carrythebanner
commented
5 years ago See https://github.com/shift-org/shift-docs/blob/master/docs/CALENDAR_ADMIN.md for the playbook on how we currently generate links for people by hand.
Open carrythebanner opened 5 years ago
carrythebanner
commented
5 years ago See https://github.com/shift-org/shift-docs/blob/master/docs/CALENDAR_ADMIN.md for the playbook on how we currently generate links for people by hand.
ionous
commented
1 year ago looks to be a client side issue; note the url in the browser bar, and the json request in the console
get /api/retrieve_event.php is called by
addevent.js:getAddEventForm() which is called by
main.js:viewAddEventForm(eventid, secret) which is called by
events.html which passes the secret it pulls from parseURL().
parseURL() is implemented in scripts.html and uses the regular expression:
var editEventRe = /edit-([0-9]+)-([0-9a-zA-Z]*)/g;
could change that to:
var editEventRe = /edit-(\d+)-([\w-]*)/g;
Our auto-generated secret links are random letters and numbers only. But sometimes when we create an edit link for someone by hand, it's useful to have a more readable link like
https://shift2bikes.org/addevent/edit-99999-not-very-secret. Right now, if the secret contains a hyphen as innot-very-secretonly the portion before the first hyphen will be interpreted as the secret (not). The result is that the link can't actually be used to manage the event, because the event can't be updated without the correct secret.We can just stop including hyphens in secrets as a short-term solution, but longer term it would be nice to handle those.