appdb/ ./testResults.php include/version.php - wine-commits

16 Jul 2006

ChangeSet ID:	26551
CVSROOT:	/opt/cvs-commit
Module name:	appdb
Changes by:	wineowner@winehq.org	2006/07/16 00:39:56
Modified files:
    .              : testResults.php 
    include        : version.php
Log message:
    Tony Lambregts tony.lambregts@gmail.com
    Stop allowing anonymous test results
Patch: http://cvs.winehq.org/patch.py?id=26551
Old revision  New revision  Changes     Path
 1.15          1.16          +4 -0       appdb/testResults.php
 1.77          1.78          +12 -4      appdb/include/version.php
Index: appdb/testResults.php
diff -u -p appdb/testResults.php:1.15 appdb/testResults.php:1.16

--- appdb/testResults.php:1.15	16 Jul 2006  5:39:56 -0000
+++ appdb/testResults.php	16 Jul 2006  5:39:56 -0000
@@ -18,6 +18,10 @@ $aClean['iVersionId'] = makeSafe($_REQUE
 $aClean['iDistributionId'] = makeSafe($_REQUEST['iDistributionId']);
 $aClean['sDistribution'] = makeSafe($_REQUEST['sDistribution']);
+//deny access if not logged on
+if(!$_SESSION['current']->isLoggedIn())
+    util_show_error_page_and_exit("Insufficient privileges to create test results.  Are you sure you are logged in?");
+
if ($aClean['sSub'])
 {
Index: appdb/include/version.php
diff -u -p appdb/include/version.php:1.77 appdb/include/version.php:1.78
--- appdb/include/version.php:1.77	16 Jul 2006  5:39:56 -0000
+++ appdb/include/version.php	16 Jul 2006  5:39:56 -0000
@@ -802,10 +802,18 @@ class Version {
             $oTest->ShowVersionsTestingTable($_SERVER['PHP_SELF']."?iVersionId=".$this->iVersionId."&iTestingId=",
                                              5);
         }
-        echo '<form method=post name=sMessage action=testResults.php?sSub=view&iVersionId='.$this->iVersionId.'>';
-        echo '<input type=submit value="Add Testing Data" class="button" />';
-        echo '</form>';
-
+        if($_SESSION['current']->isLoggedIn())
+        {
+            echo '<form method=post name=sMessage action=testResults.php?sSub=view&iVersionId='.$this->iVersionId.'>';
+            echo '<input type=submit value="Add Testing Data" class="button" />';
+            echo '</form>';
+        } else
+        {
+            echo '<form method="post" name="sMessage" action="account.php">';
+            echo '<input type="hidden" name="sCmd" value="login">';
+            echo '<input type=submit value="Log in add Testing Data" class="button">';
+            echo '</form>';
+        }
         echo "</td></tr>";
/* close the table */

    