[geeklog-hg] geeklog: Make sure topic id exists on search form before startin...

[geeklog-cvs at lists.geeklog.net]

changeset 9268:1c57354ff54d
url:  http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/1c57354ff54d
user: Tom <websitemaster at cogeco.net>
date: Wed Aug 28 20:42:44 2013 -0400
description:
Make sure topic id exists on search form before starting search. If it does not (or the user doesn't have access it switches to All topics.

diffstat:

 system/classes/search.class.php |  8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diffs (18 lines):

diff -r 71220d2eb3a1 -r 1c57354ff54d system/classes/search.class.php
--- a/system/classes/search.class.php	Sun Aug 25 20:41:20 2013 -0400
+++ b/system/classes/search.class.php	Wed Aug 28 20:42:44 2013 -0400
@@ -82,7 +82,13 @@
             $this->_query = strip_tags (COM_stripslashes ($_GET['query']));
         }
         if (isset ($_GET['topic'])) {
-            $this->_topic = COM_applyFilter ($_GET['topic']);
+            // see if topic exists
+            $tid = COM_applyFilter ($_GET['topic']);
+                 
+            // If it exists and user has access to it, it will return itself else an empty string     
+            $tid = DB_getItem($_TABLES['topics'], 'tid', "tid = '$tid'" . COM_getPermSQL('AND', 0, 2));                 
+            
+            $this->_topic = $tid;
         } else {
             $last_topic = SESS_getVariable('topic');
             if ($last_topic != '') {