natalie/indefero
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Added better control that the issue/download are in the project.

Browse Source 
When you view/edit a download or issue, if the download/issue is not in
the current project a 404 page is returned.
This commit is contained in:
Loic d'Anterroches
2008-08-05 19:58:21 +02:00
parent 5e3b2bac28
commit 3990098e4b
3 changed files with 19 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/IDF/Views/Issue.php
View File

@@ -161,9 +161,7 @@ class IDF_Views_Issue
{
$prj = $request->project;
$issue = Pluf_Shortcuts_GetObjectOr404('IDF_Issue', $match[2]);
if ($issue->project != $prj->id) {
throw new Pluf_HTTP_Error404();
}
$prj->inOr404($issue);
$comments = $issue->get_comments_list(array('order' => 'id ASC'));
$url = Pluf_HTTP_URL_urlForView('IDF_Views_Issue::view',
array($prj->shortname, $issue->id));