Changeset View
Changeset View
Standalone View
Standalone View
src/applications/phame/controller/blog/PhameBlogLiveController.php
| <?php | <?php | ||||
| final class PhameBlogLiveController extends PhameController { | final class PhameBlogLiveController extends PhameController { | ||||
| public function shouldAllowPublic() { | public function shouldAllowPublic() { | ||||
| return true; | return true; | ||||
| } | } | ||||
| public function handleRequest(AphrontRequest $request) { | public function handleRequest(AphrontRequest $request) { | ||||
| $user = $request->getUser(); | $user = $request->getUser(); | ||||
| $site = $request->getSite(); | |||||
| if ($site instanceof PhameBlogSite) { | |||||
| $blog = $site->getBlog(); | |||||
| } else { | |||||
| $id = $request->getURIData('id'); | $id = $request->getURIData('id'); | ||||
| $blog = id(new PhameBlogQuery()) | $blog = id(new PhameBlogQuery()) | ||||
| ->setViewer($user) | ->setViewer($user) | ||||
| ->withIDs(array($id)) | ->withIDs(array($id)) | ||||
| ->executeOne(); | ->executeOne(); | ||||
| if (!$blog) { | if (!$blog) { | ||||
| return new Aphront404Response(); | return new Aphront404Response(); | ||||
| } | } | ||||
| } | |||||
| if ($blog->getDomain() && ($request->getHost() != $blog->getDomain())) { | if ($blog->getDomain() && ($request->getHost() != $blog->getDomain())) { | ||||
| $base_uri = $blog->getLiveURI(); | $base_uri = $blog->getLiveURI(); | ||||
| // Don't redirect directly, since the domain is user-controlled and there | // Don't redirect directly, since the domain is user-controlled and there | ||||
| // are a bevy of security issues associated with automatic redirects to | // are a bevy of security issues associated with automatic redirects to | ||||
| // external domains. | // external domains. | ||||
| Show All 37 Lines | |||||