diff options
| author | elij <elij.mx@gmail.com> | 2011-05-12 01:17:12 +0200 |
|---|---|---|
| committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2011-05-17 10:43:42 +0200 |
| commit | 0898f1447a2d6bdc893f55f4718f867734841361 (patch) | |
| tree | 22ab9736ad4b92af12daeb3a5215b126c3a8c22c /web/template/actions_form.php | |
| parent | d38f3460e55ad4e8486c63902f3b581684d6f188 (diff) | |
| download | aur-0898f1447a2d6bdc893f55f4718f867734841361.tar.gz aur-0898f1447a2d6bdc893f55f4718f867734841361.tar.xz | |
test return value from db_query before assuming it is valid
make the sql query form consistent in usage by cleaning up instances
where db_query's result was not inspected before attempting to fetch row
data from the handle
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/template/actions_form.php')
| -rw-r--r-- | web/template/actions_form.php | 52 |
1 files changed, 29 insertions, 23 deletions
diff --git a/web/template/actions_form.php b/web/template/actions_form.php index 45bc09bc..058002f8 100644 --- a/web/template/actions_form.php +++ b/web/template/actions_form.php @@ -8,39 +8,45 @@ # $q = "SELECT * FROM PackageVotes WHERE UsersID = ". $uid; $q.= " AND PackageID = ".$row["ID"]; - if (!mysql_num_rows(db_query($q, $dbh))) { - echo " <input type='submit' class='button' name='do_Vote'"; - echo " value='".__("Vote")."' /> "; - } else { - echo "<input type='submit' class='button' name='do_UnVote'"; - echo " value='".__("UnVote")."' /> "; + $result = db_query($q, $dbh); + if ($result) { + if (!mysql_num_rows($result)) { + echo " <input type='submit' class='button' name='do_Vote'"; + echo " value='".__("Vote")."' /> "; + } else { + echo "<input type='submit' class='button' name='do_UnVote'"; + echo " value='".__("UnVote")."' /> "; + } } # Comment Notify Button # $q = "SELECT * FROM CommentNotify WHERE UserID = ". $uid; $q.= " AND PkgID = ".$row["ID"]; - if (!mysql_num_rows(db_query($q, $dbh))) { - echo "<input type='submit' class='button' name='do_Notify'"; - echo " value='".__("Notify")."' title='".__("New Comment Notification")."' /> "; - } else { - echo "<input type='submit' class='button' name='do_UnNotify'"; - echo " value='".__("UnNotify")."' title='".__("No New Comment Notification")."' /> "; + $result = db_query($q, $dbh); + if ($result) { + if (!mysql_num_rows($result)) { + echo "<input type='submit' class='button' name='do_Notify'"; + echo " value='".__("Notify")."' title='".__("New Comment Notification")."' /> "; + } else { + echo "<input type='submit' class='button' name='do_UnNotify'"; + echo " value='".__("UnNotify")."' title='".__("No New Comment Notification")."' /> "; + } } -if ($row["OutOfDateTS"] === NULL) { - echo "<input type='submit' class='button' name='do_Flag'"; - echo " value='".__("Flag Out-of-date")."' />\n"; -} else { - echo "<input type='submit' class='button' name='do_UnFlag'"; - echo " value='".__("UnFlag Out-of-date")."' />\n"; + if ($row["OutOfDateTS"] === NULL) { + echo "<input type='submit' class='button' name='do_Flag'"; + echo " value='".__("Flag Out-of-date")."' />\n"; + } else { + echo "<input type='submit' class='button' name='do_UnFlag'"; + echo " value='".__("UnFlag Out-of-date")."' />\n"; } -if ($row["MaintainerUID"] === NULL) { - echo "<input type='submit' class='button' name='do_Adopt'"; - echo " value='".__("Adopt Packages")."' />\n"; -} else if ($uid == $row["MaintainerUID"] || - $atype == "Trusted User" || $atype == "Developer") { + if ($row["MaintainerUID"] === NULL) { + echo "<input type='submit' class='button' name='do_Adopt'"; + echo " value='".__("Adopt Packages")."' />\n"; + } else if ($uid == $row["MaintainerUID"] || + $atype == "Trusted User" || $atype == "Developer") { echo "<input type='submit' class='button' name='do_Disown'"; echo " value='".__("Disown Packages")."' />\n"; } |