From: Alexandre Emsenhuber <ialex@users.mediawiki.org>
Date: Fri, 4 Nov 2011 16:40:00 +0000 (+0000)
Subject: And while I'm at it, move token check to onView() so that if action=markpatrolled... 
X-Git-Tag: 1.31.0-rc.0~26701
X-Git-Url: https://git.cyclocoop.org/%7B%24admin_url%7Dmembres/%7B%7B%20url_for%28%27vote%27%2C%20idvote=vote.voteid%29%20%7D%7D?a=commitdiff_plain;h=6f74142d46505e58d01cded621a83c0c24ce5a35;p=lhc%2Fweb%2Fwiklou.git

And while I'm at it, move token check to onView() so that if action=markpatrolled is called without parameters, the user will see 'markedaspatrollederror' error and not 'sessionfailure'
---

diff --git a/includes/actions/MarkpatrolledAction.php b/includes/actions/MarkpatrolledAction.php
index c1f6fdc40d..b4d41f16c7 100644
--- a/includes/actions/MarkpatrolledAction.php
+++ b/includes/actions/MarkpatrolledAction.php
@@ -36,22 +36,21 @@ class MarkpatrolledAction extends FormlessAction {
 		return '';
 	}
 
-	protected function checkCanExecute( User $user ) {
-		if ( !$user->matchEditToken( $this->getRequest()->getVal( 'token' ), $this->getRequest()->getInt( 'rcid' ) ) ) {
-			throw new ErrorPageError( 'sessionfailure-title', 'sessionfailure' );
-		}
-
-		return parent::checkCanExecute( $user );
-	}
-
 	public function onView() {
-		$rc = RecentChange::newFromId( $this->getRequest()->getInt( 'rcid' ) );
+		$request = $this->getRequest();
 
+		$rcId = $request->getInt( 'rcid' );
+		$rc = RecentChange::newFromId( $rcId );
 		if ( is_null( $rc ) ) {
 			throw new ErrorPageError( 'markedaspatrollederror', 'markedaspatrollederrortext' );
 		}
 
-		$errors = $rc->doMarkPatrolled( $this->getUser() );
+		$user = $this->getUser();
+		if ( !$user->matchEditToken( $request->getVal( 'token' ), $rcId ) ) {
+			throw new ErrorPageError( 'sessionfailure-title', 'sessionfailure' );
+		}
+
+		$errors = $rc->doMarkPatrolled( $user );
 
 		if ( in_array( array( 'rcpatroldisabled' ), $errors ) ) {
 			throw new ErrorPageError( 'rcpatroldisabled', 'rcpatroldisabledtext' );