Universal check for form submission

public_html/media/js/core.js

@@ -70,7 +70,7 @@ $(function()
 		aDom.addClass('inactive');
 
 		var url = $(this).attr('href') + '?json';
-		$.get(url, function(data)
+		$.get(url, {submit: 1}, function(data)
 		{
 			if (data['success'])
 			{

public_html/media/js/upload.js

@@ -82,6 +82,7 @@ $(function()
 		fd.append('tags', tags);
 		fd.append('safety', safety);
 		fd.append('source', source);
+		fd.append('submit', 1);
 
 		var ajaxData =
 		{

src/Controllers/PostController.php

@@ -203,7 +203,7 @@ class PostController
 		if ($this->config->registration->needEmailForUploading)
 			PrivilegesHelper::confirmEmail($this->context->user);
 
-		if (!empty($_FILES['file']['name']))
+		if (InputHelper::get('submit'))
 		{
 			/* file contents */
 			$suppliedFile = $_FILES['file'];
@@ -290,10 +290,10 @@ class PostController
 	{
 		$post = Model_Post::locate($id);
 		R::preload($post, ['uploader' => 'user']);
-		$edited = false;
-
 		$this->context->transport->post = $post;
 
+		if (InputHelper::get('submit'))
+		{
 			/* safety */
 			$suppliedSafety = InputHelper::get('safety');
 			if ($suppliedSafety !== null)
@@ -352,12 +352,10 @@ class PostController
 				$edited = true;
 			}
 
-
-		/* db storage */
-		if ($edited)
 			R::store($post);
 			$this->context->transport->success = true;
 		}
+	}
 
 
 
@@ -368,10 +366,13 @@ class PostController
 	{
 		$post = Model_Post::locate($id);
 		PrivilegesHelper::confirmWithException(Privilege::HidePost, PrivilegesHelper::getIdentitySubPrivilege($post->uploader));
+		if (InputHelper::get('submit'))
+		{
 			$post->hidden = true;
 			R::store($post);
 			$this->context->transport->success = true;
 		}
+	}
 
 	/**
 	* @route /post/{id}/unhide
@@ -380,10 +381,13 @@ class PostController
 	{
 		$post = Model_Post::locate($id);
 		PrivilegesHelper::confirmWithException(Privilege::HidePost, PrivilegesHelper::getIdentitySubPrivilege($post->uploader));
+		if (InputHelper::get('submit'))
+		{
 			$post->hidden = false;
 			R::store($post);
 			$this->context->transport->success = true;
 		}
+	}
 
 	/**
 	* @route /post/{id}/delete
@@ -392,6 +396,8 @@ class PostController
 	{
 		$post = Model_Post::locate($id);
 		PrivilegesHelper::confirmWithException(Privilege::DeletePost, PrivilegesHelper::getIdentitySubPrivilege($post->uploader));
+		if (InputHelper::get('submit'))
+		{
 			//remove stuff from auxiliary tables
 			$post->ownFavoritee = [];
 			$post->sharedTag = [];
@@ -399,6 +405,7 @@ class PostController
 			R::trash($post);
 			$this->context->transport->success = true;
 		}
+	}
 
 
 
@@ -410,7 +417,10 @@ class PostController
 	{
 		$post = Model_Post::locate($id);
 		R::preload($post, ['favoritee' => 'user']);
+		PrivilegesHelper::confirmWithException(Privilege::FavoritePost);
 
+		if (InputHelper::get('submit'))
+		{
 			if (!$this->context->loggedIn)
 				throw new SimpleException('Not logged in');
 
@@ -418,11 +428,11 @@ class PostController
 				if ($fav->id == $this->context->user->id)
 					throw new SimpleException('Already in favorites');
 
-		PrivilegesHelper::confirmWithException(Privilege::FavoritePost);
 			$post->link('favoritee')->user = $this->context->user;
 			R::store($post);
 			$this->context->transport->success = true;
 		}
+	}
 
 	/**
 	* @route /post/{id}/rem-fav
@@ -432,8 +442,10 @@ class PostController
 	{
 		$post = Model_Post::locate($id);
 		R::preload($post, ['favoritee' => 'user']);
-
 		PrivilegesHelper::confirmWithException(Privilege::FavoritePost);
+
+		if (InputHelper::get('submit'))
+		{
 			if (!$this->context->loggedIn)
 				throw new SimpleException('Not logged in');
 
@@ -449,6 +461,7 @@ class PostController
 			R::store($post);
 			$this->context->transport->success = true;
 		}
+	}
 
 
 

src/Controllers/TagController.php

@@ -49,6 +49,8 @@ class TagController
 	public function mergeAction()
 	{
 		PrivilegesHelper::confirmWithException(Privilege::MergeTags);
+		if (InputHelper::get('submit'))
+		{
 			$sourceTag = Model_Tag::locate(InputHelper::get('source-tag'));
 			$targetTag = Model_Tag::locate(InputHelper::get('target-tag'));
 
@@ -66,6 +68,7 @@ class TagController
 			\Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('tag', 'list'));
 			$this->view->context->success = true;
 		}
+	}
 
 	/**
 	* @route /tags/rename
@@ -73,7 +76,8 @@ class TagController
 	public function renameAction()
 	{
 		PrivilegesHelper::confirmWithException(Privilege::MergeTags);
-
+		if (InputHelper::get('submit'))
+		{
 			$suppliedSourceTag = InputHelper::get('source-tag');
 			$suppliedSourceTag = Model_Tag::validateTag($suppliedSourceTag);
 
@@ -87,4 +91,5 @@ class TagController
 			\Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('tag', 'list'));
 			$this->context->transport->success = true;
 		}
+	}
 }

src/Controllers/UserController.php

@@ -128,10 +128,13 @@ class UserController
 	{
 		$user = Model_User::locate($name);
 		PrivilegesHelper::confirmWithException(Privilege::BanUser, PrivilegesHelper::getIdentitySubPrivilege($user));
+		if (InputHelper::get('submit'))
+		{
 			$user->banned = true;
 			R::store($user);
 			$this->context->transport->success = true;
 		}
+	}
 
 	/**
 	* @route /post/{name}/unban
@@ -141,10 +144,13 @@ class UserController
 	{
 		$user = Model_User::locate($name);
 		PrivilegesHelper::confirmWithException(Privilege::BanUser, PrivilegesHelper::getIdentitySubPrivilege($user));
+		if (InputHelper::get('submit'))
+		{
 			$user->banned = false;
 			R::store($user);
 			$this->context->transport->success = true;
 		}
+	}
 
 	/**
 	* @route /post/{name}/accept-registration
@@ -154,11 +160,13 @@ class UserController
 	{
 		$user = Model_User::locate($name);
 		PrivilegesHelper::confirmWithException(Privilege::AcceptUserRegistration);
+		if (InputHelper::get('submit'))
+		{
 			$user->staff_confirmed = true;
 			R::store($user);
 			$this->context->transport->success = true;
 		}
-
+	}
 
 
 
@@ -181,7 +189,7 @@ class UserController
 
 		$this->context->suppliedCurrentPassword = $suppliedCurrentPassword = InputHelper::get('current-password');
 
-		if (InputHelper::get('remove'))
+		if (InputHelper::get('submit'))
 		{
 			if ($this->context->user->id == $user->id)
 			{
@@ -217,9 +225,7 @@ class UserController
 	{
 		try
 		{
-
 			$user = Model_User::locate($name);
-			$edited = false;
 			PrivilegesHelper::confirmWithException(Privilege::ViewUser, PrivilegesHelper::getIdentitySubPrivilege($user));
 
 			$this->context->handleExceptions = true;
@@ -237,12 +243,13 @@ class UserController
 			$this->context->suppliedAccessRank = $suppliedAccessRank = InputHelper::get('access-rank');
 			$currentPasswordHash = $user->pass_hash;
 
+			if (InputHelper::get('submit'))
+			{
 				if ($suppliedName != '' and $suppliedName != $user->name)
 				{
 					PrivilegesHelper::confirmWithException(Privilege::ChangeUserName, PrivilegesHelper::getIdentitySubPrivilege($user));
 					$suppliedName = Model_User::validateUserName($suppliedName);
 					$user->name = $suppliedName;
-				$edited = true;
 				}
 
 				if ($suppliedPassword1 != '')
@@ -252,7 +259,6 @@ class UserController
 						throw new SimpleException('Specified passwords must be the same');
 					$suppliedPassword = Model_User::validatePassword($suppliedPassword1);
 					$user->pass_hash = Model_User::hashPassword($suppliedPassword, $user->pass_salt);
-				$edited = true;
 				}
 
 				if ($suppliedEmail != '' and $suppliedEmail != $user->email_confirmed)
@@ -269,7 +275,6 @@ class UserController
 					{
 						$user->email_confirmed = $suppliedEmail;
 					}
-				$edited = true;
 				}
 
 				if ($suppliedAccessRank != '' and $suppliedAccessRank != $user->access_rank)
@@ -277,11 +282,8 @@ class UserController
 					PrivilegesHelper::confirmWithException(Privilege::ChangeUserAccessRank, PrivilegesHelper::getIdentitySubPrivilege($user));
 					$suppliedAccessRank = Model_User::validateAccessRank($suppliedAccessRank);
 					$user->access_rank = $suppliedAccessRank;
-				$edited = true;
 				}
 
-			if ($edited)
-			{
 				if ($this->context->user->id == $user->id)
 				{
 					$suppliedPasswordHash = Model_User::hashPassword($suppliedCurrentPassword, $user->pass_salt);
@@ -291,7 +293,6 @@ class UserController
 				R::store($user);
 				$this->context->transport->success = true;
 			}
-
 		}
 		catch (Exception $e)
 		{

src/Views/post-upload.phtml

@@ -81,6 +81,8 @@
 						<label class="left">Source:</label>
 						<div class="input-wrapper"><input type="text" name="source" placeholder="where did you get this from? (optional)"/></div>
 					</div>
+
+					<input type="hidden" name="submit" value="1"/>
 				</form>
 			</div>
 		</div>

src/Views/post-view.phtml

@@ -252,6 +252,8 @@
 				</div>
 			<?php endif ?>
 
+			<input type="hidden" name="submit" value="1"/>
+
 			<div>
 				<label class="left">&nbsp;</label>
 				<button type="submit">Submit</button>

src/Views/tag-list.phtml

@@ -25,6 +25,8 @@
 				<div class="input-wrapper"><input type="text" name="target-tag" id="merge-target-tag"></div>
 			</div>
 
+			<input type="hidden" name="submit" value="1"/>
+
 			<div>
 				<label class="left">&nbsp;</label>
 				<button type="submit">Merge!</button>
@@ -47,6 +49,8 @@
 				<div class="input-wrapper"><input type="text" name="target-tag" id="rename-target-tag"></div>
 			</div>
 
+			<input type="hidden" name="submit" value="1"/>
+
 			<div>
 				<label class="left">&nbsp;</label>
 				<button type="submit">Rename!</button>

src/Views/user-delete.phtml

@@ -1,4 +1,4 @@
-<form action="<?php echo \Chibi\UrlHelper::route('user', 'delete', ['name' => $this->context->transport->user->name]) ?>" method="post" class="edit aligned" autocomplete="off" data-confirm-text="Are you sure you want to delete your account?">
+<form action="<?php echo \Chibi\UrlHelper::route('user', 'delete', ['name' => $this->context->transport->user->name]) ?>" method="post" class="delete aligned" autocomplete="off" data-confirm-text="Are you sure you want to delete your account?">
 	<?php if ($this->context->user->id == $this->context->transport->user->id): ?>
 		<div class="current-password">
 			<label class="left" for="current-password">Current password:</label>
@@ -6,7 +6,7 @@
 		</div>
 	<?php endif ?>
 
-	<input type="hidden" name="remove" value="1"/>
+	<input type="hidden" name="submit" value="1"/>
 
 	<?php if ($this->context->transport->success === true): ?>
 		<p class="alert alert-success">Account settings updated!</p>

src/Views/user-edit.phtml

@@ -50,6 +50,8 @@
 		</div>
 	<?php endif ?>
 
+	<input type="hidden" name="submit" value="1"/>
+
 	<?php if ($this->context->transport->success === true): ?>
 		<p class="alert alert-success">Account settings updated! <?php if (!empty($this->context->mailSent)) echo 'You will be sent new e-mail address confirmation message soon.' ?></p>
 	<?php elseif (isset($this->context->transport->errorMessage)): ?>