|
|
[geeklog-cvs] geeklog: Check story permissions when emailing a story: msg#00040geeklog-cvs
details: http://project.geeklog.net/cgi-bin/hgweb.cgi/rev/afae3e80949c changeset: 7201:afae3e80949c user: Dirk Haun <dirk@xxxxxxxxxxxxxx> date: Wed Jul 29 19:56:01 2009 +0200 description: Check story permissions when emailing a story diffstat: public_html/profiles.php | 16 +++++++++++++--- 1 files changed, 13 insertions(+), 3 deletions(-) diffs (33 lines): diff -r 1f2c0ab2b681 -r afae3e80949c public_html/profiles.php --- a/public_html/profiles.php Wed Jul 29 19:49:55 2009 +0200 +++ b/public_html/profiles.php Wed Jul 29 19:56:01 2009 +0200 @@ -300,9 +300,13 @@ return $retval; } - $sql = "SELECT uid,title,introtext,bodytext,commentcode,UNIX_TIMESTAMP(date) AS day FROM {$_TABLES['stories']} WHERE sid = '$sid'"; - $result = DB_query ($sql); - $A = DB_fetchArray ($result); + $sql = "SELECT uid,title,introtext,bodytext,commentcode,UNIX_TIMESTAMP(date) AS day FROM {$_TABLES['stories']} WHERE sid = '$sid'" . COM_getTopicSql('AND') . COM_getPermSql('AND'); + $result = DB_query($sql); + if (DB_numRows($result) == 0) { + return COM_refresh($_CONF['site_url'] . '/index.php'); + } + $A = DB_fetchArray($result); + $shortmsg = COM_stripslashes ($shortmsg); $mailtext = sprintf ($LANG08[23], $from, $fromemail) . LB; if (strlen ($shortmsg) > 0) { @@ -392,6 +396,12 @@ return $retval; } + $result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE sid = '$sid'" . COM_getTopicSql('AND') . COM_getPermSql('AND')); + $A = DB_fetchArray($result); + if ($A['count'] == 0) { + return COM_refresh($_CONF['site_url'] . '/index.php'); + } + if ($msg > 0) { $retval .= COM_showMessage ($msg); } _______________________________________________ geeklog-cvs mailing list geeklog-cvs@xxxxxxxxxxxxxxxxx http://eight.pairlist.net/mailman/listinfo/geeklog-cvs
|
|
||||||||||||||||||||||||||
| News | Mail Home | sitemap | FAQ | advertise |