getArticleLink: add escaping; open_article_in_new_window: add error notifications (closes #202)
This commit is contained in:
Andrew Dolgov
parent
ae56f76274
commit
06925d9e85
2 changed files with 10 additions and 1 deletions
|
|
@ -68,10 +68,15 @@ function open_article_callback(transport) {
|
|||
try {
|
||||
|
||||
if (transport.responseXML) {
|
||||
|
||||
var link = transport.responseXML.getElementsByTagName("link")[0];
|
||||
var id = transport.responseXML.getElementsByTagName("id")[0];
|
||||
|
||||
debug("open_article_callback, received link: " + link);
|
||||
|
||||
if (link) {
|
||||
debug("link url: " + link.firstChild.nodeValue);
|
||||
|
||||
window.open(link.firstChild.nodeValue, "_blank");
|
||||
|
||||
if (id) {
|
||||
|
|
@ -80,7 +85,11 @@ function open_article_callback(transport) {
|
|||
window.setTimeout("toggleUnread(" + id + ", 0)", 100);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
notify_error("Can't open article: received invalid article link");
|
||||
}
|
||||
} else {
|
||||
notify_error("Can't open article: received invalid XML");
|
||||
}
|
||||
|
||||
} catch (e) {
|
||||
|
|
|
|||
|
|
@ -279,7 +279,7 @@
|
|||
WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'");
|
||||
|
||||
if (db_num_rows($result) == 1) {
|
||||
$link = strip_tags(db_fetch_result($result, 0, "link"));
|
||||
$link = htmlspecialchars(strip_tags(db_fetch_result($result, 0, "link")));
|
||||
print "<rpc-reply><link>$link</link><id>$id</id></rpc-reply>";
|
||||
} else {
|
||||
print "<rpc-reply><error>Article not found</error></rpc-reply>";
|
||||
|
|
|
|||
Loading…
Reference in a new issue