From 0898f1447a2d6bdc893f55f4718f867734841361 Mon Sep 17 00:00:00 2001 From: elij Date: Wed, 11 May 2011 16:17:12 -0700 Subject: test return value from db_query before assuming it is valid make the sql query form consistent in usage by cleaning up instances where db_query's result was not inspected before attempting to fetch row data from the handle Signed-off-by: Lukas Fleischer --- web/template/actions_form.php | 52 ++++++++++++++++++++++++------------------- 1 file changed, 29 insertions(+), 23 deletions(-) (limited to 'web/template/actions_form.php') diff --git a/web/template/actions_form.php b/web/template/actions_form.php index 45bc09bc..058002f8 100644 --- a/web/template/actions_form.php +++ b/web/template/actions_form.php @@ -8,39 +8,45 @@ # $q = "SELECT * FROM PackageVotes WHERE UsersID = ". $uid; $q.= " AND PackageID = ".$row["ID"]; - if (!mysql_num_rows(db_query($q, $dbh))) { - echo " "; - } else { - echo " "; + $result = db_query($q, $dbh); + if ($result) { + if (!mysql_num_rows($result)) { + echo " "; + } else { + echo " "; + } } # Comment Notify Button # $q = "SELECT * FROM CommentNotify WHERE UserID = ". $uid; $q.= " AND PkgID = ".$row["ID"]; - if (!mysql_num_rows(db_query($q, $dbh))) { - echo " "; - } else { - echo " "; + $result = db_query($q, $dbh); + if ($result) { + if (!mysql_num_rows($result)) { + echo " "; + } else { + echo " "; + } } -if ($row["OutOfDateTS"] === NULL) { - echo "\n"; -} else { - echo "\n"; + if ($row["OutOfDateTS"] === NULL) { + echo "\n"; + } else { + echo "\n"; } -if ($row["MaintainerUID"] === NULL) { - echo "\n"; -} else if ($uid == $row["MaintainerUID"] || - $atype == "Trusted User" || $atype == "Developer") { + if ($row["MaintainerUID"] === NULL) { + echo "\n"; + } else if ($uid == $row["MaintainerUID"] || + $atype == "Trusted User" || $atype == "Developer") { echo "\n"; } -- cgit v1.2.3-24-g4f1b