summaryrefslogtreecommitdiffstats
path: root/web/template/actions_form.php
diff options
context:
space:
mode:
authorelij <elij.mx@gmail.com>2011-05-11 16:17:12 -0700
committerLukas Fleischer <archlinux@cryptocrack.de>2011-05-17 10:43:42 +0200
commit0898f1447a2d6bdc893f55f4718f867734841361 (patch)
tree22ab9736ad4b92af12daeb3a5215b126c3a8c22c /web/template/actions_form.php
parentd38f3460e55ad4e8486c63902f3b581684d6f188 (diff)
downloadaurweb-0898f1447a2d6bdc893f55f4718f867734841361.tar.xz
test return value from db_query before assuming it is valid
make the sql query form consistent in usage by cleaning up instances where db_query's result was not inspected before attempting to fetch row data from the handle Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/template/actions_form.php')
-rw-r--r--web/template/actions_form.php52
1 files changed, 29 insertions, 23 deletions
diff --git a/web/template/actions_form.php b/web/template/actions_form.php
index 45bc09b..058002f 100644
--- a/web/template/actions_form.php
+++ b/web/template/actions_form.php
@@ -8,39 +8,45 @@
#
$q = "SELECT * FROM PackageVotes WHERE UsersID = ". $uid;
$q.= " AND PackageID = ".$row["ID"];
- if (!mysql_num_rows(db_query($q, $dbh))) {
- echo " <input type='submit' class='button' name='do_Vote'";
- echo " value='".__("Vote")."' /> ";
- } else {
- echo "<input type='submit' class='button' name='do_UnVote'";
- echo " value='".__("UnVote")."' /> ";
+ $result = db_query($q, $dbh);
+ if ($result) {
+ if (!mysql_num_rows($result)) {
+ echo " <input type='submit' class='button' name='do_Vote'";
+ echo " value='".__("Vote")."' /> ";
+ } else {
+ echo "<input type='submit' class='button' name='do_UnVote'";
+ echo " value='".__("UnVote")."' /> ";
+ }
}
# Comment Notify Button
#
$q = "SELECT * FROM CommentNotify WHERE UserID = ". $uid;
$q.= " AND PkgID = ".$row["ID"];
- if (!mysql_num_rows(db_query($q, $dbh))) {
- echo "<input type='submit' class='button' name='do_Notify'";
- echo " value='".__("Notify")."' title='".__("New Comment Notification")."' /> ";
- } else {
- echo "<input type='submit' class='button' name='do_UnNotify'";
- echo " value='".__("UnNotify")."' title='".__("No New Comment Notification")."' /> ";
+ $result = db_query($q, $dbh);
+ if ($result) {
+ if (!mysql_num_rows($result)) {
+ echo "<input type='submit' class='button' name='do_Notify'";
+ echo " value='".__("Notify")."' title='".__("New Comment Notification")."' /> ";
+ } else {
+ echo "<input type='submit' class='button' name='do_UnNotify'";
+ echo " value='".__("UnNotify")."' title='".__("No New Comment Notification")."' /> ";
+ }
}
-if ($row["OutOfDateTS"] === NULL) {
- echo "<input type='submit' class='button' name='do_Flag'";
- echo " value='".__("Flag Out-of-date")."' />\n";
-} else {
- echo "<input type='submit' class='button' name='do_UnFlag'";
- echo " value='".__("UnFlag Out-of-date")."' />\n";
+ if ($row["OutOfDateTS"] === NULL) {
+ echo "<input type='submit' class='button' name='do_Flag'";
+ echo " value='".__("Flag Out-of-date")."' />\n";
+ } else {
+ echo "<input type='submit' class='button' name='do_UnFlag'";
+ echo " value='".__("UnFlag Out-of-date")."' />\n";
}
-if ($row["MaintainerUID"] === NULL) {
- echo "<input type='submit' class='button' name='do_Adopt'";
- echo " value='".__("Adopt Packages")."' />\n";
-} else if ($uid == $row["MaintainerUID"] ||
- $atype == "Trusted User" || $atype == "Developer") {
+ if ($row["MaintainerUID"] === NULL) {
+ echo "<input type='submit' class='button' name='do_Adopt'";
+ echo " value='".__("Adopt Packages")."' />\n";
+ } else if ($uid == $row["MaintainerUID"] ||
+ $atype == "Trusted User" || $atype == "Developer") {
echo "<input type='submit' class='button' name='do_Disown'";
echo " value='".__("Disown Packages")."' />\n";
}