chris
/
pixelfed
forked from mirror/pixelfed
1
0
Fork 0
Code Pull Requests Activity

Update ParentalControlsController, redirect to new custom error page on active session when attempting to use child invite link so as to not overwrite parent active session with child session

This commit is contained in:
Daniel Supernault 2024-01-11 02:12:54 -07:00
parent ef57d471e5
commit 319a20b473
No known key found for this signature in database
GPG Key ID: 23740873EE6F76A1
2 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
app/Http/Controllers/ParentalControlsController.php
View File

@ -87,7 +87,14 @@ class ParentalControlsController extends Controller
public function inviteRegister(Request $request, $id, $code)
{
if($request->user()) {
$title = 'You cannot complete this action on this device.';
$body = 'Please log out or use a different device or browser to complete the invitation registration.';
return view('errors.custom', compact('title', 'body'));
}
$this->authPreflight($request, true, false);
$pc = ParentalControls::whereRaw('verify_code = BINARY ?', $code)->whereNull(['email_verified_at', 'child_id'])->findOrFail($id);
abort_unless(User::whereId($pc->parent_id)->exists(), 404);
return view('settings.parental-controls.invite-register-form', compact('pc'));
@ -95,6 +102,12 @@ class ParentalControlsController extends Controller
public function inviteRegisterStore(Request $request, $id, $code)
{
if($request->user()) {
$title = 'You cannot complete this action on this device.';
$body = 'Please log out or use a different device or browser to complete the invitation registration.';
return view('errors.custom', compact('title', 'body'));
}
$this->authPreflight($request, true, false);
$pc = ParentalControls::whereRaw('verify_code = BINARY ?', $code)->whereNull('email_verified_at')->findOrFail($id);

10
resources/views/errors/custom.blade.php Normal file
View File

@ -0,0 +1,10 @@
@extends('layouts.app')
@section('content')
<div class="container">
<div class="error-page py-5 my-5 text-center">
<h3 class="font-weight-bold">{!! $title ?? config('instance.page.404.header')!!}</h3>
<p class="lead">{!! $body ?? config('instance.page.404.body')!!}</p>
</div>
</div>
@endsection