[geeklog-cvs] geeklog: Topic ids now cannot include 'all', 'homeonly' and 'sel...
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Thu Sep 29 14:10:05 EDT 2011
changeset 8428:8595e3f17f4c
url: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/8595e3f17f4c
user: Tom <websitemaster at cogeco.net>
date: Thu Sep 29 13:54:38 2011 -0400
description:
Topic ids now cannot include 'all', 'homeonly' and 'selectedtopics'
diffstat:
public_html/admin/topic.php | 12 +++++++++++-
1 files changed, 11 insertions(+), 1 deletions(-)
diffs (36 lines):
diff -r 4257ae557e20 -r 8595e3f17f4c public_html/admin/topic.php
--- a/public_html/admin/topic.php Thu Sep 29 13:52:16 2011 -0400
+++ b/public_html/admin/topic.php Thu Sep 29 13:54:38 2011 -0400
@@ -341,6 +341,12 @@
list($perm_owner,$perm_group,$perm_members,$perm_anon) = SEC_getPermissionValues($perm_owner,$perm_group,$perm_members,$perm_anon);
$tid = COM_sanitizeID($tid);
+
+ // Check if tid is a restricted name
+ $restricted_tid = false;
+ if ($tid == TOPIC_ALL_OPTION || $tid == TOPIC_HOMEONLY_OPTION || $tid == TOPIC_SELECTED_OPTION) {
+ $restricted_tid = true;
+ }
$access = 0;
if (DB_count ($_TABLES['topics'], 'tid', $tid) > 0) {
@@ -358,7 +364,7 @@
. COM_showMessageText($MESSAGE[29], $MESSAGE[30])
. COM_siteFooter();
COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic $tid.");
- } elseif (!empty($tid) && !empty($topic)) {
+ } elseif (!empty($tid) && !empty($topic) && !$restricted_tid) {
if ($imageurl == '/images/topics/') {
$imageurl = '';
}
@@ -415,6 +421,10 @@
COM_olderStuff();
$retval = COM_refresh ($_CONF['site_admin_url'] . '/topic.php?msg=13');
+ } elseif ($restricted_tid) {
+ $retval .= COM_siteHeader('menu', $LANG27[1]);
+ $retval .= COM_errorLog($LANG27[31], 2);
+ $retval .= COM_siteFooter();
} else {
$retval .= COM_siteHeader('menu', $LANG27[1]);
$retval .= COM_errorLog($LANG27[7], 2);
More information about the geeklog-cvs
mailing list