diff options
author | Lukas Fleischer <archlinux@cryptocrack.de> | 2014-07-23 15:37:31 +0200 |
---|---|---|
committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2014-07-23 17:53:28 +0200 |
commit | 48ae736068f9953ba69c91190ef7eb7b056c2b50 (patch) | |
tree | 67520237779498ac88abcffe5ed3695d65c1a774 /web | |
parent | 446d4537d4caab1bb76a9612c1a16f5060618673 (diff) | |
download | aurweb-48ae736068f9953ba69c91190ef7eb7b056c2b50.tar.xz |
Prevent merging a package base with itself
Instead of deleting the package, show an error message if a user tries
to merge a package base with itself.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web')
-rw-r--r-- | web/html/pkgbase.php | 11 | ||||
-rw-r--r-- | web/lib/pkgreqfuncs.inc.php | 4 |
2 files changed, 11 insertions, 4 deletions
diff --git a/web/html/pkgbase.php b/web/html/pkgbase.php index 4f35a67..691639c 100644 --- a/web/html/pkgbase.php +++ b/web/html/pkgbase.php @@ -69,12 +69,15 @@ if (check_token()) { } else { $merge_base_id = pkgbase_from_name($_POST['merge_Into']); - if ($merge_base_id) { - list($ret, $output) = pkgbase_delete($ids, $merge_base_id, $via); - unset($_GET['ID']); - } else { + if (!$merge_base_id) { $output = __("Cannot find package to merge votes and comments into."); $ret = false; + } elseif (in_array($merge_base_id, $ids)) { + $output = __("Cannot merge a package base with itself."); + $ret = false; + } else { + list($ret, $output) = pkgbase_delete($ids, $merge_base_id, $via); + unset($_GET['ID']); } } } diff --git a/web/lib/pkgreqfuncs.inc.php b/web/lib/pkgreqfuncs.inc.php index 41d1515..8fba838 100644 --- a/web/lib/pkgreqfuncs.inc.php +++ b/web/lib/pkgreqfuncs.inc.php @@ -110,6 +110,10 @@ function pkgreq_file($ids, $type, $merge_into, $comments) { $base_id = intval($ids[0]); $pkgbase_name = pkgbase_name_from_id($base_id); + if ($merge_into == $pkgbase_name) { + return array(false, __("Cannot merge a package base with itself.")); + } + $q = "SELECT ID FROM RequestTypes WHERE Name = " . $dbh->quote($type); $result = $dbh->query($q); if ($row = $result->fetch(PDO::FETCH_ASSOC)) { |