lucas.mathieu/cachet-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Don't allow redirecting to someones subscription. Closes #2047

Browse Source
This commit is contained in:
James Brooks
2016-08-10 12:56:18 +01:00
parent 5234c40590
commit 838beac285
2 changed files with 41 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/Http/Controllers/SubscribeController.php
View File

@@ -69,12 +69,12 @@ class SubscribeController extends Controller
->withErrors($e->getMessageBag());
}
$message = $subscription->is_verified ?
trans('cachet.subscriber.email.already-subscribed', ['email' => $email]) :
trans('cachet.subscriber.email.subscribed');
if ($subscription->is_verified) {
return Redirect::route('status-page')->withSuccess(trans('cachet.subscriber.email.already-subscribed', ['email' => $email]));
}
return Redirect::route('subscribe.manage', $subscription->verify_code)
->withSuccess(sprintf('%s %s', trans('dashboard.notifications.awesome'), $message));
->withSuccess(sprintf('%s %s', trans('dashboard.notifications.awesome'), trans('cachet.subscriber.email.subscribed')));
}
/**

48
resources/views/subscribe/manage.blade.php
View File

@@ -20,18 +20,44 @@
</div>
<form action="{{ route('subscribe.manage', $subscriber->verify_code) }}" method="post">
<input type="hidden" name="_token" value="{{ csrf_token() }}">
<div class="panel panel-default">
<div class="panel-heading">
{{ trans('cachet.subscriber.manage.my_subscriptions') }}
</div>
<div class="panel-body">
@if(!$component_groups->isEmpty() || !$ungrouped_components->isEmpty())
@include('partials.components_form')
@else
<p>{{ trans('cachet.subscriber.manage.no_subscriptions') }}</p>
@endif
</div>
@if(!$component_groups->isEmpty() || !$ungrouped_components->isEmpty())
@if($component_groups->count() > 0)
@foreach($component_groups as $componentGroup)
<div class="list-group components">
@if($componentGroup->enabled_components->count() > 0)
<div class="list-group-item group-name">
<i class="{{ $componentGroup->collapse_class_with_subscriptions($subscriptions) }} group-toggle"></i>
<strong>{{ $componentGroup->name }}</strong>
<div class="pull-right text-muted small">
<a href="#" class="select-group" id="select-all-{{$componentGroup->id}}">Select All</a>
&nbsp;|&nbsp;
<a href="#" class="deselect-group" id="deselect-all-{{$componentGroup->id}}">Deselect All</a>
</div>
</div>
<div class="form-group group-items {{ $componentGroup->has_subscriber($subscriptions) ? null : "hide" }}">
@foreach($componentGroup->enabled_components()->orderBy('order')->get() as $component)
@include('partials.component_input', compact($component))
@endforeach
</div>
@endif
</div>
@endforeach
@endif
@if($ungrouped_components->count() > 0)
<ul class="list-group components">
<div class="list-group-item group-name">
<strong>{{ trans('cachet.components.group.other') }}</strong>
</div>
@foreach($ungrouped_components as $component)
@include('partials.component_input', compact($component))
@endforeach
</ul>
@endif
@else
<p>{{ trans('cachet.subscriber.manage.no_subscriptions') }}</p>
@endif
<div class="text-right">
<button type="submit" class="btn btn-success">Update Subscription</button>
</div>