[geeklog-cvs] geeklog: Fixed (mostly) blank page when calling up a non-existin...
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Thu May 21 16:02:12 EDT 2009
details: http://project.geeklog.net/cgi-bin/hgweb.cgi/rev/3bbdba8ccdb4
changeset: 7048:3bbdba8ccdb4
user: Dirk Haun <dirk at haun-online.de>
date: Thu May 21 22:02:01 2009 +0200
description:
Fixed (mostly) blank page when calling up a non-existing poll ID (reported by scarecrow); also fixed being able to find out a poll's title when you didn't have access to the poll
diffstat:
public_html/docs/history | 7 +++++++
public_html/polls/index.php | 49 ++++++++++++++++++++++++++++---------------------
2 files changed, 35 insertions(+), 21 deletions(-)
diffs (77 lines):
diff -r 8d6120c198aa -r 3bbdba8ccdb4 public_html/docs/history
--- a/public_html/docs/history Thu May 21 21:27:11 2009 +0200
+++ b/public_html/docs/history Thu May 21 22:02:01 2009 +0200
@@ -33,6 +33,13 @@
- Added a verbose logging option to the search class and make it default to off
[Dirk]
+Polls plugin
+------------
+- If you knew a poll's ID, you could find out the poll's title even if you did
+ not have access to the poll [Dirk]
+- Fixed (mostly) blank page when calling up a non-existing poll ID (reported
+ by scarecrow) [Dirk]
+
Static Pages plugin
-------------------
- Fixed handling of "entire page" centerblocks in a multi-language environment:
diff -r 8d6120c198aa -r 3bbdba8ccdb4 public_html/polls/index.php
--- a/public_html/polls/index.php Thu May 21 21:27:11 2009 +0200
+++ b/public_html/polls/index.php Thu May 21 22:02:01 2009 +0200
@@ -169,28 +169,35 @@
$_CONF['cookiesecure']);
$display .= COM_siteHeader() . POLLS_pollsave($pid, $aid);
} elseif (! empty($pid)) {
- $topic = DB_getItem ($_TABLES['polltopics'], 'topic', "pid = '{$pid}'");
- $display .= COM_siteHeader('menu', $topic);
- if ($msg > 0) {
- $display .= COM_showMessage($msg, 'polls');
- }
- if (isset($_POST['aid'])) {
- $display .= COM_startBlock (
- $LANG_POLLS['not_saved'], '',
- COM_getBlockTemplate ('_msg_block', 'header'))
- . $LANG_POLLS['answer_all'] . ' "' . $topic . '"'
- . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
- }
- if (DB_getItem($_TABLES['polltopics'], 'is_open', "pid = '$pid'") != 1) {
- $aid = -1; // poll closed - show result
- }
- if (!isset ($_COOKIE['poll-'.$pid])
- && !POLLS_ipAlreadyVoted ($pid)
- && $aid != -1
- ) {
- $display .= POLLS_pollVote ($pid);
+ $topic = DB_getItem($_TABLES['polltopics'], 'topic',
+ "pid = '{$pid}'" . COM_getPermSQL('AND'));
+ if (empty($topic)) {
+ // poll doesn't exist or user doesn't have access
+ $display .= COM_siteHeader('menu', $LANG_POLLS['pollstitle'])
+ . COM_showMessageText(sprintf($LANG25[12], $pid));
} else {
- $display .= POLLS_pollResults ($pid, 400, $order, $mode);
+ $display .= COM_siteHeader('menu', $topic);
+ if ($msg > 0) {
+ $display .= COM_showMessage($msg, 'polls');
+ }
+ if (isset($_POST['aid'])) {
+ $display .= COM_startBlock (
+ $LANG_POLLS['not_saved'], '',
+ COM_getBlockTemplate ('_msg_block', 'header'))
+ . $LANG_POLLS['answer_all'] . ' "' . $topic . '"'
+ . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
+ }
+ if (DB_getItem($_TABLES['polltopics'], 'is_open', "pid = '$pid'") != 1) {
+ $aid = -1; // poll closed - show result
+ }
+ if (!isset ($_COOKIE['poll-'.$pid])
+ && !POLLS_ipAlreadyVoted ($pid)
+ && $aid != -1
+ ) {
+ $display .= POLLS_pollVote ($pid);
+ } else {
+ $display .= POLLS_pollResults ($pid, 400, $order, $mode);
+ }
}
} else {
$poll_topic = DB_query ("SELECT topic FROM {$_TABLES['polltopics']} WHERE pid='$pid'" . COM_getPermSql ('AND'));
More information about the geeklog-cvs
mailing list