Note: this list is kept only as a demonstration for CVSNotice. For the latest CVS notices, see the Xaraya and Postnuke sites
View Statistics - Next Notice - Previous NoticeDirectory filter : [ all ] / postnuke_official / html / modules / template [ view in CVS ]
Date | Directory [filter] | File(s) [view] | Author [filter] |
02 Aug 2002 21:56:43 | postnuke_official/html/modules/template | pnadminapi.php,1.8,1.9 pnuserapi.php,1.8,1.9 | Mike |
more exceptions in *api.php files |
Update of /home/cvsroot/postnuke_official/html/modules/template In directory ns7.hostnuke.net:/tmp/cvs-serv29781 Modified Files: pnadminapi.php pnuserapi.php Log Message: more exceptions in *api.php files Index: pnadminapi.php =================================================================== RCS file: /home/cvsroot/postnuke_official/html/modules/template/pnadminapi.php,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** pnadminapi.php 22 Jul 2002 21:36:47 -0000 1.8 --- pnadminapi.php 2 Aug 2002 21:56:40 -0000 1.9 *************** *** 25,32 **** --- 25,35 ---- /** * create a new template item + * + * @author the Example module development team * @param $args['name'] name of the item * @param $args['number'] number of the item * @returns int * @return template item ID on success, false on failure + * @raise BAD_PARAM, NO_PERMISSION, DATABASE_ERROR */ function template_adminapi_create($args) *************** *** 39,47 **** extract($args); ! // Argument check - make sure that all required arguments are present, ! // if not then set an appropriate error message and return ! if ((!isset($name)) || ! (!isset($number))) { ! pnSessionSetVar('errormsg', _MODARGSERROR); return false; } --- 42,62 ---- extract($args); ! // Argument check - make sure that all required arguments are present ! // and in the right format, if not then set an appropriate error ! // message and return ! // Note : since we have several arguments we want to check here, we'll ! // report all those that are invalid at the same time... ! $invalid = array(); ! if (!isset($name) || !is_string($name)) { ! $invalid[] = 'name'; ! } ! if (!isset($number) || !is_numeric($number)) { ! $invalid[] = 'number'; ! } ! if (count($invalid) > 0) { ! $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', ! join(', ',$invalid), 'admin', 'create', 'Example'); ! pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', ! new SystemException($msg)); return false; } *************** *** 50,58 **** // avoid potential security holes or just too much wasted processing if (!pnSecAuthAction(0, 'Template::Item', "$name::", ACCESS_ADD)) { ! pnSessionSetVar('errormsg', _TEMPLATENOAUTH); return false; } ! // Get datbase setup - note that both pnDBGetConn() and pnDBGetTables() // return arrays but we handle them differently. For pnDBGetConn() // we currently just want the first item, which is the official --- 65,76 ---- // avoid potential security holes or just too much wasted processing if (!pnSecAuthAction(0, 'Template::Item', "$name::", ACCESS_ADD)) { ! $msg = pnML('Not authorized to add #(1) items', ! 'Example'); ! pnExceptionSet(PN_USER_EXCEPTION, 'NO_PERMISSION', ! new SystemException($msg)); return false; } ! // Get database setup - note that both pnDBGetConn() and pnDBGetTables() // return arrays but we handle them differently. For pnDBGetConn() // we currently just want the first item, which is the official *************** *** 89,99 **** // appropriate error message and return if ($dbconn->ErrorNo() != 0) { ! pnSessionSetVar('errormsg', _CREATEFAILED); return false; } ! // Get the ID of the item that we inserted. It is possible, although ! // very unlikely, that this is different from $nextId as obtained ! // above, but it is better to be safe than sorry in this situation $tid = $dbconn->PO_Insert_ID($templatetable, 'pn_tid'); --- 107,127 ---- // appropriate error message and return if ($dbconn->ErrorNo() != 0) { ! // Hint : for debugging SQL queries, you can use $dbconn->ErrorMsg() ! // to retrieve the actual database error message, and use e.g. the ! // following message : ! // $msg = pnML('Database error #(1) in query #(2) for #(3) function ' . ! // '#(4)() in module #(5)', ! // $dbconn->ErrorMsg(), $sql, 'admin', 'create', 'Example'); ! // Don't use that for release versions, though... ! $msg = pnML('Database error for #(1) function #(2)() in module #(3)', ! 'admin', 'create', 'Example'); ! pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', ! new SystemException($msg)); return false; } ! // Get the ID of the item that we inserted. It is possible, depending ! // on your database, that this is different from $nextId as obtained ! // above, so it is better to be safe than sorry in this situation $tid = $dbconn->PO_Insert_ID($templatetable, 'pn_tid'); *************** *** 110,116 **** --- 138,147 ---- /** * delete a template item + * + * @author the Example module development team * @param $args['tid'] ID of the item * @returns bool * @return true on success, false on failure + * @raise BAD_PARAM, NO_PERMISSION, DATABASE_ERROR */ function template_adminapi_delete($args) *************** *** 122,129 **** extract($args); ! // Argument check - make sure that all required arguments are present, ! // if not then set an appropriate error message and return ! if (!isset($tid)) { ! pnSessionSetVar('errormsg', _MODARGSERROR); return false; } --- 153,164 ---- extract($args); ! // Argument check - make sure that all required arguments are present and ! // in the right format, if not then set an appropriate error message ! // and return ! if (!isset($tid) || !is_numeric($tid)) { ! $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', ! 'item ID', 'admin', 'delete', 'Example'); ! pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', ! new SystemException($msg)); return false; } *************** *** 135,140 **** // message is posted and the function returns if (!pnModAPILoad('template', 'user')) { ! $output->Text(_LOADFAILED); ! return $output->GetOutput(); } --- 170,178 ---- // message is posted and the function returns if (!pnModAPILoad('template', 'user')) { ! $msg = pnML('Unable to load #(1) #(2) API', ! 'Template','user'); ! pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', ! new SystemException($msg)); ! return false; } *************** *** 149,154 **** if ($item == false) { ! $output->Text(_TEMPLATENOSUCHITEM); ! return $output->GetOutput(); } --- 187,195 ---- if ($item == false) { ! $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', ! 'item ID', 'user', 'get', 'Example'); ! pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', ! new SystemException($msg)); ! return false; } *************** *** 159,167 **** // chance we get to do the check if (!pnSecAuthAction(0, 'Template::Item', "$item[name]::$tid", ACCESS_DELETE)) { ! pnSessionSetVar('errormsg', _TEMPLATENOAUTH); return false; } ! // Get datbase setup - note that both pnDBGetConn() and pnDBGetTables() // return arrays but we handle them differently. For pnDBGetConn() // we currently just want the first item, which is the official --- 200,211 ---- // chance we get to do the check if (!pnSecAuthAction(0, 'Template::Item', "$item[name]::$tid", ACCESS_DELETE)) { ! $msg = pnML('Not authorized to delete #(1) item #(2)', ! 'Example', pnVarPrepForStore($tid)); ! pnExceptionSet(PN_USER_EXCEPTION, 'NO_PERMISSION', ! new SystemException($msg)); return false; } ! // Get database setup - note that both pnDBGetConn() and pnDBGetTables() // return arrays but we handle them differently. For pnDBGetConn() // we currently just want the first item, which is the official *************** *** 187,191 **** // appropriate error message and return if ($dbconn->ErrorNo() != 0) { ! pnSessionSetVar('errormsg', _DELETEFAILED); return false; } --- 231,245 ---- // appropriate error message and return if ($dbconn->ErrorNo() != 0) { ! // Hint : for debugging SQL queries, you can use $dbconn->ErrorMsg() ! // to retrieve the actual database error message, and use e.g. the ! // following message : ! // $msg = pnML('Database error #(1) in query #(2) for #(3) function ' . ! // '#(4)() in module #(5)', ! // $dbconn->ErrorMsg(), $sql, 'admin', 'delete', 'Example'); ! // Don't use that for release versions, though... ! $msg = pnML('Database error for #(1) function #(2)() in module #(3)', ! 'admin', 'delete', 'Example'); ! pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', ! new SystemException($msg)); return false; } *************** *** 201,207 **** --- 255,264 ---- /** * update a template item + * + * @author the Example module development team * @param $args['tid'] the ID of the item * @param $args['name'] the new name of the item * @param $args['number'] the new number of the item + * @raise BAD_PARAM, NO_PERMISSION, DATABASE_ERROR */ function template_adminapi_update($args) *************** *** 213,222 **** extract($args); ! // Argument check - make sure that all required arguments are present, ! // if not then set an appropriate error message and return ! if ((!isset($tid)) || ! (!isset($name)) || ! (!isset($number))) { ! pnSessionSetVar('errormsg', _MODARGSERROR); return false; } --- 270,293 ---- extract($args); ! // Argument check - make sure that all required arguments are present ! // and in the right format, if not then set an appropriate error ! // message and return ! // Note : since we have several arguments we want to check here, we'll ! // report all those that are invalid at the same time... ! $invalid = array(); ! if (!isset($tid) || !is_numeric($tid)) { ! $invalid[] = 'item ID'; ! } ! if (!isset($name) || !is_string($name)) { ! $invalid[] = 'name'; ! } ! if (!isset($number) || !is_numeric($number)) { ! $invalid[] = 'number'; ! } ! if (count($invalid) > 0) { ! $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', ! join(', ',$invalid), 'admin', 'update', 'Example'); ! pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', ! new SystemException($msg)); return false; } *************** *** 228,233 **** // message is posted and the function returns if (!pnModAPILoad('template', 'user')) { ! $output->Text(_LOADFAILED); ! return $output->GetOutput(); } --- 299,307 ---- // message is posted and the function returns if (!pnModAPILoad('template', 'user')) { ! $msg = pnML('Unable to load #(1) #(2) API', ! 'Template','user'); ! pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', ! new SystemException($msg)); ! return false; } *************** *** 242,247 **** if ($item == false) { ! $output->Text(_TEMPLATENOSUCHITEM); ! return $output->GetOutput(); } --- 316,324 ---- if ($item == false) { ! $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', ! 'item ID', 'user', 'get', 'Example'); ! pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', ! new SystemException($msg)); ! return false; } *************** *** 258,270 **** // edit areas to which they do not have suitable access if (!pnSecAuthAction(0, 'Template::Item', "$item[name]::$tid", ACCESS_EDIT)) { ! pnSessionSetVar('errormsg', _TEMPLATENOAUTH); return false; } if (!pnSecAuthAction(0, 'Template::Item', "$name::$tid", ACCESS_EDIT)) { ! pnSessionSetVar('errormsg', _TEMPLATENOAUTH); return false; } ! // Get datbase setup - note that both pnDBGetConn() and pnDBGetTables() // return arrays but we handle them differently. For pnDBGetConn() // we currently just want the first item, which is the official --- 335,353 ---- // edit areas to which they do not have suitable access if (!pnSecAuthAction(0, 'Template::Item', "$item[name]::$tid", ACCESS_EDIT)) { ! $msg = pnML('Not authorized to edit #(1) item #(2)', ! 'Example', pnVarPrepForStore($tid)); ! pnExceptionSet(PN_USER_EXCEPTION, 'NO_PERMISSION', ! new SystemException($msg)); return false; } if (!pnSecAuthAction(0, 'Template::Item', "$name::$tid", ACCESS_EDIT)) { ! $msg = pnML('Not authorized to edit #(1) item #(2)', ! 'Example', pnVarPrepForStore($tid)); ! pnExceptionSet(PN_USER_EXCEPTION, 'NO_PERMISSION', ! new SystemException($msg)); return false; } ! // Get database setup - note that both pnDBGetConn() and pnDBGetTables() // return arrays but we handle them differently. For pnDBGetConn() // we currently just want the first item, which is the official *************** *** 292,296 **** // appropriate error message and return if ($dbconn->ErrorNo() != 0) { ! pnSessionSetVar('errormsg', _DELETEFAILED); return false; } --- 375,389 ---- // appropriate error message and return if ($dbconn->ErrorNo() != 0) { ! // Hint : for debugging SQL queries, you can use $dbconn->ErrorMsg() ! // to retrieve the actual database error message, and use e.g. the ! // following message : ! // $msg = pnML('Database error #(1) in query #(2) for #(3) function ' . ! // '#(4)() in module #(5)', ! // $dbconn->ErrorMsg(), $sql, 'admin', 'update', 'Example'); ! // Don't use that for release versions, though... ! $msg = pnML('Database error for #(1) function #(2)() in module #(3)', ! 'admin', 'update', 'Example'); ! pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', ! new SystemException($msg)); return false; } Index: pnuserapi.php =================================================================== RCS file: /home/cvsroot/postnuke_official/html/modules/template/pnuserapi.php,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** pnuserapi.php 1 Aug 2002 21:10:51 -0000 1.8 --- pnuserapi.php 2 Aug 2002 21:56:40 -0000 1.9 *************** *** 50,59 **** // Argument check - make sure that all required arguments are present and ! // in the expected format, if not then set an appropriate error message // and return ! if ((!isset($startnum) || !is_numeric($startnum)) || ! (!isset($numitems) || !is_numeric($numitems))) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', ! 'startnum or numitems', 'user', 'getall', 'Example'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); --- 50,67 ---- // Argument check - make sure that all required arguments are present and ! // in the right format, if not then set an appropriate error message // and return ! // Note : since we have several arguments we want to check here, we'll ! // report all those that are invalid at the same time... ! $invalid = array(); ! if (!isset($startnum) || !is_numeric($startnum)) { ! $invalid[] = 'startnum'; ! } ! if (!isset($numitems) || !is_numeric($numitems)) { ! $invalid[] = 'numitems'; ! } ! if (count($invalid) > 0) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', ! join(', ',$invalid), 'user', 'getall', 'Example'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); *************** *** 137,140 **** --- 145,150 ---- /** * get a specific item + * + * @author the Example module development team * @param $args['tid'] id of example item to get * @returns array *************** *** 151,155 **** // Argument check - make sure that all required arguments are present and ! // in the expected format, if not then set an appropriate error message // and return if (!isset($tid) || !is_numeric($tid)) { --- 161,165 ---- // Argument check - make sure that all required arguments are present and ! // in the right format, if not then set an appropriate error message // and return if (!isset($tid) || !is_numeric($tid)) { *************** *** 237,242 **** --- 247,255 ---- /** * utility function to count the number of items held by this module + * + * @author the Example module development team * @returns integer * @return number of items held by this module + * @raise DATABASE_ERROR */ function template_userapi_countitems() *************** *** 333,336 **** --- 346,351 ---- /** * return the path for a short URL to pnModURL for this module + * + * @author the Example module development team * @param $args the function and arguments passed to pnModURL * @returns string *************** *** 435,438 **** --- 450,455 ---- * extract function and arguments from short URLs for this module, and pass * them back to pnGetRequestInfo() + * + * @author the Example module development team * @param $params array containing the different elements of the virtual path * @returns array
View Statistics - Next Notice - Previous Notice
Visit Developer Site - Browse CVS Repository |
Syndicate via backend.rss (max. once per hour please) | Powered by CVSNotice 0.1.3 |