From 45816b07e7482fa74ea3dd72828c22f1bd998c19 Mon Sep 17 00:00:00 2001
From: Neil Blakey-Milner <nbm@knowledgetree.com>
Date: Tue, 4 Jan 2005 11:14:10 +0000
Subject: [PATCH] Replace erroneous array addition with array_merge.  Update sections to use DBUtil.

---
 lib/security/Permission.inc | 32 +++++++++++++++++++++++---------
 1 file changed, 23 insertions(+), 9 deletions(-)

diff --git a/lib/security/Permission.inc b/lib/security/Permission.inc
index aeebcbf..d0b5007 100644
--- a/lib/security/Permission.inc
+++ b/lib/security/Permission.inc
@@ -177,7 +177,7 @@ class Permission {
                 $aParentFolderIDs[] = $oFolder->getID();
                 $sQms = DBUtil::paramArray($aParentFolderIDs);
                 $sQuery .= $sQms;
-                $aParams += $aParentFolderIDs;
+                $aParams = array_merge($aParams, $aParentFolderIDs);
             } else {
                 $sQuery .= "?";
                 $aParams[] = $oFolder->getID();
@@ -188,12 +188,19 @@ class Permission {
             $sQuery .= "AND GFL.folder_id IN (?)";
             $aParams[] = $oFolder->getID();
         }
+
+        $res = DBUtil::runQuery(array($sQuery, $aParams));
         
-        $sql->query(array($sQuery, $aParams));
-        
-        if ($sql->next_record()) {
+        if (PEAR::isError($res)) {
+            $default->log->error("userHasGroupWritePermissionForFolder: Error in SQL statement -> follows:");
+            $default->log->error($res->toString());
+            return false;
+        }
+        if ($res->numRows()) {
+            $default->log->debug("FOLDER PERMISSIONS: Does have group write permission for folder");
             return true;
         }
+            
         $_SESSION["errorMessage"] = $lang_err_user_folder_write;
         return false;
     }
@@ -250,7 +257,7 @@ class Permission {
                 $aParentFolderIDs[] = $oFolder->getID();
                 $sQms = DBUtil::paramArray($aParentFolderIDs);
                 $sQuery .= $sQms;
-                $aParams += $aParentFolderIDs;
+                $aParams = array_merge($aParams, $aParentFolderIDs);
             } else {
                 $sQuery .= "?";
                 $aParams[] = $oFolder->getID();
@@ -261,13 +268,20 @@ class Permission {
             $sQuery .= "AND GFL.folder_id IN (?)";
             $aParams[] = $oFolder->getID();
         }
-        $sql->query(array($sQuery, $aParams));
         
-        $default->log->debug("userHasGroupReadPermissionForFolder sql: " . $sQuery);    
-        if ($sql->next_record()) {
+        //$sql->query(array($sQuery, $aParams));
+        $res = DBUtil::runQuery(array($sQuery, $aParams));
+        
+        if (PEAR::isError($res)) {
+            $default->log->error("userHasGroupReadPermissionForFolder: Error in SQL statement -> follows:");
+            $default->log->error($res->toString());
+            return false;
+        }
+        if ($res->numRows()) {
             $default->log->debug("FOLDER PERMISSIONS: Does have group read permission for folder");
             return true;
-        }       
+        }
+
         $_SESSION["errorMessage"] = $lang_err_user_folder_read;
         $default->log->debug("FOLDER PERMISSIONS: Does  NOT have group read permission for folder");
         return false;
--
libgit2 0.21.4