[geeklog-cvs] geeklog-1.3/public_html comment.php,1.54.2.1,1.54.2.2 index.php,1.56,1.56.2.1
dhaun at iowaoutdoors.org
dhaun at iowaoutdoors.org
Mon May 31 06:51:19 EDT 2004
Update of /var/cvs/geeklog-1.3/public_html
In directory www:/tmp/cvs-serv13750
Modified Files:
Tag: geeklog_1_3_9_1
comment.php index.php
Log Message:
Use COM_getTopicSQL() for proper check of topic permissions.
Index: comment.php
===================================================================
RCS file: /var/cvs/geeklog-1.3/public_html/comment.php,v
retrieving revision 1.54.2.1
retrieving revision 1.54.2.2
diff -C2 -d -r1.54.2.1 -r1.54.2.2
*** comment.php 31 May 2004 10:47:51 -0000 1.54.2.1
--- comment.php 31 May 2004 10:51:17 -0000 1.54.2.2
***************
*** 429,433 ****
$allowed = 1;
if ($type == 'article') {
! $result = DB_query ("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (sid = '$sid') AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL ('AND'));
$A = DB_fetchArray ($result);
$allowed = $A['count'];
--- 429,433 ----
$allowed = 1;
if ($type == 'article') {
! $result = DB_query ("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (sid = '$sid') AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL ('AND') . COM_getTopicSQL ('AND'));
$A = DB_fetchArray ($result);
$allowed = $A['count'];
Index: index.php
===================================================================
RCS file: /var/cvs/geeklog-1.3/public_html/index.php,v
retrieving revision 1.56
retrieving revision 1.56.2.1
diff -C2 -d -r1.56 -r1.56.2.1
*** index.php 28 Feb 2004 16:57:47 -0000 1.56
--- index.php 31 May 2004 10:51:17 -0000 1.56.2.1
***************
*** 151,166 ****
}
! $tresult = DB_query ("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
! $trows = DB_numRows ($tresult);
! if ($trows > 0) {
! $tids = array ();
! for ($i = 0; $i < $trows; $i++) {
! $T = DB_fetchArray ($tresult);
! $tids[] = $T['tid'];
! }
! if (sizeof ($tids) > 0) {
! $sql .= "AND (tid IN ('" . implode ("','", $tids) . "')) ";
! }
! }
if ($newstories) {
--- 151,155 ----
}
! $sql .= COM_getTopicSQL ('AND') . ' ';
if ($newstories) {
More information about the geeklog-cvs
mailing list