gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-14 21:51:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

merge from 3.4.x

Browse Source
This commit is contained in:
Uwe Steinmann 2013-02-13 18:03:23 +01:00
parent f269f409b2
commit 5edf6a7de6
1 changed files with 58 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

143
op/op.UserDefaultKeywords.php
View File

@ -27,51 +27,45 @@ if ($user->isGuest()) {
UI::exitError(getMLText("edit_default_keywords"),getMLText("access_denied")); UI::exitError(getMLText("edit_default_keywords"),getMLText("access_denied"));
} }
if (isset($_POST["action"])) $action=$_POST["action"]; $action = '';
else $action=NULL; if (isset($_REQUEST["action"])) {
$action = $_REQUEST["action"];
}
/* Create new category ------------------------------------------------ */ /* Create new category ------------------------------------------------ */
if ($action == "addcategory") { if ($action == "addcategory") {
/* Check if the form data comes for a trusted request */ if (isset($_REQUEST["name"]) && $_REQUEST["name"]) {
if(!checkFormKey('addcategory')) { $name = $_REQUEST["name"];
UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token"));
}
$name = $_POST["name"]; $newCategory = $dms->addKeywordCategory($user->getID(), $name);
if (is_object($dms->getKeywordCategoryByName($name, $user->getID()))) { if (!$newCategory) {
UI::exitError(getMLText("admin_tools"),getMLText("keyword_exists")); UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
}
$categoryid=$newCategory->getID();
} else {
UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
} }
$newCategory = $dms->addKeywordCategory($user->getID(), $name);
if (!$newCategory) {
UI::exitError(getMLText("admin_tools"),getMLText("error_occured"));
}
$categoryid=$newCategory->getID();
} }
/* Delete category ---------------------------------------------------- */ /* Delete category ---------------------------------------------------- */
else if ($action == "removecategory") { else if ($action == "removecategory") {
/* Check if the form data comes for a trusted request */ $categoryid = 0;
if(!checkFormKey('removecategory')) { if (isset($_REQUEST["categoryid"]) && $_REQUEST["categoryid"]) {
UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token")); $categoryid = intval($_REQUEST["categoryid"]);
} }
if (!isset($_POST["categoryid"]) || !is_numeric($_POST["categoryid"]) || intval($_POST["categoryid"])<1) {
UI::exitError(getMLText("admin_tools"),getMLText("unknown_keyword_category"));
}
$categoryid = $_POST["categoryid"];
$category = $dms->getKeywordCategory($categoryid); $category = $dms->getKeywordCategory($categoryid);
if (!is_object($category)) { if (is_object($category)) {
UI::exitError(getMLText("admin_tools"),getMLText("unknown_keyword_category")); $owner = $category->getOwner();
} if ($owner->getID() != $user->getID()) {
UI::exitError(getMLText("personal_default_keywords"),getMLText("access_denied"));
$owner = $category->getOwner(); }
if ($owner->getID() != $user->getID()) { if (!$category->remove()) {
UI::exitError(getMLText("personal_default_keywords"),getMLText("access_denied")); UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
} }
if (!$category->remove()) { } else {
UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured")); UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
} }
$categoryid=-1; $categoryid=-1;
@ -80,40 +74,36 @@ else if ($action == "removecategory") {
/* Edit category: new name -------------------------------------------- */ /* Edit category: new name -------------------------------------------- */
else if ($action == "editcategory") { else if ($action == "editcategory") {
/* Check if the form data comes for a trusted request */ $categoryid = 0;
if(!checkFormKey('editcategory')) { if (isset($_REQUEST["categoryid"]) && $_REQUEST["categoryid"]) {
UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token")); $categoryid = intval($_REQUEST["categoryid"]);
} }
if (!isset($_POST["categoryid"]) || !is_numeric($_POST["categoryid"]) || intval($_POST["categoryid"])<1) {
UI::exitError(getMLText("admin_tools"),getMLText("unknown_keyword_category"));
}
$categoryid = $_POST["categoryid"];
$category = $dms->getKeywordCategory($categoryid); $category = $dms->getKeywordCategory($categoryid);
if (!is_object($category)) { if (is_object($category)) {
UI::exitError(getMLText("admin_tools"),getMLText("unknown_keyword_category")); $owner = $category->getOwner();
} if ($owner->getID() != $user->getID()) {
UI::exitError(getMLText("personal_default_keywords"),getMLText("access_denied"));
}
if (isset($_REQUEST["name"]) && $_REQUEST["name"]) {
$name = $_REQUEST["name"];
$owner = $category->getOwner(); if (!$category->setName($name)) {
if ($owner->getID() != $user->getID()) { UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
UI::exitError(getMLText("personal_default_keywords"),getMLText("access_denied")); }
} } else {
UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
$name = $_POST["name"]; }
if (!$category->setName($name)) {
UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
} }
else UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
} }
/* Edit category: new keyword list ----------------------------------- */ /* Edit category: new keyword list ----------------------------------- */
else if ($action == "newkeywords") { else if ($action == "newkeywords") {
/* Check if the form data comes for a trusted request */ $categoryid = 0;
if(!checkFormKey('newkeywords')) { if (isset($_REQUEST["categoryid"]) && $_REQUEST["categoryid"]) {
UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token")); $categoryid = intval($_REQUEST["categoryid"]);
} }
$categoryid = (int) $_POST["categoryid"];
$category = $dms->getKeywordCategory($categoryid); $category = $dms->getKeywordCategory($categoryid);
if (is_object($category)) { if (is_object($category)) {
$owner = $category->getOwner(); $owner = $category->getOwner();
@ -121,13 +111,9 @@ else if ($action == "newkeywords") {
UI::exitError(getMLText("personal_default_keywords"),getMLText("access_denied")); UI::exitError(getMLText("personal_default_keywords"),getMLText("access_denied"));
} }
if (isset($_POST["keywords"])) { $keywords = $_REQUEST["keywords"];
$keywords = $_POST["keywords"]; if (!$category->addKeywordList($keywords)) {
} UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
if(trim($keywords)) {
if (!$category->addKeywordList($keywords)) {
UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
}
} }
} }
else UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured")); else UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
@ -136,11 +122,11 @@ else if ($action == "newkeywords") {
/* Edit category: edit keyword list ----------------------------------*/ /* Edit category: edit keyword list ----------------------------------*/
else if ($action == "editkeywords") { else if ($action == "editkeywords") {
if (!isset($_POST["categoryid"]) || !is_numeric($_POST["categoryid"]) || intval($_POST["categoryid"])<1) { $categoryid = 0;
UI::exitError(getMLText("admin_tools"),getMLText("unknown_keyword_category")); if (isset($_REQUEST["categoryid"]) && $_REQUEST["categoryid"]) {
$categoryid = intval($_REQUEST["categoryid"]);
} }
$categoryid = $_POST["categoryid"];
$category = $dms->getKeywordCategory($categoryid); $category = $dms->getKeywordCategory($categoryid);
if (is_object($category)) { if (is_object($category)) {
$owner = $category->getOwner(); $owner = $category->getOwner();
@ -148,17 +134,12 @@ else if ($action == "editkeywords") {
UI::exitError(getMLText("personal_default_keywords"),getMLText("access_denied")); UI::exitError(getMLText("personal_default_keywords"),getMLText("access_denied"));
} }
if (isset($_POST["keywordsid"])) { $keywordsid = intval($_REQUEST["keywordsid"]);
$keywordsid = intval($_POST["keywordsid"]);
}
else {
$keywordsid = intval($_GET["keywordsid"]);
}
if (!is_numeric($keywordsid)) { if (!is_numeric($keywordsid)) {
UI::exitError(getMLText("personal_default_keywords"),getMLText("unknown_keyword_category")); UI::exitError(getMLText("personal_default_keywords"),getMLText("unknown_keyword_category"));
} }
if (!$category->editKeywordList($keywordsid, $_POST["keywords"])) { if (!$category->editKeywordList($keywordsid, $_REQUEST["keywords"])) {
UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured")); UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
} }
} }
@ -168,27 +149,17 @@ else if ($action == "editkeywords") {
/* Edit category: delete keyword list -------------------------------- */ /* Edit category: delete keyword list -------------------------------- */
else if ($action == "removekeywords") { else if ($action == "removekeywords") {
/* Check if the form data comes for a trusted request */ $categoryid = 0;
if(!checkFormKey('removekeywords')) { if (isset($_REQUEST["categoryid"]) && $_REQUEST["categoryid"]) {
UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token")); $categoryid = intval($_REQUEST["categoryid"]);
} }
if (!isset($_POST["categoryid"]) || !is_numeric($_POST["categoryid"]) || intval($_POST["categoryid"])<1) {
UI::exitError(getMLText("admin_tools"),getMLText("unknown_keyword_category"));
}
$categoryid = $_POST["categoryid"];
$category = $dms->getKeywordCategory($categoryid); $category = $dms->getKeywordCategory($categoryid);
if (is_object($category)) { if (is_object($category)) {
$owner = $category->getOwner(); $owner = $category->getOwner();
if ($owner->getID() != $user->getID()) { if ($owner->getID() != $user->getID()) {
UI::exitError(getMLText("personal_default_keywords"),getMLText("access_denied")); UI::exitError(getMLText("personal_default_keywords"),getMLText("access_denied"));
} }
if (isset($_POST["keywordsid"])) { $keywordsid = intval($_REQUEST["keywordsid"]);
$keywordsid = intval($_POST["keywordsid"]);
}
else {
$keywordsid = intval($_GET["keywordsid"]);
}
if (!is_numeric($keywordsid)) { if (!is_numeric($keywordsid)) {
UI::exitError(getMLText("personal_default_keywords"),getMLText("unknown_keyword_category")); UI::exitError(getMLText("personal_default_keywords"),getMLText("unknown_keyword_category"));
} }