X-Git-Url: https://git.pterodactylus.net/?p=Sone.git;a=blobdiff_plain;f=src%2Fmain%2Fjava%2Fnet%2Fpterodactylus%2Fsone%2Fweb%2FCreateReplyPage.java;h=55903d88ee2f8ee94afa3d7051f5969519c58926;hp=82e4c51e1e73cad593f7f4f9d20f73812715dbd9;hb=0e8f7804ce344bdd69f5ecc7febe25a60a53561d;hpb=50ce65f69e49ed10abeedaeb6615ffb37a0c0772 diff --git a/src/main/java/net/pterodactylus/sone/web/CreateReplyPage.java b/src/main/java/net/pterodactylus/sone/web/CreateReplyPage.java index 82e4c51..55903d8 100644 --- a/src/main/java/net/pterodactylus/sone/web/CreateReplyPage.java +++ b/src/main/java/net/pterodactylus/sone/web/CreateReplyPage.java @@ -1,5 +1,5 @@ /* - * Sone - CreateReplyPage.java - Copyright © 2010–2012 David Roden + * Sone - CreateReplyPage.java - Copyright © 2010–2013 David Roden * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -17,6 +17,8 @@ package net.pterodactylus.sone.web; +import com.google.common.base.Optional; + import net.pterodactylus.sone.data.Post; import net.pterodactylus.sone.data.Sone; import net.pterodactylus.sone.text.TextFilter; @@ -58,15 +60,18 @@ public class CreateReplyPage extends SoneTemplatePage { String text = request.getHttpRequest().getPartAsStringFailsafe("text", 65536).trim(); String returnPage = request.getHttpRequest().getPartAsStringFailsafe("returnPage", 256); if (request.getMethod() == Method.POST) { - Post post = webInterface.getCore().getPost(postId); + Optional post = webInterface.getCore().getPost(postId); + if (!post.isPresent()) { + throw new RedirectException("noPermission.html"); + } if (text.length() > 0) { String senderId = request.getHttpRequest().getPartAsStringFailsafe("sender", 43); - Sone sender = webInterface.getCore().getLocalSone(senderId, false); + Sone sender = webInterface.getCore().getLocalSone(senderId); if (sender == null) { sender = getCurrentSone(request.getToadletContext()); } text = TextFilter.filter(request.getHttpRequest().getHeader("host"), text); - webInterface.getCore().createReply(sender, post, text); + webInterface.getCore().createReply(sender, post.get(), text); throw new RedirectException(returnPage); } templateContext.set("errorTextEmpty", true);