Mercurial > hg > fapweb

changeset 112:91660a9d50f0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add some error checking to compo id updating vs. compo entries.
author Matti Hamalainen <ccr@tnsp.org>
date Tue, 22 Oct 2013 12:08:27 +0300
parents ac1df74619cd
children 671330b7f5d1
files admajax.php
diffstat 1 files changed, 17 insertions(+), 9 deletions(-) [+]
line wrap: on
line diff
--- a/admajax.php	Tue Oct 22 00:34:35 2013 +0300
+++ b/admajax.php	Tue Oct 22 12:08:27 2013 +0300
@@ -408,16 +408,24 @@
       stChkRequestItem("name") && stChkRequestItem("author") &&
       stChkRequestItem("compo_id"))
     {
-      $sql = stPrepareSQLUpdate("entries",
-        "WHERE id=".intval(stGetRequestItem("id")),
-        array(
-          "name" => "S",
-          "author" => "S",
-          "filename" => "S",
-          "compo_id" => "D",
-        ));
+      $cid = stGetRequestItem("compo_id");
+      if (stFetchSQLColumn("SELECT id FROM compos WHERE id=".$cid) === FALSE)
+      {
+        stSetStatus(903, "No such compo id.");
+      }
+      else
+      {
+        $sql = stPrepareSQLUpdate("entries",
+          "WHERE id=".intval(stGetRequestItem("id")),
+          array(
+            "name" => "S",
+            "author" => "S",
+            "filename" => "S",
+            "compo_id" => "D",
+          ));
 
-      stExecSQLCond($sql, "OK, entry updated.");
+        stExecSQLCond($sql, "OK, entry updated.");
+      }
     }
     else
     if ($type == "settings")