From f12bec530a86c38c707648f0201fda265f78e440 Mon Sep 17 00:00:00 2001
From: Daniel Friesel <derf@finalrewind.org>
Date: Mon, 26 Dec 2022 15:35:33 +0100
Subject: yearly/monthly history: return 404 for invalid dates

---
 lib/Travelynx/Controller/Traveling.pm | 98 ++++++++++++++++-------------------
 templates/history_by_year.html.ep     | 19 ++++++-
 2 files changed, 63 insertions(+), 54 deletions(-)

diff --git a/lib/Travelynx/Controller/Traveling.pm b/lib/Travelynx/Controller/Traveling.pm
index 1517a7b..dee6c1f 100755
--- a/lib/Travelynx/Controller/Traveling.pm
+++ b/lib/Travelynx/Controller/Traveling.pm
@@ -1454,33 +1454,29 @@ sub yearly_history {
 	# -> Limit time range to avoid accidental DoS.
 	if ( not( $year =~ m{ ^ [0-9]{4} $ }x and $year > 1990 and $year < 2100 ) )
 	{
-		@journeys = $self->journeys->get(
-			uid           => $self->current_user->{id},
-			with_datetime => 1
-		);
-	}
-	else {
-		my $interval_start = DateTime->new(
-			time_zone => 'Europe/Berlin',
-			year      => $year,
-			month     => 1,
-			day       => 1,
-			hour      => 0,
-			minute    => 0,
-			second    => 0,
-		);
-		my $interval_end = $interval_start->clone->add( years => 1 );
-		@journeys = $self->journeys->get(
-			uid           => $self->current_user->{id},
-			after         => $interval_start,
-			before        => $interval_end,
-			with_datetime => 1
-		);
-		$stats = $self->journeys->get_stats(
-			uid  => $self->current_user->{id},
-			year => $year
-		);
+		$self->render('not_found');
+		return;
 	}
+	my $interval_start = DateTime->new(
+		time_zone => 'Europe/Berlin',
+		year      => $year,
+		month     => 1,
+		day       => 1,
+		hour      => 0,
+		minute    => 0,
+		second    => 0,
+	);
+	my $interval_end = $interval_start->clone->add( years => 1 );
+	@journeys = $self->journeys->get(
+		uid           => $self->current_user->{id},
+		after         => $interval_start,
+		before        => $interval_end,
+		with_datetime => 1
+	);
+	$stats = $self->journeys->get_stats(
+		uid  => $self->current_user->{id},
+		year => $year
+	);
 
 	$self->respond_to(
 		json => {
@@ -1519,34 +1515,30 @@ sub monthly_history {
 			and $month < 13 )
 	  )
 	{
-		@journeys = $self->journeys->get(
-			uid           => $self->current_user->{id},
-			with_datetime => 1
-		);
-	}
-	else {
-		my $interval_start = DateTime->new(
-			time_zone => 'Europe/Berlin',
-			year      => $year,
-			month     => $month,
-			day       => 1,
-			hour      => 0,
-			minute    => 0,
-			second    => 0,
-		);
-		my $interval_end = $interval_start->clone->add( months => 1 );
-		@journeys = $self->journeys->get(
-			uid           => $self->current_user->{id},
-			after         => $interval_start,
-			before        => $interval_end,
-			with_datetime => 1
-		);
-		$stats = $self->journeys->get_stats(
-			uid   => $self->current_user->{id},
-			year  => $year,
-			month => $month
-		);
+		$self->render('not_found');
+		return;
 	}
+	my $interval_start = DateTime->new(
+		time_zone => 'Europe/Berlin',
+		year      => $year,
+		month     => $month,
+		day       => 1,
+		hour      => 0,
+		minute    => 0,
+		second    => 0,
+	);
+	my $interval_end = $interval_start->clone->add( months => 1 );
+	@journeys = $self->journeys->get(
+		uid           => $self->current_user->{id},
+		after         => $interval_start,
+		before        => $interval_end,
+		with_datetime => 1
+	);
+	$stats = $self->journeys->get_stats(
+		uid   => $self->current_user->{id},
+		year  => $year,
+		month => $month
+	);
 
 	$self->respond_to(
 		json => {
diff --git a/templates/history_by_year.html.ep b/templates/history_by_year.html.ep
index a112258..9f9b022 100644
--- a/templates/history_by_year.html.ep
+++ b/templates/history_by_year.html.ep
@@ -3,7 +3,24 @@
 % if (stash('statistics')) {
 	%= include '_history_stats', stats => stash('statistics');
 % }
-%
+
+<div class="row">
+	% if (stash('have_review')) {
+	<div class="col s12 m12 l5 center-align">
+		<a href="/history/map?filter_after=1.1.<%= $year %>&amp;filter_before=31.12.<%= $year %>" class="waves-effect waves-light btn"><i class="material-icons left" aria-hidden="true">map</i> Karte</a>
+	</div>
+	<div class="col s12 m12 l2">&nbsp;</div>
+	<div class="col s12 m12 l5 center-align">
+		<a href="/history/<%= $year %>/review" class="waves-effect waves-light btn"><i class="material-icons left" aria-hidden="true">camera_roll</i> Rückblick</a>
+	</div>
+	% }
+	% else {
+	<div class="col s12 m12 l12 center-align">
+		<a href="/history/map?filter_after=1.1.<%= $year %>&amp;filter_before=31.12.<%= $year %>" class="waves-effect waves-light btn"><i class="material-icons left" aria-hidden="true">map</i> Karte</a>
+	</div>
+	% }
+</div>
+
 %= include '_history_months_for_year';
 
 % if (stash('journeys')) {
-- 
cgit v1.2.3