[Solar-svn] Revision 3012
pmjones at solarphp.com
pmjones at solarphp.com
Mon Mar 17 20:56:46 CDT 2008
Solar_App_Bookmarks: [FIX] Added security check to see if the bookmark actually exists.
Modified: trunk/Solar/App/Bookmarks/Locale/en_US.php
===================================================================
--- trunk/Solar/App/Bookmarks/Locale/en_US.php 2008-03-18 01:54:42 UTC (rev 3011)
+++ trunk/Solar/App/Bookmarks/Locale/en_US.php 2008-03-18 01:56:46 UTC (rev 3012)
@@ -24,6 +24,7 @@
'ERR_NOT_LOGGED_IN' => 'You are not signed in.',
'ERR_NOT_OWNER' => 'You do not own this bookmark, or it does not exist.',
'ERR_NOT_SELECTED' => 'No bookmark selected.',
+ 'ERR_NO_SUCH_BOOKMARK' => 'No such bookmark exists.',
'HEADING_BOOKMARKS' => 'Bookmarks',
'HEADING_ADD' => 'Add New Bookmark',
Modified: trunk/Solar/App/Bookmarks.php
===================================================================
--- trunk/Solar/App/Bookmarks.php 2008-03-18 01:54:42 UTC (rev 3011)
+++ trunk/Solar/App/Bookmarks.php 2008-03-18 01:56:46 UTC (rev 3012)
@@ -364,6 +364,11 @@
// fetch the bookmark
$item = $this->_bookmarks->fetch($id);
+ // does it exist?
+ if (! $item) {
+ return $this->_error('ERR_NO_SUCH_BOOKMARK');
+ }
+
// must be in this area
if ($item->area_id != $this->area->id) {
return $this->_error('ERR_NOT_IN_AREA');
More information about the Solar-svn
mailing list