summaryrefslogtreecommitdiffstats
path: root/web/html
diff options
context:
space:
mode:
Diffstat (limited to 'web/html')
-rw-r--r--web/html/addvote.php16
-rw-r--r--web/html/tu.php17
2 files changed, 28 insertions, 5 deletions
diff --git a/web/html/addvote.php b/web/html/addvote.php
index 5936d563..a4596105 100644
--- a/web/html/addvote.php
+++ b/web/html/addvote.php
@@ -21,14 +21,26 @@ if ($atype == "Trusted User" OR $atype == "Developer") {
if (!empty($_POST['user'])) {
$qcheck = "SELECT * FROM Users WHERE Username = '" . mysql_real_escape_string($_POST['user']) . "'";
- $check = mysql_num_rows(db_query($qcheck, $dbh));
+ $result = db_query($qcheck, $dbh);
+ if ($result) {
+ $check = mysql_num_rows($result);
+ }
+ else {
+ $check = 0;
+ }
if ($check == 0) {
$error.= __("Username does not exist.");
} else {
$qcheck = "SELECT * FROM TU_VoteInfo WHERE User = '" . mysql_real_escape_string($_POST['user']) . "'";
$qcheck.= " AND End > UNIX_TIMESTAMP()";
- $check = mysql_num_rows(db_query($qcheck, $dbh));
+ $result = db_query($qcheck, $dbh);
+ if ($result) {
+ $check = mysql_num_rows($result);
+ }
+ else {
+ $check = 0;
+ }
if ($check != 0) {
$error.= __("%s already has proposal running for them.", htmlentities($_POST['user']));
diff --git a/web/html/tu.php b/web/html/tu.php
index c5cc36b5..6ab8ae9e 100644
--- a/web/html/tu.php
+++ b/web/html/tu.php
@@ -36,7 +36,13 @@ if ($atype == "Trusted User" OR $atype == "Developer") {
$qvoted = "SELECT * FROM TU_Votes WHERE ";
$qvoted.= "VoteID = " . $row['ID'] . " AND ";
$qvoted.= "UserID = " . uid_from_sid($_COOKIE["AURSID"]);
- $hasvoted = mysql_num_rows(db_query($qvoted, $dbh));
+ $result = db_query($qvoted, $dbh);
+ if ($result) {
+ $hasvoted = mysql_num_rows($result);
+ }
+ else {
+ $hasvoted = 0;
+ }
# List voters of a proposal.
$qwhoVoted = "SELECT tv.UserID,U.Username
@@ -85,10 +91,15 @@ if ($atype == "Trusted User" OR $atype == "Developer") {
$canvote = 0;
$errorvote = __("You've already voted for this proposal.");
# Update if they voted
- $hasvoted = mysql_num_rows(db_query($qvoted, $dbh));
+ $result = db_query($qvoted, $dbh);
+ if ($result) {
+ $hasvoted = mysql_num_rows($result);
+ }
$results = db_query($q, $dbh);
- $row = mysql_fetch_assoc($results);
+ if ($results) {
+ $row = mysql_fetch_assoc($results);
+ }
}
}
include("tu_details.php");