From 2855ee88bdc2c480d1a0c6cfbb1d35f660cd88dc Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@bah.org.ru>
Date: Sat, 25 Apr 2009 12:15:26 +0400
Subject: catchupSelected: pass ids in POST to prevent url size limit problems

---
 modules/backend-rpc.php |  4 ++--
 viewfeed.js             | 28 ++++++++++++++++++++--------
 2 files changed, 22 insertions(+), 10 deletions(-)

diff --git a/modules/backend-rpc.php b/modules/backend-rpc.php
index 8b22bf850..3e4a94340 100644
--- a/modules/backend-rpc.php
+++ b/modules/backend-rpc.php
@@ -193,8 +193,8 @@
 		/* GET["cmode"] = 0 - mark as read, 1 - as unread, 2 - toggle */
 		if ($subop == "catchupSelected") {
 
-			$ids = split(",", db_escape_string($_GET["ids"]));
-			$cmode = sprintf("%d", $_GET["cmode"]);
+			$ids = split(",", db_escape_string($_REQUEST["ids"]));
+			$cmode = sprintf("%d", $_REQUEST["cmode"]);
 
 			catchupArticlesById($link, $ids, $cmode);
 
diff --git a/viewfeed.js b/viewfeed.js
index d21e3e623..6afc6c317 100644
--- a/viewfeed.js
+++ b/viewfeed.js
@@ -896,12 +896,15 @@ function toggleUnread(id, cmode, effect) {
 
 			if (cmode == undefined) cmode = 2;
 
-			var query = "backend.php?op=rpc&subop=catchupSelected&ids=" +
-				param_escape(id) + "&cmode=" + param_escape(cmode);
+			var query = "backend.php?op=rpc&subop=catchupSelected" +
+				"&cmode=" + param_escape(cmode);
+
+			var ids = "?ids=" + param_escape(id);
 
 //			notify_progress("Loading, please wait...");
 
 			new Ajax.Request(query, {
+				parameters: ids,
 				onComplete: function(transport) { 
 					all_counters_callback2(transport); 
 				} });
@@ -1049,12 +1052,15 @@ function selectionToggleUnread(cdm_mode, set_state, callback_func, no_error) {
 				cmode = "0";
 			}
 
-			var query = "backend.php?op=rpc&subop=catchupSelected&ids=" +
-				param_escape(rows.toString()) + "&cmode=" + cmode;
+			var query = "backend.php?op=rpc&subop=catchupSelected" +
+				"&cmode=" + cmode;
+
+			var ids = "?ids=" + param_escape(rows.toString()); 
 
 			notify_progress("Loading, please wait...");
 
 			new Ajax.Request(query, {
+				parameters: ids,
 				onComplete: function(transport) { 
 					catchup_callback2(transport, callback_func); 
 				} });
@@ -1548,10 +1554,13 @@ function cdmWatchdog() {
 				}
 			}
 
-			var query = "backend.php?op=rpc&subop=catchupSelected&ids=" +
-				param_escape(ids.toString()) + "&cmode=0";
+			var query = "backend.php?op=rpc&subop=catchupSelected" +
+				"&cmode=0";
+
+			var ids = "?ids=" + param_escape(ids.toString());
 
 			new Ajax.Request(query, {
+				parameters: ids,
 				onComplete: function(transport) { 
 					all_counters_callback2(transport); 
 				} });
@@ -1929,10 +1938,13 @@ function catchupRelativeToArticle(below) {
 					e.className = e.className.replace("Unread", "");
 				}
 
-				var query = "backend.php?op=rpc&subop=catchupSelected&ids=" +
-					param_escape(ids_to_mark.toString()) + "&cmode=0";
+				var query = "backend.php?op=rpc&subop=catchupSelected" +
+					"&cmode=0";
+
+				var ids = "?ids=" + param_escape(ids_to_mark.toString()); 
 
 				new Ajax.Request(query, {
+					parameters: ids,
 					onComplete: function(transport) { 
 						catchup_callback2(transport); 
 					} });
-- 
cgit v1.2.3