From 4191481453a6fc68821ed91ab404f19d062c8eef Mon Sep 17 00:00:00 2001 From: Dries Buytaert Date: Sun, 26 May 2002 09:23:46 +0000 Subject: - Bugfix: just before submitting a node, one could change the content of that node to something that would not have passed the preview pages. Patch by Revar: "If you uploaded a valid file, and filled out the form right, you will get a Submit button. The problem comes in when you choose a different file to upload, and then click Submit. The filestore_save() function cannot do proper validation and handling of the form data, as it only returns a list of what node fields to save. On error, a node entry is still created, but with only the nid field set. The user can't be forced to fix their bad entry." "Add a _form_validate() node hook to process and validate any form results. That way even on Submit, the node code would check the validity of the data, and if bad, it could drop you back to the preview screen with the current bad data warnings. Have it return an array of errors that can be passed in as $error to the _form() hook. If it returns a null array, then there's no errors, and the submit can go through." --- modules/node/node.module | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) (limited to 'modules/node/node.module') diff --git a/modules/node/node.module b/modules/node/node.module index 702479db7..e75660f55 100644 --- a/modules/node/node.module +++ b/modules/node/node.module @@ -755,11 +755,20 @@ function node_validate($node, &$error) { } + /* + ** Do node type specific validation checks. + */ + + $function = $node->type ."_validate"; + if (function_exists($function)) { + $node = $function($node, $error); + } + return $node; } -function node_form($edit) { +function node_form($edit, $error = NULL) { /* ** Save the referer. We record where the user came from such that we @@ -772,7 +781,10 @@ function node_form($edit) { ** Validate the node: */ + if (!$error) { + /* Only validate if we don't already know the errors. */ $edit = node_validate($edit, $error); + } /* ** Generate a teaser when necessary: @@ -932,7 +944,7 @@ function node_edit($id) { return $output; } -function node_preview($node) { +function node_preview($node, $error = NULL) { if (!user_access("post content")) { return message_access(); @@ -991,7 +1003,7 @@ function node_preview($node) { node_view($view); - return node_form($node); + return node_form($node, $error); } function node_submit($node) { @@ -1002,6 +1014,7 @@ function node_submit($node) { } $context->tid = $tid; + if (user_access("post content", $context)) { /* @@ -1010,6 +1023,14 @@ function node_submit($node) { $node = node_validate($node, $error); + /* + ** If something went wrong, go back to the preview form: + */ + + if ($error) { + return node_preview($node, $error); + } + /* ** Create a new revision when required: */ -- cgit v1.2.3