[pLog-svn] r5291 - in plog/branches/lifetype-1.2: class/action/admin js/ui

mark at devel.lifetype.net mark at devel.lifetype.net
Sun Apr 8 15:16:23 EDT 2007 

Author: mark
Date: 2007-04-08 15:16:23 -0400 (Sun, 08 Apr 2007)
New Revision: 5291

Modified:
   plog/branches/lifetype-1.2/class/action/admin/adminaddarticlecategoryajaxaction.class.php
   plog/branches/lifetype-1.2/js/ui/plogui.js
Log:
Fix bug list  here:http://bugs.lifetype.net/view.php?id=1269

The addArticleCategoryAjax does not follow the user permission.

Modified: plog/branches/lifetype-1.2/class/action/admin/adminaddarticlecategoryajaxaction.class.php
===================================================================
--- plog/branches/lifetype-1.2/class/action/admin/adminaddarticlecategoryajaxaction.class.php	2007-04-08 19:10:40 UTC (rev 5290)
+++ plog/branches/lifetype-1.2/class/action/admin/adminaddarticlecategoryajaxaction.class.php	2007-04-08 19:16:23 UTC (rev 5291)
@@ -27,23 +27,33 @@
         {
         	$this->AdminAction( $actionInfo, $request );
         }
+
         function validate()
         {
-			// fetch the data, we already know it's valid and that we can trust it!
+			// check if the user has the add_category permission
+            if( !$this->userHasPermission( "add_category" ) ) {
+	            $this->_view = new AdminXmlView( $this->_blogInfo, "response" );				
+	            $this->_view->setValue( "method", "addCategoryAjax" );
+            	$this->_view->setValue( "success", "0" );
+            	$this->_view->setValue( "message", $this->_locale->tr("error_permission_required") );    	            
+                return false;
+            }
+
+            // check if category name is empty
         	$this->_categoryName     = Textfilter::filterAllHTML($this->_request->getValue( "categoryName" ));
             $this->_categoryUrl      = "";
             $this->_categoryInMainPage = 1;
 			$this->_categoryDescription = $this->_categoryName;
-			$this->_properties = "";	       
+			$this->_properties = "";	
 
-            // check if there's any file to upload
             if( empty($this->_categoryName) || $this->_categoryName == "" ) {
 	            $this->_view = new AdminXmlView( $this->_blogInfo, "response" );				
 	            $this->_view->setValue( "method", "addCategoryAjax" );
             	$this->_view->setValue( "success", "0" );
             	$this->_view->setValue( "message", $this->_locale->tr("error_adding_article_category") );    	            
                 return false;
-            }               
+            }
+
             return true;
         }
 

Modified: plog/branches/lifetype-1.2/js/ui/plogui.js
===================================================================
--- plog/branches/lifetype-1.2/js/ui/plogui.js	2007-04-08 19:10:40 UTC (rev 5290)
+++ plog/branches/lifetype-1.2/js/ui/plogui.js	2007-04-08 19:16:23 UTC (rev 5291)
@@ -82,8 +82,10 @@
 	var xmldoc = originalRequest.responseXML;
 	var success = xmldoc.getElementsByTagName('success')[0].firstChild.nodeValue;
 	var message = xmldoc.getElementsByTagName('message')[0].firstChild.nodeValue;
-	if (!success) {
+	if (success=='0') {
 		window.alert(message);
+		$( 'newArticleCategory' ).value = '';
+		$( 'addArticleCategory' ).disabled = 0;
 	}
 	else
 	{

More information about the pLog-svn mailing list