nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-05-19 01:34:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix incorrect parameter names in SQL query.

Browse Source
This commit is contained in:
Andrew McMillan 2010-03-22 17:23:59 +13:00
parent 7ae6678106
commit 7a883ffa63
1 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
inc/ui/collection-edit.php
View File

@ -34,19 +34,19 @@ $privilege_names = array( 'read', 'write-properties', 'write-content', 'unlock',
'schedule-query-freebusy', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' ); 'schedule-query-freebusy', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy' );
$params = array( $params = array(
'session_principal' => $session->principal_id, ':session_principal' => $session->principal_id,
'scan_depth' => $c->permission_scan_depth ':scan_depth' => $c->permission_scan_depth
); );
$is_update = ( $_POST['_editor_action'][$editor->Id] == 'update' ); $is_update = ( $_POST['_editor_action'][$editor->Id] == 'update' );
if ( isset($collection_name) ) $collection_name = trim(str_replace( '/', '', $collection_name)); if ( isset($collection_name) ) $collection_name = trim(str_replace( '/', '', $collection_name));
if ( !$is_update && isset($collection_name) && $collection_name != '' && is_object($usr) ) { if ( !$is_update && isset($collection_name) && $collection_name != '' && is_object($usr) ) {
$_POST['dav_name'] = sprintf('/%s/%s/', $usr->username, $collection_name ); $_POST['dav_name'] = sprintf('/%s/%s/', $usr->username, $collection_name );
$_POST['parent_container'] = sprintf('/%s/', $usr->username ); $_POST['parent_container'] = sprintf('/%s/', $usr->username );
$params['collection_path'] = $_POST['dav_name']; $params[':collection_path'] = $_POST['dav_name'];
$privsql = 'SELECT path_privs( :session_principal, :collection_path, :scan_depth) AS priv'; $privsql = 'SELECT path_privs( :session_principal, :collection_path, :scan_depth) AS priv';
} }
else if ( $id > 0 ) { else if ( $id > 0 ) {
$params['collection_id'] = $id; $params[':collection_id'] = $id;
$privsql = 'SELECT path_privs( :session_principal, dav_name, :scan_depth) AS priv FROM collection WHERE collection_id = :collection_id'; $privsql = 'SELECT path_privs( :session_principal, dav_name, :scan_depth) AS priv FROM collection WHERE collection_id = :collection_id';
} }
else { else {
@ -57,7 +57,7 @@ else {
if ( isset($privsql) ) { if ( isset($privsql) ) {
$privqry = new AwlQuery( $privsql, $params ); $privqry = new AwlQuery( $privsql, $params );
$privqry->Exec('admin-collection-edit'); $privqry->Exec('admin-collection-edit',__LINE__,__FILE__);
$permissions = $privqry->Fetch(); $permissions = $privqry->Fetch();
$can_write_collection = ($session->AllowedTo('Admin') || (bindec($permissions->priv) & privilege_to_bits('DAV::bind')) ); $can_write_collection = ($session->AllowedTo('Admin') || (bindec($permissions->priv) & privilege_to_bits('DAV::bind')) );
} }
@ -133,8 +133,7 @@ else {
$entryqry = new AwlQuery( 'SELECT count(*) as count from caldav_data where collection_id='.$id ); $entryqry = new AwlQuery( 'SELECT count(*) as count from caldav_data where collection_id='.$id );
$entryqry->Exec('admin-collection-edit'); $entryqry->Exec('admin-collection-edit');
$entries = $entryqry->Fetch(); $entries = $entryqry->Fetch(); $entries = $entries->count;
$editor->Assign( 'entries', $entries->count );
$privilege_xlate = array( $privilege_xlate = array(
'read' => translate('Read'), 'read' => translate('Read'),
@ -307,7 +306,7 @@ label.privilege {
<table> <table>
<tr> <th class="right">$prompt_collection_id:</th> <td class="left">$value_id</td> </tr> <tr> <th class="right">$prompt_collection_id:</th> <td class="left">$value_id</td> </tr>
<tr> <th class="right">$prompt_dav_name:</th> <td class="left">$value_dav_name</td> </tr> <tr> <th class="right">$prompt_dav_name:</th> <td class="left">$value_dav_name</td> </tr>
<tr> <th class="right">$prompt_entries:</th> <td class="left">##entries##</td> </tr> <tr> <th class="right">$prompt_entries:</th> <td class="left">$entries</td> </tr>
<tr> <th class="right">$prompt_load_file:</th> <td class="left">##ics_file.file.60##</td> </tr> <tr> <th class="right">$prompt_load_file:</th> <td class="left">##ics_file.file.60##</td> </tr>
<tr> <th class="right">$prompt_displayname:</th> <td class="left">##dav_displayname.input.50##</td> </tr> <tr> <th class="right">$prompt_displayname:</th> <td class="left">##dav_displayname.input.50##</td> </tr>
<tr> <th class="right">$prompt_public:</th> <td class="left">##publicly_readable.checkbox##</td> </tr> <tr> <th class="right">$prompt_public:</th> <td class="left">##publicly_readable.checkbox##</td> </tr>