[geeklog-hg] geeklog: Make sure topic id exists on search form before startin...
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Wed Aug 28 20:43:28 EDT 2013
changeset 9268:1c57354ff54d
url: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/1c57354ff54d
user: Tom <websitemaster at cogeco.net>
date: Wed Aug 28 20:42:44 2013 -0400
description:
Make sure topic id exists on search form before starting search. If it does not (or the user doesn't have access it switches to All topics.
diffstat:
system/classes/search.class.php | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
diffs (18 lines):
diff -r 71220d2eb3a1 -r 1c57354ff54d system/classes/search.class.php
--- a/system/classes/search.class.php Sun Aug 25 20:41:20 2013 -0400
+++ b/system/classes/search.class.php Wed Aug 28 20:42:44 2013 -0400
@@ -82,7 +82,13 @@
$this->_query = strip_tags (COM_stripslashes ($_GET['query']));
}
if (isset ($_GET['topic'])) {
- $this->_topic = COM_applyFilter ($_GET['topic']);
+ // see if topic exists
+ $tid = COM_applyFilter ($_GET['topic']);
+
+ // If it exists and user has access to it, it will return itself else an empty string
+ $tid = DB_getItem($_TABLES['topics'], 'tid', "tid = '$tid'" . COM_getPermSQL('AND', 0, 2));
+
+ $this->_topic = $tid;
} else {
$last_topic = SESS_getVariable('topic');
if ($last_topic != '') {
More information about the geeklog-cvs
mailing list