wisest owl (wisest_owl) wrote in changelog,
wisest owl
wisest_owl
changelog

[ljcom] r12659: LJSUP-13676: Private phonepost return "u...

Committer: wisest-owl
LJSUP-13676: Private phonepost return "unhandled error" if user can't view it.

U   trunk/cgi-bin/phonepost.pl

Modified: trunk/cgi-bin/phonepost.pl
===================================================================
--- trunk/cgi-bin/phonepost.pl	2012-09-17 14:42:02 UTC (rev 12658)
+++ trunk/cgi-bin/phonepost.pl	2012-09-18 07:28:59 UTC (rev 12659)
@@ -68,11 +68,19 @@
     my ($u, $dppid) = @_;
     my $bid = int($dppid/256);
     my $ppe = get_phonepost_entry($u, $bid);
-    return 404 unless $ppe && $ppe->{jitemid} && $ppe->{anum} == $dppid % 256;
+    unless ($ppe && $ppe->{jitemid} && $ppe->{anum} == $dppid % 256) {
+        LJ::Request->pnotes ('error' => 'e404');
+        LJ::Request->pnotes ('remote' => LJ::get_remote());
+        return LJ::Request::NOT_FOUND;
+    }
 
     # check security of item
     my $logrow = LJ::get_log2_row($u, $ppe->{jitemid});
-    return 404 unless $logrow;
+    unless ($logrow) {
+        LJ::Request->pnotes ('error' => 'e404');
+        LJ::Request->pnotes ('remote' => LJ::get_remote());
+        return LJ::Request::NOT_FOUND;
+    }
 
     if ($u->{statusvis} eq 'S' || $logrow->{security} ne "public") {
         # get the remote, ignoring IP, since the request is coming
@@ -92,7 +100,11 @@
         }
 
         unless ($viewall || $viewsome && $logrow->{security} eq 'public') {
-            return 403 unless LJ::can_view($remote, $logrow);
+            unless (LJ::can_view($remote, $logrow)) {
+                LJ::Request->pnotes ('error' => 'private');
+                LJ::Request->pnotes ('remote' => LJ::get_remote());
+                return LJ::Request::FORBIDDEN;
+            }
         }
     }
 
@@ -135,7 +147,11 @@
         else {
             $buffer = LJ::mogclient()->get_file_data("pp:$u->{userid}:$bid");
             LJ::Request->send_http_header();
-            return 500 unless $buffer && ref $buffer;
+            unless ($buffer && ref $buffer) {
+                LJ::Request->pnotes ('error' => 'e500');
+                LJ::Request->pnotes ('remote' => LJ::get_remote());
+                return LJ::Request::SERVER_ERROR;
+            }
             LJ::Request->print($$buffer);
         }
 
@@ -152,7 +168,11 @@
             }
         });
         LJ::Request->print($buffer) if length($buffer);
-        return 500 unless $ret;
+        unless ($ret) {
+            LJ::Request->pnotes ('error' => 'e500');
+            LJ::Request->pnotes ('remote' => LJ::get_remote());
+            return LJ::Request::SERVER_ERROR;
+        }
     }
 
     return 200;
Tags: ljcom, pl, wisest-owl
Subscribe

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    switch
    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    Help
  • 0 comments