natalie/indefero
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Added better control that the issue/download are in the project.

Browse Source 
When you view/edit a download or issue, if the download/issue is not in
the current project a 404 page is returned.
This commit is contained in:
Loic d'Anterroches
2008-08-05 19:58:21 +02:00
parent 5e3b2bac28
commit 3990098e4b
3 changed files with 19 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/IDF/Views/Download.php
View File

@@ -77,9 +77,7 @@ class IDF_Views_Download
{
$prj = $request->project;
$upload = Pluf_Shortcuts_GetObjectOr404('IDF_Upload', $match[2]);
if ($upload->project != $prj->id) {
throw new Pluf_HTTP_Error404();
}
$prj->inOr404($upload);
$title = sprintf(__('Download %s'), $upload->summary);
$form = false;
if ($request->method == 'POST' and
@@ -121,9 +119,7 @@ class IDF_Views_Download
{
$prj = $request->project;
$upload = Pluf_Shortcuts_GetObjectOr404('IDF_Upload', $match[2]);
if ($upload->project != $prj->id) {
throw new Pluf_HTTP_Error404();
}
$prj->inOr404($upload);
$upload->downloads += 1;
$upload->update();
return new Pluf_HTTP_Response_Redirect($upload->getAbsoluteUrl($prj));
@@ -199,8 +195,6 @@ class IDF_Views_Download
*/
function IDF_Views_Download_SummaryAndLabels($field, $down, $extra='')
{
//$edit = Pluf_HTTP_URL_urlForView('IDF_Views_Download::view',
// array($down->shortname, $down->id));
$tags = array();
foreach ($down->get_tags_list() as $tag) {
$tags[] = sprintf('<span class="label">%s</span>', Pluf_esc((string) $tag));