diff options
| author | Benjamin Kellermann <Benjamin.Kellermann@gmx.de> | 2016-10-14 01:34:13 +0200 |
|---|---|---|
| committer | Benjamin Kellermann <Benjamin.Kellermann@gmx.de> | 2016-10-14 01:34:13 +0200 |
| commit | af92765798574598edc29651fa306d8b2eb67004 (patch) | |
| tree | 5933a7b06e6cc331124d9fbf5f3a220b5d347a79 /index.cgi | |
| parent | 07c331e84c917f05c8d7cdb4d0316e5ef6728463 (diff) | |
catch poll_type manipulation
Diffstat (limited to 'index.cgi')
| -rwxr-xr-x | index.cgi | 41 |
1 files changed, 24 insertions, 17 deletions
@@ -50,23 +50,30 @@ if $cgi.include?("create_poll") && $cgi.include?("poll_url") createnotice = _("A Poll with this address already exists.") else Dir.mkdir(POLLURL) Dir.chdir(POLLURL) - VCS.init - File.symlink("../participate.rb","index.cgi") - VCS.add("index.cgi") - ["atom","customize", "history", "overview", "edit_columns","access_control", "delete_poll", "invite_participants"].each{|f| - File.symlink("../#{f}.rb","#{f}.cgi") - VCS.add("#{f}.cgi") - } - ["data.yaml",".htaccess",".htdigest"].each{|f| - File.open(f,"w").close - VCS.add(f) - } - Poll.new(CGI.escapeHTML(POLLTITLE),$cgi["poll_type"]) - Dir.chdir("..") - $d.html.header["status"] = "REDIRECT" - $d.html.header["Cache-Control"] = "no-cache" - $d.html.header["Location"] = $conf.siteurl + POLLURL + "/edit_columns.cgi" - $d << _("The poll was created successfully. The link to your new poll is: %{link}") % {:link => "<br /><a href=\"#{POLLURL}\">#{POLLURL}</a>"} + begin + Poll.new(CGI.escapeHTML(POLLTITLE),$cgi["poll_type"]) + VCS.init + File.symlink("../participate.rb","index.cgi") + VCS.add("index.cgi") + ["atom","customize", "history", "overview", "edit_columns","access_control", "delete_poll", "invite_participants"].each{|f| + File.symlink("../#{f}.rb","#{f}.cgi") + VCS.add("#{f}.cgi") + } + ["data.yaml",".htaccess",".htdigest"].each{|f| + File.open(f,"w").close + VCS.add(f) + } + Dir.chdir("..") + $d.html.header["status"] = "REDIRECT" + $d.html.header["Cache-Control"] = "no-cache" + $d.html.header["Location"] = $conf.siteurl + POLLURL + "/edit_columns.cgi" + $d << _("The poll was created successfully. The link to your new poll is: %{link}") % {:link => "<br /><a href=\"#{POLLURL}\">#{POLLURL}</a>"} + rescue WrongPollTypeError # should only happen in case of hacking + $d.html.header["status"] = "REDIRECT" + $d.html.header["Cache-Control"] = "no-cache" + $d.html.header["Location"] = "http://localhost/" + $d << _("Go away.") + end end end end |