) { my $u = $opts{authas} || $BMLCodeBlock::GET{authas} || $BMLCodeBlock::POST{authas}; $u = LJ::load_user($u) unless LJ::isu($u); @@ -287,14 +292,26 @@ # is this widget disabled? return () if $class->is_disabled; - # require form auth for widget submissions my $errorsref = \@BMLCodeBlock::errors; - unless ( $LJ::WIDGET_NO_AUTH_CHECK || LJ::check_form_auth($post->{lj_form_auth}) ) { - push @$errorsref, BML::ml('error.invalidform'); - return; + my $need_form_auth; + foreach my $widget_class (@widgets) { + my $subclass = $widget_class; + unless ( $subclass =~ /^LJ::Widget::/ ) { + $subclass = "LJ::Widget::$subclass"; + } + + $need_form_auth ||= $subclass->need_form_auth; } + if ( $need_form_auth && ! $LJ::WIDGET_NO_AUTH_CHECK ) { + # require form auth for widget submissions + unless ( LJ::check_form_auth( $post->{'lj_form_auth'} ) ) { + push @$errorsref, BML::ml('error.invalidform'); + return; + } + } + my $per_widget = $class->post_fields_by_widget( post => $post, widgets => \@widgets,