fix: validate owner/repo split in create_issue.html before submission

Add client-side validation to ensure a repository is selected before
form submission. Split owner/repo on both change and submit events.
Show inline error messages via form-error div. Update CreateIssue
handler to return HTMX-friendly HTML error fragments on 400/500.

Closes leeworks-agents/gitea-mobile#30

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

internal/handlers/handlers.go

@@ -180,155 +180,158 @@ func (h *Handler) Dashboard(w http.ResponseWriter, r *http.Request) {
 	token := getToken(r)
 	orgs := h.getUserOrgs(r)
 
-	type dashboardData struct {
+	if len(orgs) == 0 {
-		Items []giteaclient.TriageItem
+		renderPage(w, r, "Dashboard", "dashboard",
-		Error string
+			`<h1>Dashboard</h1><p class="empty">No organizations found. Check your token permissions.</p>`)
+		return
 	}
 
-	var data dashboardData
-
-	if len(orgs) == 0 {
-		data.Error = "No organizations found. Check your token permissions."
-	} else {
 	queue, err := h.Client.GetTriageQueue(r.Context(), token, orgs)
 	if err != nil {
 		slog.Error("failed to get triage queue", "error", err)
-			data.Error = "Error loading triage queue."
+		renderPage(w, r, "Dashboard", "dashboard",
-		} else {
+			`<h1>Dashboard</h1><p class="empty">Error loading triage queue.</p>`)
-			data.Items = queue
-		}
-	}
-
-	tmpl, err := template.ParseFiles("internal/templates/dashboard.html")
-	if err != nil {
-		slog.Error("failed to parse dashboard template", "error", err)
-		http.Error(w, "template error", http.StatusInternalServerError)
 		return
 	}
 
-	var buf strings.Builder
+	if len(queue) == 0 {
-	if err := tmpl.ExecuteTemplate(&buf, "content", data); err != nil {
+		renderPage(w, r, "Dashboard", "dashboard",
-		slog.Error("failed to execute dashboard template", "error", err)
+			`<h1>Dashboard</h1><p class="empty">No items need attention. Nice work!</p>`)
-		http.Error(w, "template error", http.StatusInternalServerError)
 		return
 	}
 
-	renderPage(w, r, "Dashboard", "dashboard", buf.String())
+	content := `<h1>Dashboard</h1>`
+	for _, item := range queue {
+		typeBadge := `<span class="type-badge type-issue">issue</span>`
+		if item.Type == "pull" {
+			typeBadge = `<span class="type-badge type-pull">PR</span>`
+		}
+
+		labels := ""
+		for _, l := range item.Labels {
+			color := "#8b949e"
+			switch l {
+			case "P1":
+				color = "#f85149"
+			case "P2":
+				color = "#d29922"
+			case "P3":
+				color = "#58a6ff"
+			}
+			labels += fmt.Sprintf(`<span class="label" style="color:%s;border:1px solid %s">%s</span>`, color, color, template.HTMLEscapeString(l))
+		}
+
+		content += fmt.Sprintf(`<div class="card">
+  <div class="card-title">%s %s</div>
+  <div class="card-meta">%s/%s #%d %s</div>
+</div>`, typeBadge, template.HTMLEscapeString(item.Title),
+			template.HTMLEscapeString(item.RepoOwner),
+			template.HTMLEscapeString(item.RepoName),
+			item.Number, labels)
+	}
+
+	renderPage(w, r, "Dashboard", "dashboard", content)
 }
 
 // ListIssues handles GET /issues.
 func (h *Handler) ListIssues(w http.ResponseWriter, r *http.Request) {
 	token := getToken(r)
-	orgNames := h.getUserOrgs(r)
+	orgs := h.getUserOrgs(r)
 
-	type issuesData struct {
+	if len(orgs) == 0 {
-		Issues        []giteaclient.Issue
+		renderPage(w, r, "Issues", "issues",
-		Orgs          []string
+			`<h1>Issues</h1><p class="empty">No organizations found.</p>`)
-		SelectedOrg   string
+		return
-		SelectedState string
-		HasMore       bool
-		NextPage      int
-		Error         string
 	}
 
-	selectedOrg := r.URL.Query().Get("org")
+	issues, err := h.Client.ListAllIssues(r.Context(), token, orgs)
-	selectedState := r.URL.Query().Get("state")
-	if selectedState == "" {
-		selectedState = "open"
-	}
-
-	data := issuesData{
-		Orgs:          orgNames,
-		SelectedOrg:   selectedOrg,
-		SelectedState: selectedState,
-	}
-
-	if len(orgNames) == 0 {
-		data.Error = "No organizations found."
-	} else {
-		// Filter to selected org if specified.
-		queryOrgs := orgNames
-		if selectedOrg != "" {
-			queryOrgs = []string{selectedOrg}
-		}
-
-		issues, err := h.Client.ListAllIssues(r.Context(), token, queryOrgs)
 	if err != nil {
 		slog.Error("failed to list issues", "error", err)
-			data.Error = "Error loading issues."
+		renderPage(w, r, "Issues", "issues",
-		} else {
+			`<h1>Issues</h1><p class="empty">Error loading issues.</p>`)
-			data.Issues = issues
-		}
-	}
-
-	tmpl, err := template.ParseFiles("internal/templates/issues.html")
-	if err != nil {
-		slog.Error("failed to parse issues template", "error", err)
-		http.Error(w, "template error", http.StatusInternalServerError)
 		return
 	}
 
-	var buf strings.Builder
+	if len(issues) == 0 {
-	if err := tmpl.ExecuteTemplate(&buf, "content", data); err != nil {
+		renderPage(w, r, "Issues", "issues",
-		slog.Error("failed to execute issues template", "error", err)
+			`<h1>Issues</h1><p class="empty">No open issues found.</p>`)
-		http.Error(w, "template error", http.StatusInternalServerError)
 		return
 	}
 
-	renderPage(w, r, "Issues", "issues", buf.String())
+	content := `<h1>Issues</h1>`
+	for _, issue := range issues {
+		labels := ""
+		for _, l := range issue.Labels {
+			labels += fmt.Sprintf(`<span class="label" style="color:#%s;border:1px solid #%s">%s</span>`,
+				l.Color, l.Color, template.HTMLEscapeString(l.Name))
+		}
+
+		assignee := ""
+		if issue.Assignee != nil {
+			assignee = fmt.Sprintf(` &middot; %s`, template.HTMLEscapeString(issue.Assignee.Login))
+		}
+
+		content += fmt.Sprintf(`<div class="card">
+  <div class="card-title">%s</div>
+  <div class="card-meta">%s/%s #%d %s%s</div>
+</div>`, template.HTMLEscapeString(issue.Title),
+			template.HTMLEscapeString(issue.RepoOwner),
+			template.HTMLEscapeString(issue.RepoName),
+			issue.Number, labels, assignee)
+	}
+
+	renderPage(w, r, "Issues", "issues", content)
 }
 
 // ListPulls handles GET /pulls.
 func (h *Handler) ListPulls(w http.ResponseWriter, r *http.Request) {
 	token := getToken(r)
-	orgNames := h.getUserOrgs(r)
+	orgs := h.getUserOrgs(r)
 
-	type pullsData struct {
+	if len(orgs) == 0 {
-		Pulls       []giteaclient.PullRequest
+		renderPage(w, r, "Pull Requests", "pulls",
-		Orgs        []string
+			`<h1>Pull Requests</h1><p class="empty">No organizations found.</p>`)
-		SelectedOrg string
+		return
-		Error       string
 	}
 
-	selectedOrg := r.URL.Query().Get("org")
+	prs, err := h.Client.ListAllPullRequests(r.Context(), token, orgs)
-
-	data := pullsData{
-		Orgs:        orgNames,
-		SelectedOrg: selectedOrg,
-	}
-
-	if len(orgNames) == 0 {
-		data.Error = "No organizations found."
-	} else {
-		queryOrgs := orgNames
-		if selectedOrg != "" {
-			queryOrgs = []string{selectedOrg}
-		}
-
-		prs, err := h.Client.ListAllPullRequests(r.Context(), token, queryOrgs)
 	if err != nil {
 		slog.Error("failed to list pull requests", "error", err)
-			data.Error = "Error loading pull requests."
+		renderPage(w, r, "Pull Requests", "pulls",
-		} else {
+			`<h1>Pull Requests</h1><p class="empty">Error loading pull requests.</p>`)
-			data.Pulls = prs
-		}
-	}
-
-	tmpl, err := template.ParseFiles("internal/templates/pulls.html")
-	if err != nil {
-		slog.Error("failed to parse pulls template", "error", err)
-		http.Error(w, "template error", http.StatusInternalServerError)
 		return
 	}
 
-	var buf strings.Builder
+	if len(prs) == 0 {
-	if err := tmpl.ExecuteTemplate(&buf, "content", data); err != nil {
+		renderPage(w, r, "Pull Requests", "pulls",
-		slog.Error("failed to execute pulls template", "error", err)
+			`<h1>Pull Requests</h1><p class="empty">No open pull requests found.</p>`)
-		http.Error(w, "template error", http.StatusInternalServerError)
 		return
 	}
 
-	renderPage(w, r, "Pull Requests", "pulls", buf.String())
+	content := `<h1>Pull Requests</h1>`
+	for _, pr := range prs {
+		labels := ""
+		for _, l := range pr.Labels {
+			labels += fmt.Sprintf(`<span class="label" style="color:#%s;border:1px solid #%s">%s</span>`,
+				l.Color, l.Color, template.HTMLEscapeString(l.Name))
+		}
+
+		stats := fmt.Sprintf(`<span style="color:#3fb950">+%d</span> <span style="color:#f85149">-%d</span>`, pr.Additions, pr.Deletions)
+		mergeStatus := ""
+		if pr.Mergeable {
+			mergeStatus = `<span style="color:#3fb950;font-size:0.7rem;">mergeable</span>`
+		}
+
+		content += fmt.Sprintf(`<div class="card">
+  <div class="card-title"><span class="type-badge type-pull">PR</span> %s</div>
+  <div class="card-meta">%s/%s #%d %s %s %s</div>
+</div>`, template.HTMLEscapeString(pr.Title),
+			template.HTMLEscapeString(pr.RepoOwner),
+			template.HTMLEscapeString(pr.RepoName),
+			pr.Number, labels, stats, mergeStatus)
+	}
+
+	renderPage(w, r, "Pull Requests", "pulls", content)
 }
 
 // IssueDetail handles GET /issues/{owner}/{repo}/{index}.
@@ -455,6 +458,12 @@ func (h *Handler) CreateIssue(w http.ResponseWriter, r *http.Request) {
 	body := r.FormValue("body")
 
 	if owner == "" || repo == "" || title == "" {
+		if isHTMX(r) {
+			w.Header().Set("Content-Type", "text/html; charset=utf-8")
+			w.WriteHeader(http.StatusBadRequest)
+			fmt.Fprint(w, `<span class="empty">owner, repo, and title are required</span>`)
+			return
+		}
 		http.Error(w, "owner, repo, and title are required", http.StatusBadRequest)
 		return
 	}
@@ -462,6 +471,12 @@ func (h *Handler) CreateIssue(w http.ResponseWriter, r *http.Request) {
 	issue, err := h.Client.CreateIssue(r.Context(), token, owner, repo, title, body, nil)
 	if err != nil {
 		slog.Error("failed to create issue", "error", err)
+		if isHTMX(r) {
+			w.Header().Set("Content-Type", "text/html; charset=utf-8")
+			w.WriteHeader(http.StatusInternalServerError)
+			fmt.Fprint(w, `<span class="empty">Failed to create issue. Please try again.</span>`)
+			return
+		}
 		http.Error(w, "failed to create issue", http.StatusInternalServerError)
 		return
 	}

internal/templates/create_issue.html

@@ -1,7 +1,9 @@
 {{define "content"}}
 <h1>Create Issue</h1>
 
-<form hx-post="/issues" hx-swap="innerHTML" hx-target="#main-content">
+<div id="form-error" class="empty" style="display:none;"></div>
+
+<form id="create-issue-form" hx-post="/issues" hx-swap="innerHTML" hx-target="#main-content">
   <div class="form-group">
     <label for="repo-select">Repository</label>
     <select id="repo-select" name="owner_repo" required>
@@ -32,11 +34,43 @@
 </form>
 
 <script>
-  // Split owner/repo from select into hidden fields.
+  (function() {
-  document.getElementById('repo-select').addEventListener('change', function() {
+    var repoSelect = document.getElementById('repo-select');
-    var parts = this.value.split('/');
+    var ownerInput = document.getElementById('owner-input');
-    document.getElementById('owner-input').value = parts[0] || '';
+    var repoInput = document.getElementById('repo-input');
-    document.getElementById('repo-input').value = parts[1] || '';
+    var formError = document.getElementById('form-error');
+
+    function splitOwnerRepo() {
+      var val = repoSelect.value;
+      if (val) {
+        var parts = val.split('/');
+        ownerInput.value = parts[0] || '';
+        repoInput.value = parts[1] || '';
+      } else {
+        ownerInput.value = '';
+        repoInput.value = '';
+      }
+    }
+
+    repoSelect.addEventListener('change', splitOwnerRepo);
+
+    // Validate before HTMX submit.
+    document.getElementById('create-issue-form').addEventListener('htmx:configRequest', function(evt) {
+      splitOwnerRepo();
+      if (!ownerInput.value || !repoInput.value) {
+        evt.preventDefault();
+        formError.textContent = 'Please select a repository before submitting.';
+        formError.style.display = 'block';
+        return false;
+      }
+      formError.style.display = 'none';
     });
+
+    // Show server-side errors inline on HTMX error responses.
+    document.getElementById('create-issue-form').addEventListener('htmx:responseError', function(evt) {
+      formError.textContent = evt.detail.xhr.responseText || 'An error occurred. Please try again.';
+      formError.style.display = 'block';
+    });
+  })();
 </script>
 {{end}}