diff --git a/boot.php b/boot.php index a96d223a0e..d231d87d1c 100644 --- a/boot.php +++ b/boot.php @@ -1796,3 +1796,10 @@ function curPageURL() { return $pageURL; } +function random_digits($digits) { + $rn = ''; + for($i = 0; $i < $digits; $i++) { + $rn .= rand(0,9); + } + return $rn; +} diff --git a/include/conversation.php b/include/conversation.php index 5f44cde7fb..45736051d0 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -993,7 +993,8 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) { '$profile_uid' => $x['profile_uid'], '$preview' => t('Preview'), '$sourceapp' => t($a->sourcename), - '$cancel' => t('Cancel') + '$cancel' => t('Cancel'), + '$rand_num' => random_digits(12) )); diff --git a/mod/content.php b/mod/content.php index d827b5b57b..e0634b3e84 100644 --- a/mod/content.php +++ b/mod/content.php @@ -701,7 +701,8 @@ function render_content(&$a, $items, $mode, $update, $preview = false) { '$edvideo' => t('Video'), '$preview' => t('Preview'), '$sourceapp' => t($a->sourcename), - '$ww' => (($mode === 'network') ? $commentww : '') + '$ww' => (($mode === 'network') ? $commentww : ''), + '$rand_num' => random_digits(12) )); } } diff --git a/mod/editpost.php b/mod/editpost.php index 75b686bcd9..1dc6aea21e 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -139,7 +139,8 @@ function editpost_content(&$a) { '$preview' => t('Preview'), '$jotplugins' => $jotplugins, '$sourceapp' => t($a->sourcename), - '$cancel' => t('Cancel') + '$cancel' => t('Cancel'), + '$rand_num' => random_digits(12) )); return $o; diff --git a/mod/item.php b/mod/item.php index de6bce972c..6dbe99dfd0 100644 --- a/mod/item.php +++ b/mod/item.php @@ -46,6 +46,19 @@ function item_post(&$a) { $return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : ''); $preview = ((x($_REQUEST,'preview')) ? intval($_REQUEST['preview']) : 0); + + // Check for doubly-submitted posts, and reject duplicates + // Note that we have to ignore previews, otherwise nothing will post + // after it's been previewed + if(!$preview && x($_REQUEST['post_id_random'])) { + if(x($_SESSION['post-random']) && $_SESSION['post-random'] == $_REQUEST['post_id_random']) { + logger("item post: duplicate post", LOGGER_DEBUG); + item_post_return($a->get_baseurl(), $api_source, $return_path); + } + else + $_SESSION['post-random'] = $_REQUEST['post_id_random']; + } + /** * Is this a reply to something? */ @@ -98,7 +111,7 @@ function item_post(&$a) { // multi-level threading - preserve the info but re-parent to our single level threading //if(($parid) && ($parid != $parent)) - $thr_parent = $parent_uri; + $thr_parent = $parent_uri; if($parent_item['contact-id'] && $uid) { $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", @@ -873,30 +886,32 @@ function item_post(&$a) { logger('post_complete'); + item_post_return($a->get_baseurl(), $api_source, $return_path); + // NOTREACHED +} + +function item_post_return($baseurl, $api_source, $return_path) { // figure out how to return, depending on from whence we came if($api_source) return; if($return_path) { - goaway($a->get_baseurl() . "/" . $return_path); + goaway($baseurl . "/" . $return_path); } $json = array('success' => 1); if(x($_REQUEST,'jsreload') && strlen($_REQUEST['jsreload'])) - $json['reload'] = $a->get_baseurl() . '/' . $_REQUEST['jsreload']; + $json['reload'] = $baseurl . '/' . $_REQUEST['jsreload']; logger('post_json: ' . print_r($json,true), LOGGER_DEBUG); echo json_encode($json); killme(); - // NOTREACHED } - - function item_content(&$a) { if((! local_user()) && (! remote_user())) diff --git a/mod/photos.php b/mod/photos.php index 63b093dc37..fa4ca3fc0c 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -1406,7 +1406,8 @@ function photos_content(&$a) { '$submit' => t('Submit'), '$preview' => t('Preview'), '$sourceapp' => t($a->sourcename), - '$ww' => '' + '$ww' => '', + '$rand_num' => random_digits(12) )); } } @@ -1449,7 +1450,8 @@ function photos_content(&$a) { '$submit' => t('Submit'), '$preview' => t('Preview'), '$sourceapp' => t($a->sourcename), - '$ww' => '' + '$ww' => '', + '$rand_num' => random_digits(12) )); } } @@ -1520,7 +1522,8 @@ function photos_content(&$a) { '$submit' => t('Submit'), '$preview' => t('Preview'), '$sourceapp' => t($a->sourcename), - '$ww' => '' + '$ww' => '', + '$rand_num' => random_digits(12) )); } } diff --git a/object/Item.php b/object/Item.php index 035255466a..b5837b6b66 100644 --- a/object/Item.php +++ b/object/Item.php @@ -567,7 +567,8 @@ class Item extends BaseObject { '$preview' => t('Preview'), '$indent' => $indent, '$sourceapp' => t($a->sourcename), - '$ww' => (($conv->get_mode() === 'network') ? $ww : '') + '$ww' => (($conv->get_mode() === 'network') ? $ww : ''), + '$rand_num' => random_digits(12) )); } diff --git a/view/comment_item.tpl b/view/comment_item.tpl index 3de24ca8d2..5783a409c5 100644 --- a/view/comment_item.tpl +++ b/view/comment_item.tpl @@ -10,6 +10,7 @@ +