Page MenuHomePhabricator
Differential D20125

Fix two very, very minor correctness issues in Slowvote
ClosedPublic
Actions

Authored by epriestley on Feb 7 2019, 5:29 PM.
Tags
None
Referenced Files
F19930131: D20125.diff
Wed, Apr 8, 8:39 PM
F19902625: D20125.id48051.diff
Mon, Mar 30, 8:26 PM
F19871545: D20125.diff
Mar 15 2026, 10:58 AM
F19516271: D20125.diff
Jan 14 2026, 10:05 PM
F19369746: D20125.diff
Dec 26 2025, 3:22 PM
F19003219: D20125.id48051.diff
Nov 21 2025, 8:07 AM
F18758825: D20125.id48044.diff
Oct 5 2025, 11:54 PM
F18723975: D20125.diff
Sep 30 2025, 2:47 AM
View All Files
Subscribers
None

Details

Reviewers
amckinley
Commits
rP26081594e2f3: Fix two very, very minor correctness issues in Slowvote
Summary

See https://hackerone.com/reports/492525 and https://hackerone.com/reports/489531. I previously awarded a bounty for https://hackerone.com/reports/434116 so Slowvote is getting "researched" a lot.

  • Prevent users from undoing their vote by submitting the form with nothing selected.
  • Prevent users from racing between the delete() and save() to vote for multiple options in a plurality poll.
Test Plan
  • Clicked the vote button with nothing selected in plurality and approval polls, got an error now.
  • Added a sleep(5) between delete() and save(). Submitted different plurality votes in different windows. Before: votes raced, invalid end state. After: votes waited on the lock, arrived in a valid end state.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
src/
applications/
slowvote/
controller/
53 lines

Diff 48051

View Options

src/applications/slowvote/controller/PhabricatorSlowvoteVoteController.php

Loading...
Phabricator · Built by Phacility