From 50e91c0043db9ef0cbb8d5530934e10a4e050b96 Mon Sep 17 00:00:00 2001 From: Mark McDowall Date: Sun, 18 Dec 2011 16:07:41 -0800 Subject: [PATCH] Replaced get and post with ajax to prevent XSRF. Replaced some usages of Console.Writeline with proper logging. --- .gitignore | 3 +- .../Providers/AutoConfigureProvider.cs | 6 ++- NzbDrone.Core/Providers/Core/UdpProvider.cs | 5 +- NzbDrone.Web/Scripts/NzbDrone/Notification.js | 13 ++--- NzbDrone.Web/Scripts/NzbDrone/addSeries.js | 52 +++++++++++++------ NzbDrone.Web/Views/Settings/Sabnzbd.cshtml | 1 - 6 files changed, 53 insertions(+), 27 deletions(-) diff --git a/.gitignore b/.gitignore index 1b2584233..95d0d8ead 100644 --- a/.gitignore +++ b/.gitignore @@ -43,4 +43,5 @@ NzbDrone.zip NzbDrone.sln.DotSettings.user* config.xml UpdateLogs/ -NzbDrone.Web/MediaCover \ No newline at end of file +NzbDrone.Web/MediaCover +NzbDrone.fpr \ No newline at end of file diff --git a/NzbDrone.Core/Providers/AutoConfigureProvider.cs b/NzbDrone.Core/Providers/AutoConfigureProvider.cs index 20abddecb..541533455 100644 --- a/NzbDrone.Core/Providers/AutoConfigureProvider.cs +++ b/NzbDrone.Core/Providers/AutoConfigureProvider.cs @@ -5,12 +5,14 @@ using System.Linq; using System.Net; using System.Net.NetworkInformation; using System.Text.RegularExpressions; +using NLog; using NzbDrone.Core.Model; namespace NzbDrone.Core.Providers { public class AutoConfigureProvider { + private static readonly Logger Logger = LogManager.GetCurrentClassLogger(); public SabnzbdInfoModel AutoConfigureSab() { @@ -88,8 +90,8 @@ namespace NzbDrone.Core.Providers } catch (Exception ex) { - Console.WriteLine("Failed to get response from: {0}", url); - Console.WriteLine(ex.Message, ex); + Logger.Trace("Failed to get response from: {0}", url); + Logger.Trace(ex.Message, ex); } return String.Empty; diff --git a/NzbDrone.Core/Providers/Core/UdpProvider.cs b/NzbDrone.Core/Providers/Core/UdpProvider.cs index d8955293e..c1b7bbe77 100644 --- a/NzbDrone.Core/Providers/Core/UdpProvider.cs +++ b/NzbDrone.Core/Providers/Core/UdpProvider.cs @@ -3,12 +3,15 @@ using System.Collections.Generic; using System.Net; using System.Net.Sockets; using System.Text; +using NLog; using Ninject; namespace NzbDrone.Core.Providers.Core { public class UdpProvider { + private static readonly Logger Logger = LogManager.GetCurrentClassLogger(); + [Inject] public UdpProvider() { @@ -168,7 +171,7 @@ namespace NzbDrone.Core.Providers.Core catch (Exception exc) { - Console.WriteLine(exc); + Logger.TraceException(exc.Message, exc); return null; } } diff --git a/NzbDrone.Web/Scripts/NzbDrone/Notification.js b/NzbDrone.Web/Scripts/NzbDrone/Notification.js index 3936a117d..2172503c1 100644 --- a/NzbDrone.Web/Scripts/NzbDrone/Notification.js +++ b/NzbDrone.Web/Scripts/NzbDrone/Notification.js @@ -64,9 +64,14 @@ $(window).load(function () { refreshNotifications(); } - function refreshNotifications() { - $.get('/notification/Comet', { message: currentMessage }, notificationCallback); + $.ajax({ + url: '/notification/Comet', + data: { message: currentMessage }, + success: function (data) { + notificationCallback(data); + } + }); } function notificationCallback(data) { @@ -83,10 +88,6 @@ $(window).load(function () { } //SetupNotifications(); - //DisplayMsg("Scanning Series Folder."); - - - function displayMsg(sMsg) { //set the message text $("#msgText").showHtml(sMsg, 150); diff --git a/NzbDrone.Web/Scripts/NzbDrone/addSeries.js b/NzbDrone.Web/Scripts/NzbDrone/addSeries.js index e384e3c09..0ef008465 100644 --- a/NzbDrone.Web/Scripts/NzbDrone/addSeries.js +++ b/NzbDrone.Web/Scripts/NzbDrone/addSeries.js @@ -20,9 +20,7 @@ $(".masterQualitySelector").live('change', function () { }); $(".addExistingButton").live('click', function () { - var root = $(this).parents(".existingSeries"); - var title = $(this).siblings(".seriesLookup").val(); var seriesId = $(this).siblings(".seriesId").val(); var qualityId = $(this).siblings(".qualitySelector").val(); @@ -44,16 +42,27 @@ $(".addExistingButton").live('click', function () { }); function reloadExistingSeries() { - $.get(existingSeriesUrl, function (data) { + $.ajax({ + url: existingSeriesUrl, + success: function( data ) { $('#existingSeries').html(data); + } }); } //RootDir +//Delete RootDir $('#rootDirs .actionButton img').live('click', function (image) { var path = $(image.target).attr('id'); - $.post(deleteRootDirUrl, { Path: path }, function () { - refreshRoot(); + + $.ajax({ + type: "POST", + url: deleteRootDirUrl, + data: { Path: path }, + success: function () { + refreshRoot(); + $("#rootDirInput").val(''); + } }); }); @@ -61,20 +70,29 @@ $('#saveDir').live('click', saveRootDir); function saveRootDir() { var path = $("#rootDirInput").val(); + if (path) { - $.post(saveRootDirUrl, { Path: path }, function () { - refreshRoot(); - $("#rootDirInput").val(''); + $.ajax({ + type: "POST", + url: saveRootDirUrl, + data: { Path: path }, + success: function () { + refreshRoot(); + $("#rootDirInput").val(''); + } }); } } function refreshRoot() { - $.get(rootListUrl, function (data) { - $('#rootDirs').html(data); + $.ajax({ + url: rootListUrl, + success: function (data) { + $('#rootDirs').html(data); + reloadAddNew(); + reloadExistingSeries(); + } }); - reloadAddNew(); - reloadExistingSeries(); } @@ -94,14 +112,16 @@ $('#saveNewSeries').live('click', function () { }, success: function () { $("#newSeriesLookup").val(""); - //$('#newSeriesPath').val(""); } }); }); function reloadAddNew() { - $.get(addNewUrl, function (data) { - $('#addNewSeries').html(data); + $.ajax({ + url: addNewUrl, + success: function (data) { + $('#addNewSeries').html(data); + } }); } @@ -121,7 +141,7 @@ $('#quickAddNew').live('click', function () { }, success: function () { $("#newSeriesLookup").val(""); - //$('#newSeriesPath').val(""); + $('#newSeriesPath').val(""); } }); }); diff --git a/NzbDrone.Web/Views/Settings/Sabnzbd.cshtml b/NzbDrone.Web/Views/Settings/Sabnzbd.cshtml index fd21e012d..1d6e48a72 100644 --- a/NzbDrone.Web/Views/Settings/Sabnzbd.cshtml +++ b/NzbDrone.Web/Views/Settings/Sabnzbd.cshtml @@ -69,7 +69,6 @@ $.ajax({ type: "GET", url: autoConfigureSabUrl, - //data: jQuery.param({ username: $('#SabUsername').val(), password: $('#SabPassword').val() }), error: function (req, status, error) { alert("Sorry! We could not autoconfigure SABnzbd for you"); },