When saving an entry with a duplicate slug, any other entries with same slug are overwritten

[bgarrant]

Describe the bug When saving an entry with a duplicate slug, the original is overwritten no matter what user created it.

To Reproduce Just make a new entry in a Workshop form with the same title and the slug will be the same. Save and it will overwrite any other entry, regardless of user with same slug.

Expected behavior A number should be added at the end of the slug like -2

Screenshots If applicable, add screenshots to help explain your problem.

Environment details (please complete the following information): Using latest 2.10.2 Statamic and Workshop 1.1.0.

Additional context

[dannyuk1982]

I get this too, in addition to being able to overwrite their own entries – the site I am doing now lets users access a common collection, but only access their own entries (tracked by a owner field containing their id). If user foo makes an entry, my-entry, user bar can overwrite this simply by creating a new entry with the same slug.

[bgarrant]

Any way we can get this one fixed ASAP as it is a huge security issue and I have a Workshop site about to launch in like 4 days? I also have separated user permissions like @dannyuk1982 so I cant have them overwriting other users

[danielfowler]

I agree, it would be great to have Statamic auto-recognize an existing file and append a suffix when using workshop:entry:create

In the meantime, how I've circumvented this is by having a hidden input be my slug, a la <input type="hidden" name="slug" value="seo-words-{{ something_unique_from_user }}-{{ now | format:YmdHisv }}"/>

If you want to get fancy with a little bit of JS, you can add an event listener to another user input, and insert user-provided text into your hidden slug value.

I'm king of workarounds.

[dannyuk1982]

You end up with an ugly URL then, the same error check that happens in the CP happening here would fix this in a far more elegant way. (Nice workaround though :))

[bgarrant]

We just need a way to automatically add an incremental integer to the slug and filename if an entry already exists. Some entries we have for users WILL have the same name every year so we need title to allow dups, but not the slug or filenames. Slugs would auto-increment like:

entry
entry-2
entry-3
entry-4

You get the idea

[dannyuk1982]

@bgarrant that might work for some use cases, but the URL is important for me so would rather that slugs are unique, but that an error is returned where they would be the same - as per how the CP works now

[bgarrant]

We need a way to toggle that error or auto-increment then as I do not want Users having to deal with slugs and such. These users just enter in an event into a Workshop form and they won't understand slugs.

[jasonvarga]

I've added the same slug validation as there is in the control panel. Want to grab the master branch from here and try it out? (Don't download from the Marketplace) If it looks good to you, I'll tag 1.1.1

We'll treat the incrementing slugs as a separate feature request.

[bgarrant]

@jasonvarga I need the incrementing slugs as the USERS have no access to the slug field. The are not trained in any way so do not understand what that is. Do you want me to open a ticket for that feature as that is the one I need most. Danny and I both need this but in two diff ways. Thanks as always

[bgarrant]

@jasonvarga what about a parameter or something like slugify-increment to add to the workshop tag?

{{ workshop:entry:create collection="events" slugify-increment="title" }}

[dannyuk1982]

Works great, thanks @jasonvarga

[jasonvarga]

Yes @bgarrant, open a separate feature request. This issue is about how the entry can be overridden. The validation addresses that.

[bgarrant]

@jasonvarga See https://github.com/statamic/workshop/issues/18

[bgarrant]

Is there a way to change the error message manually so USER will see Title already exists instead of Slug already exists

[dannyuk1982]

If there was a way of having inline errors (i.e. an array of errors with named keys) then you could put anything you wanted there. Related to this, but for Workshop https://github.com/statamic/v2-hub/issues/2090