Open carrythebanner opened 5 years ago
See https://github.com/shift-org/shift-docs/blob/master/docs/CALENDAR_ADMIN.md for the playbook on how we currently generate links for people by hand.
looks to be a client side issue; note the url in the browser bar, and the json request in the console
get /api/retrieve_event.php
is called by
addevent.js:getAddEventForm()
which is called by
main.js:viewAddEventForm(eventid, secret)
which is called by
events.html
which passes the secret it pulls from parseURL()
.
parseURL()
is implemented in scripts.html
and uses the regular expression:
var editEventRe = /edit-([0-9]+)-([0-9a-zA-Z]*)/g;
could change that to:
var editEventRe = /edit-(\d+)-([\w-]*)/g;
Our auto-generated secret links are random letters and numbers only. But sometimes when we create an edit link for someone by hand, it's useful to have a more readable link like
https://shift2bikes.org/addevent/edit-99999-not-very-secret
. Right now, if the secret contains a hyphen as innot-very-secret
only the portion before the first hyphen will be interpreted as the secret (not
). The result is that the link can't actually be used to manage the event, because the event can't be updated without the correct secret.We can just stop including hyphens in secrets as a short-term solution, but longer term it would be nice to handle those.