call validate before saving objects

darcs-hash:20080520191032-84dde-64197121c93cd4cf3cbc614badff0bd44547f9f9.gz

actions/avatar.php

@@ -128,6 +128,17 @@ class AvatarAction extends SettingsAction {
 		$avatar->url = common_avatar_url($filename);
 		$avatar->created = DB_DataObject_Cast::dateTime(); # current time
 
+		$val = $avatar->validate();
+		
+		if ($val !== TRUE) {
+			$err = '';
+			foreach ($val as $k=>$v) {
+				$err .= _t('Something wrong with ') . $k;
+				$this->show_form($err);
+				return;
+			}
+		}
+		
 		foreach (array(AVATAR_PROFILE_SIZE, AVATAR_STREAM_SIZE, AVATAR_MINI_SIZE) as $size) {
 			$scaled[] = $this->scale_avatar($user, $avatar, $size);
 		}
@@ -139,7 +150,6 @@ class AvatarAction extends SettingsAction {
 			common_server_error(_t('Error deleting old avatars.'));
 			return;
 		}
-
 		if (!$avatar->insert()) {
 			@unlink($filepath);
 			common_server_error(_t('Error inserting avatar.'));

actions/newnotice.php

@@ -49,7 +49,14 @@ class NewnoticeAction extends Action {
 		$notice->profile_id = $user->id; # user id *is* profile id
 		$notice->created = DB_DataObject_Cast::dateTime();
 		$notice->content = trim($this->arg('content'));
-		return $notice->insert();
+		
+		$val = $notice->validate();
+		if ($val === TRUE) {
+			return $notice->insert();
+		} else {
+			// XXX: display some info
+			return NULL;
+		}
 	}
 	
 	function show_form() {

actions/password.php

@@ -64,6 +64,12 @@ class PasswordAction extends SettingsAction {
 
 		$user->password = common_munge_password($newpassword, $user->id);
 
+		$val = $user->validate();
+		if ($val !== TRUE) {
+			$this->show_form(_t('Error saving user; invalid.'));
+			return;
+		}
+		
 		if (!$user->update($original)) {
 			common_server_error(_t('Can\'t save new password.'));
 			return;

actions/profilesettings.php

@@ -70,6 +70,13 @@ class ProfilesettingsAction extends SettingsAction {
 		$user->nickname = $this->arg('nickname');
 		$user->email = $this->arg('email');
 
+		$val = $user->validate();
+		if ($val !== TRUE) {
+			# XXX: better validation
+			$this->show_form(_t('Error saving user; invalid.'));
+			return;
+		}
+		
 		if (!$user->update($original)) {
 			common_server_error(_t('Couldnt update user.'));
 			return;
@@ -86,6 +93,13 @@ class ProfilesettingsAction extends SettingsAction {
 		$profile->location = $this->arg('location');
 		$profile->profileurl = common_profile_url($nickname);
 
+		$val = $profile->validate();
+		if ($val !== TRUE) {
+			# XXX: some feedback here, please!
+			$this->show_form(_t('Error saving profile; invalid.'));
+			return;
+		}
+		
 		if (!$profile->update($orig_profile)) {
 			common_server_error(_t('Couldnt save profile.'));
 			return;

actions/register.php

@@ -83,6 +83,12 @@ class RegisterAction extends Action {
 		$profile->nickname = $nickname;
 		$profile->profileurl = common_profile_url($nickname);
 		$profile->created = DB_DataObject_Cast::dateTime(); # current time
+		
+		$val = $profile->validate();
+		if ($val !== TRUE) {
+			# XXX: some feedback here, please!
+			return FALSE;
+		}
 		$id = $profile->insert();
 		if (!$id) {
 			return FALSE;
@@ -93,6 +99,15 @@ class RegisterAction extends Action {
 		$user->password = common_munge_password($password, $id);
 		$user->email = $email;
 		$user->created =  DB_DataObject_Cast::dateTime(); # current time
+		
+		$val = $user->validate();
+		if ($val !== TRUE) {
+			# XXX: some feedback here, please!
+			# Try to clean up...
+			$profile->delete();
+			return FALSE;
+		}
+		
 		$result = $user->insert();
 		if (!$result) {
 			# Try to clean up...

actions/subscribe.php

@@ -49,6 +49,14 @@ class SubscribeAction extends Action {
 		$sub->subscribed = $other->id;
 		
 		$sub->created = DB_DataObject_Cast::dateTime(); # current time
+
+		$val = $sub->validate();
+		
+		if ($val !== TRUE) {
+			# XXX: give some error notice
+			common_server_error(_t('Subscription did not validate.'));
+			return;
+		}
 		
 		if (!$sub->insert()) {
 			common_server_error(_t('Couldn\'t create subscription.'));