]> git.openstreetmap.org Git - rails.git/blobdiff - app/controllers/amf_controller.rb
Escape user display names.
[rails.git] / app / controllers / amf_controller.rb
index 11594c436d25f0ba112f7939c9268bb4158f5daf..fd0296ae5ecbd4ce91bfd471077028e1bb73f89d 100644 (file)
@@ -58,8 +58,8 @@ class AmfController < ApplicationController
       when 'getway_old';               results[index]=AMF.putdata(index,getway_old(args))
       when 'getway_history';   results[index]=AMF.putdata(index,getway_history(args))
       when 'putway';                   r=putway(args,renumberednodes)
-        renumberednodes=r[3]
-        results[index]=AMF.putdata(index,r)
+                                                               renumberednodes=r[3]
+                                                               results[index]=AMF.putdata(index,r)
       when 'deleteway';                        results[index]=AMF.putdata(index,deleteway(args))
       when 'putpoi';                   results[index]=AMF.putdata(index,putpoi(args))
       when 'getpoi';                   results[index]=AMF.putdata(index,getpoi(args))
@@ -293,11 +293,13 @@ class AmfController < ApplicationController
 
     RAILS_DEFAULT_LOGGER.info("  Message: putway, id=#{originalway}")
 
-    # -- Temporary check for null IDs
+    # -- Check for null IDs or short ways
 
     points.each do |a|
       if a[2]==0 or a[2].nil? then return -2,"Server error - node with id 0 found in way #{originalway}." end
     end
+    
+    if points.length<2 then return -2,"Server error - way is only #{points.length} points long." end
 
     # -- 3.    read original way into memory
 
@@ -498,52 +500,18 @@ class AmfController < ApplicationController
   #                            also removes ways/nodes from any relations they're in
   #              out:  [0] 0 (success), [1] way id (unchanged)
   def deleteway(args) #:doc:
-
-    usertoken,way=args
-
-    RAILS_DEFAULT_LOGGER.info("  Message: deleteway, id=#{way}")
+    usertoken,way_id=args
+    RAILS_DEFAULT_LOGGER.info("  Message: deleteway, id=#{way_id}")
     uid=getuserid(usertoken)
     if !uid then return -1,"You are not logged in, so the way could not be deleted." end
 
-    way=way.to_i
-    db_uqn='unin'+(rand*100).to_i.to_s+uid.to_s+way.to_i.abs.to_s+Time.new.to_i.to_s   # temp uniquenodes table name, typically 51 chars
-    db_now='@now'+(rand*100).to_i.to_s+uid.to_s+way.to_i.abs.to_s+Time.new.to_i.to_s   # 'now' variable name, typically 51 chars
-    ActiveRecord::Base.connection.execute("SET #{db_now}=NOW()")
-
-    # - delete any otherwise unused nodes
-
-    createuniquenodes(way,db_uqn,[])
-
-    #  unless (preserve.empty?) then
-    #          ActiveRecord::Base.connection.execute("DELETE FROM #{db_uqn} WHERE node_id IN ("+preserve.join(',')+")")
-    #  end
-
-    sql=<<-EOF
-  INSERT INTO nodes (id,latitude,longitude,timestamp,user_id,visible,tile)
-  SELECT DISTINCT cn.id,cn.latitude,cn.longitude,#{db_now},#{uid},0,cn.tile
-    FROM current_nodes AS cn,#{db_uqn}
-   WHERE cn.id=node_id
-    EOF
-    ActiveRecord::Base.connection.insert(sql)
-
-    sql=<<-EOF
-      UPDATE current_nodes AS cn, #{db_uqn}
-         SET cn.timestamp=#{db_now},cn.visible=0,cn.user_id=#{uid} 
-       WHERE cn.id=node_id
-    EOF
-    ActiveRecord::Base.connection.update(sql)
+    user = User.find(uid)
 
-    deleteuniquenoderelations(db_uqn,uid,db_now)
-    ActiveRecord::Base.connection.execute("DROP TEMPORARY TABLE #{db_uqn}")
+    way = Way.find(way_id)
 
-    # - delete way
+    way.delete_with_relations_and_nodes_and_history(user)  
 
-    ActiveRecord::Base.connection.insert("INSERT INTO ways (id,user_id,timestamp,visible) VALUES (#{way},#{uid},#{db_now},0)")
-    ActiveRecord::Base.connection.update("UPDATE current_ways SET user_id=#{uid},timestamp=#{db_now},visible=0 WHERE id=#{way}")
-    ActiveRecord::Base.connection.execute("DELETE FROM current_way_nodes WHERE id=#{way}")
-    ActiveRecord::Base.connection.execute("DELETE FROM current_way_tags WHERE id=#{way}")
-    deleteitemrelations(way,'way',uid,db_now)
-    [0,way]
+    return [0,way_id]
   end
 
   def readwayquery(id,insistonvisible) #:doc: