Peter M. Groen / knowledgetree

Commit 45816b07e7482fa74ea3dd72828c22f1bd998c19

Authored by Neil Blakey-Milner
1 parent ea181171

Replace erroneous array addition with array_merge. Update sections to 

use DBUtil.


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@3103 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 23 additions and 9 deletions
lib/security/Permission.inc
  View file @45816b0
@@ -177,7 +177,7 @@ class Permission { @@ -177,7 +177,7 @@ class Permission {
177 $aParentFolderIDs[] = $oFolder->getID(); 177 $aParentFolderIDs[] = $oFolder->getID();
178 $sQms = DBUtil::paramArray($aParentFolderIDs); 178 $sQms = DBUtil::paramArray($aParentFolderIDs);
179 $sQuery .= $sQms; 179 $sQuery .= $sQms;
180 - $aParams += $aParentFolderIDs; 180 + $aParams = array_merge($aParams, $aParentFolderIDs);
181 } else { 181 } else {
182 $sQuery .= "?"; 182 $sQuery .= "?";
183 $aParams[] = $oFolder->getID(); 183 $aParams[] = $oFolder->getID();
@@ -188,12 +188,19 @@ class Permission { @@ -188,12 +188,19 @@ class Permission {
188 $sQuery .= "AND GFL.folder_id IN (?)"; 188 $sQuery .= "AND GFL.folder_id IN (?)";
189 $aParams[] = $oFolder->getID(); 189 $aParams[] = $oFolder->getID();
190 } 190 }
  191 +
  192 + $res = DBUtil::runQuery(array($sQuery, $aParams));
191 193
192 - $sql->query(array($sQuery, $aParams));  
193 -  
194 - if ($sql->next_record()) { 194 + if (PEAR::isError($res)) {
  195 + $default->log->error("userHasGroupWritePermissionForFolder: Error in SQL statement -> follows:");
  196 + $default->log->error($res->toString());
  197 + return false;
  198 + }
  199 + if ($res->numRows()) {
  200 + $default->log->debug("FOLDER PERMISSIONS: Does have group write permission for folder");
195 return true; 201 return true;
196 } 202 }
  203 +
197 $_SESSION["errorMessage"] = $lang_err_user_folder_write; 204 $_SESSION["errorMessage"] = $lang_err_user_folder_write;
198 return false; 205 return false;
199 } 206 }
@@ -250,7 +257,7 @@ class Permission { @@ -250,7 +257,7 @@ class Permission {
250 $aParentFolderIDs[] = $oFolder->getID(); 257 $aParentFolderIDs[] = $oFolder->getID();
251 $sQms = DBUtil::paramArray($aParentFolderIDs); 258 $sQms = DBUtil::paramArray($aParentFolderIDs);
252 $sQuery .= $sQms; 259 $sQuery .= $sQms;
253 - $aParams += $aParentFolderIDs; 260 + $aParams = array_merge($aParams, $aParentFolderIDs);
254 } else { 261 } else {
255 $sQuery .= "?"; 262 $sQuery .= "?";
256 $aParams[] = $oFolder->getID(); 263 $aParams[] = $oFolder->getID();
@@ -261,13 +268,20 @@ class Permission { @@ -261,13 +268,20 @@ class Permission {
261 $sQuery .= "AND GFL.folder_id IN (?)"; 268 $sQuery .= "AND GFL.folder_id IN (?)";
262 $aParams[] = $oFolder->getID(); 269 $aParams[] = $oFolder->getID();
263 } 270 }
264 - $sql->query(array($sQuery, $aParams));  
265 271
266 - $default->log->debug("userHasGroupReadPermissionForFolder sql: " . $sQuery);  
267 - if ($sql->next_record()) { 272 + //$sql->query(array($sQuery, $aParams));
  273 + $res = DBUtil::runQuery(array($sQuery, $aParams));
  274 +
  275 + if (PEAR::isError($res)) {
  276 + $default->log->error("userHasGroupReadPermissionForFolder: Error in SQL statement -> follows:");
  277 + $default->log->error($res->toString());
  278 + return false;
  279 + }
  280 + if ($res->numRows()) {
268 $default->log->debug("FOLDER PERMISSIONS: Does have group read permission for folder"); 281 $default->log->debug("FOLDER PERMISSIONS: Does have group read permission for folder");
269 return true; 282 return true;
270 - } 283 + }
  284 +
271 $_SESSION["errorMessage"] = $lang_err_user_folder_read; 285 $_SESSION["errorMessage"] = $lang_err_user_folder_read;
272 $default->log->debug("FOLDER PERMISSIONS: Does NOT have group read permission for folder"); 286 $default->log->debug("FOLDER PERMISSIONS: Does NOT have group read permission for folder");
273 return false; 287 return false;