From 2966a5c109934a8d1fd698f6e3ced27b629c3ffb Mon Sep 17 00:00:00 2001 From: grandeljay Date: Sun, 12 Nov 2023 12:11:48 +0100 Subject: [PATCH] fix: #179 shared wishlist not accessible --- src/api/wishlists.php | 34 +++++++++----- src/assets/js/inline.js.php | 11 ++--- .../js/parts/wishlist-filter-priority.js | 44 +++++++++++++------ 3 files changed, 60 insertions(+), 29 deletions(-) diff --git a/src/api/wishlists.php b/src/api/wishlists.php index 1a5a1b4e..6d2e6232 100644 --- a/src/api/wishlists.php +++ b/src/api/wishlists.php @@ -104,7 +104,7 @@ switch ($_SERVER['REQUEST_METHOD']) { case 'GET': $getWishlistCardsFromPriority = isset($_GET['wishlist_id'], $_GET['priority']); - $getWishlistFromHash = isset($_GET['wishlist_hash']); + $getWishlistFromHash = isset($_GET['wishlist_hash'], $_GET['priority']); $getOwnWishlists = $user->isLoggedIn(); if ($getWishlistCardsFromPriority) { @@ -170,16 +170,30 @@ switch ($_SERVER['REQUEST_METHOD']) { } elseif ($getWishlistFromHash) { $wishlist = Wishlist::getFromHash($_GET['wishlist_hash']); - if ($wishlist instanceof Wishlist) { - $response['results'] = array( - 'id' => $wishlist->getId(), - 'hash' => $wishlist->getHash(), - 'userId' => $wishlist->getUserId(), - ); - ; - } else { - http_response_code(404); + $priorityAll = -1; + $priorityNone = 0; + $priority = (int) $_GET['priority'] ?? $priorityAll; + + $options = array( + 'style' => $_GET['style'], + 'placeholders' => array(), + ); + $where = array( + 'wishlist' => '`wishlist` = ' . $wishlist->getId(), + 'priority' => '`priority` = ' . $priority, + ); + + if ($priorityAll === $priority) { + unset($where['priority']); } + + if ($priorityNone === $priority) { + $where['priority'] = '`priority` IS NULL OR `priority` = 0'; + } + + $options['WHERE'] = '(' . implode(') AND (', $where) . ')'; + + $response['results'] = $wishlist->getCards($options); } elseif ($getOwnWishlists) { $wishlists = array(); $wishlistsItems = array(); diff --git a/src/assets/js/inline.js.php b/src/assets/js/inline.js.php index 5338d8fc..4081fa2d 100644 --- a/src/assets/js/inline.js.php +++ b/src/assets/js/inline.js.php @@ -162,11 +162,12 @@ global $options; */ '/index.php?page=api&module=wishlists', - 'get wishlists by priority' => '/index.php?page=api&module=wishlists&style={style}&wishlist_id={wishlistid}&priority={priority}', - 'delete wishlist' => '/index.php?page=api&module=wishlists', - 'update wish status' => '/index.php?page=api&module=wishes', - 'delete wish' => '/index.php?page=api&module=wishes&wish_id={wishid}', + 'get wishlists' => '/index.php?page=api&module=wishlists', + 'get wishes by wishlist id' => '/index.php?page=api&module=wishlists&style={style}&priority={priority}&wishlist_id={wishlistid}', + 'get wishes by wishlist hash' => '/index.php?page=api&module=wishlists&style={style}&priority={priority}&wishlist_hash={wishlisthash}', + 'delete wishlist' => '/index.php?page=api&module=wishlists', + 'update wish status' => '/index.php?page=api&module=wishes', + 'delete wish' => '/index.php?page=api&module=wishes&wish_id={wishid}', ); ?> diff --git a/src/assets/js/parts/wishlist-filter-priority.js b/src/assets/js/parts/wishlist-filter-priority.js index db0fd27a..355a156d 100644 --- a/src/assets/js/parts/wishlist-filter-priority.js +++ b/src/assets/js/parts/wishlist-filter-priority.js @@ -3,26 +3,42 @@ $(function () { /** * Filter wishes */ + var apiGetWishesByWishlistId = function (settings) { + var wishlistId = $('.wishlist-cards[data-wishlist]').attr('data-wishlist'); + + if (undefined === wishthis.$_GET.id && undefined !== wishlistId && wishlistId.length > 0) { + wishthis.$_GET.id = wishlistId; + } + + settings.urlData.style = $('input[name="style"]').val(); + settings.urlData.priority = $('.ui.dropdown.filter.priority').dropdown('get value'); + settings.urlData.wishlistid = wishthis.$_GET.id; + + return settings; + }; + var apiGetWishesByWishlistHash = function (settings) { + settings.urlData.style = $('input[name="style"]').val(); + settings.urlData.priority = $('.ui.dropdown.filter.priority').dropdown('get value'); + settings.urlData.wishlisthash = wishthis.$_GET.hash; + + return settings; + }; + var action = 'get wishes by wishlist id'; + var apiGetWishes = apiGetWishesByWishlistId; + + if (wishthis.$_GET.hash) { + var action = 'get wishes by wishlist hash'; + var apiGetWishes = apiGetWishesByWishlistHash; + } + $('.ui.dropdown.filter.priority') .dropdown({ 'match' : 'text', 'fullTextSearch' : true, }) .api({ - 'action' : 'get wishlists by priority', - 'beforeSend' : function (settings) { - var wishlistId = $('.wishlist-cards[data-wishlist]').attr('data-wishlist'); - - if (undefined === wishthis.$_GET.id && undefined !== wishlistId && wishlistId.length > 0) { - wishthis.$_GET.id = wishlistId; - } - - settings.urlData.style = $('input[name="style"]').val(); - settings.urlData.priority = $('.ui.dropdown.filter.priority').dropdown('get value'); - settings.urlData.wishlistid = wishthis.$_GET.id; - - return settings; - }, + 'action' : action, + 'beforeSend' : apiGetWishes, 'onSuccess' : function (response, dropdown_wishlists, xhr) { var html = response.results ? response.results : '';