summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMarcel Korpel <marcel.korpel@gmail.com>2015-08-17 00:08:52 +0200
committerLukas Fleischer <lfleischer@archlinux.org>2015-08-17 04:20:45 +0200
commit095986b44974c569b36d34dd26902e910ccc7d8b (patch)
treecb4f0a10b5cd680fd06953f3c7431490a2e8da2a
parent60433a930d6701cef1133cdb344fc76f24693636 (diff)
downloadaurweb-095986b44974c569b36d34dd26902e910ccc7d8b.tar.xz
Do not allow empty comments
Fixes FS#45870. Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
-rw-r--r--web/html/pkgbase.php3
-rw-r--r--web/lib/pkgbasefuncs.inc.php10
2 files changed, 11 insertions, 2 deletions
diff --git a/web/html/pkgbase.php b/web/html/pkgbase.php
index 1581869..bc32e43 100644
--- a/web/html/pkgbase.php
+++ b/web/html/pkgbase.php
@@ -107,8 +107,7 @@ if (check_token()) {
list($ret, $output) = pkgbase_set_comaintainers($base_id, explode("\n", $_POST['users']));
} elseif (current_action("do_AddComment")) {
$uid = uid_from_sid($_COOKIE["AURSID"]);
- pkgbase_add_comment($base_id, $uid, $_REQUEST['comment']);
- $ret = true;
+ list($ret, $output) = pkgbase_add_comment($base_id, $uid, $_REQUEST['comment']);
$fragment = '#news';
} elseif (current_action("do_EditComment")) {
list($ret, $output) = pkgbase_edit_comment($_REQUEST['comment']);
diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php
index ccab635..677ae6b 100644
--- a/web/lib/pkgbasefuncs.inc.php
+++ b/web/lib/pkgbasefuncs.inc.php
@@ -81,6 +81,10 @@ function pkgbase_comments($base_id, $limit, $include_deleted) {
function pkgbase_add_comment($base_id, $uid, $comment) {
$dbh = DB::connect();
+ if (trim($comment) == '') {
+ return array(false, __('Comment cannot be empty.'));
+ }
+
$q = "INSERT INTO PackageComments ";
$q.= "(PackageBaseID, UsersID, Comments, CommentTS) VALUES (";
$q.= intval($base_id) . ", " . $uid . ", ";
@@ -102,6 +106,8 @@ function pkgbase_add_comment($base_id, $uid, $comment) {
if ($result) {
notify(array('comment', $uid, $base_id), $comment);
}
+
+ return array(true, __('Comment has been added.'));
}
/**
@@ -860,6 +866,10 @@ function pkgbase_edit_comment($comment) {
return array(false, __("Missing comment ID."));
}
+ if (trim($comment) == '') {
+ return array(false, __('Comment cannot be empty.'));
+ }
+
$dbh = DB::connect();
if (can_edit_comment($comment_id)) {
$q = "UPDATE PackageComments ";