From 095986b44974c569b36d34dd26902e910ccc7d8b Mon Sep 17 00:00:00 2001 From: Marcel Korpel Date: Mon, 17 Aug 2015 00:08:52 +0200 Subject: Do not allow empty comments Fixes FS#45870. Signed-off-by: Marcel Korpel Signed-off-by: Lukas Fleischer --- web/html/pkgbase.php | 3 +-- web/lib/pkgbasefuncs.inc.php | 10 ++++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/web/html/pkgbase.php b/web/html/pkgbase.php index 1581869..bc32e43 100644 --- a/web/html/pkgbase.php +++ b/web/html/pkgbase.php @@ -107,8 +107,7 @@ if (check_token()) { list($ret, $output) = pkgbase_set_comaintainers($base_id, explode("\n", $_POST['users'])); } elseif (current_action("do_AddComment")) { $uid = uid_from_sid($_COOKIE["AURSID"]); - pkgbase_add_comment($base_id, $uid, $_REQUEST['comment']); - $ret = true; + list($ret, $output) = pkgbase_add_comment($base_id, $uid, $_REQUEST['comment']); $fragment = '#news'; } elseif (current_action("do_EditComment")) { list($ret, $output) = pkgbase_edit_comment($_REQUEST['comment']); diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php index ccab635..677ae6b 100644 --- a/web/lib/pkgbasefuncs.inc.php +++ b/web/lib/pkgbasefuncs.inc.php @@ -81,6 +81,10 @@ function pkgbase_comments($base_id, $limit, $include_deleted) { function pkgbase_add_comment($base_id, $uid, $comment) { $dbh = DB::connect(); + if (trim($comment) == '') { + return array(false, __('Comment cannot be empty.')); + } + $q = "INSERT INTO PackageComments "; $q.= "(PackageBaseID, UsersID, Comments, CommentTS) VALUES ("; $q.= intval($base_id) . ", " . $uid . ", "; @@ -102,6 +106,8 @@ function pkgbase_add_comment($base_id, $uid, $comment) { if ($result) { notify(array('comment', $uid, $base_id), $comment); } + + return array(true, __('Comment has been added.')); } /** @@ -860,6 +866,10 @@ function pkgbase_edit_comment($comment) { return array(false, __("Missing comment ID.")); } + if (trim($comment) == '') { + return array(false, __('Comment cannot be empty.')); + } + $dbh = DB::connect(); if (can_edit_comment($comment_id)) { $q = "UPDATE PackageComments "; -- cgit v1.2.3-70-g09d2