}
} #}}}
-
+
sub showform ($$$$) { #{{{
my $form=shift;
my $buttons=shift;
run_hooks(canedit => sub {
return if defined $canedit;
my $ret=shift->($page, $q, $session);
- if (defined $ret && $ret eq "") {
- $canedit=1;
- }
- elsif (defined $ret) {
- $canedit=0;
- error($ret) unless $nonfatal;
+ if (defined $ret) {
+ if ($ret eq "") {
+ $canedit=1;
+ }
+ elsif (ref $ret eq 'CODE') {
+ $ret->() unless $nonfatal;
+ $canedit=0;
+ }
+ elsif (defined $ret) {
+ error($ret) unless $nonfatal;
+ $canedit=0;
+ }
}
});
return $canedit;
if (! defined $session->param("name") ||
! userinfo_get($session->param("name"), "regdate")) {
- if (! defined $session->param("postsignin")) {
- $session->param(postsignin => $ENV{QUERY_STRING});
- }
+ $session->param(postsignin => $ENV{QUERY_STRING});
cgi_signin($q, $session);
cgi_savesession($session);
exit;
exit;
}
else {
- # This can occur, for example, if a user went to the signin
- # url via a bookmark.
- redirect($q, $config{url});
+ error(gettext("login failed, perhaps you need to turn on cookies?"));
}
} #}}}
}
elsif ($form->submitted eq 'Save Preferences' && $form->validate) {
foreach my $field (qw(email subscriptions)) {
- if (defined $form->field($field) && length $form->field($field)) {
+ if (defined $form->field($field)) {
userinfo_set($user_name, $field, $form->field($field)) ||
error("failed to set $field");
}
if (defined $type && length $type && $hooks{htmlize}{$type}) {
$type=possibly_foolish_untaint($type);
}
- elsif (defined $from) {
+ elsif (defined $from && exists $pagesources{$from}) {
# favor the type of linking page
$type=pagetype($pagesources{$from});
}
cgi_signin($q, $session);
cgi_savesession($session);
}
- elsif (defined $session->param("postsignin")) {
- cgi_postsignin($q, $session);
- }
elsif ($do eq 'prefs') {
cgi_prefs($q, $session);
}
elsif ($do eq 'create' || $do eq 'edit') {
cgi_editpage($q, $session);
}
- elsif ($do eq 'postsignin') {
- error(gettext("login failed, perhaps you need to turn on cookies?"));
+ elsif (defined $session->param("postsignin") || $do eq 'postsignin') {
+ cgi_postsignin($q, $session);
}
else {
error("unknown do parameter");