Petites sécurités blgo & wiki
This commit is contained in:
leosw
@@ -103,6 +103,8 @@ class BlogArticle
|
||||
$con = pg_connect("host=".$config['SQL_host']." dbname=".$config['SQL_db']." user=".$config['SQL_user']." password=".$config['SQL_pass'])
|
||||
or die ("Could not connect to server\n");
|
||||
|
||||
pg_query($con, "BEGIN");
|
||||
|
||||
$query = "UPDATE content_versions SET is_archive = TRUE WHERE locale_id = $1";
|
||||
|
||||
pg_prepare($con, "prepare1", $query)
|
||||
@@ -136,6 +138,8 @@ class BlogArticle
|
||||
pg_execute($con, "prepare4", array($this->is_commentable ? 't' : 'f', $this->content_id))
|
||||
or die ("Cannot prepare statement\n");
|
||||
|
||||
pg_query($con, "COMMIT");
|
||||
|
||||
pg_close($con);
|
||||
|
||||
error_log(
|
||||
@@ -204,6 +208,8 @@ class BlogArticle
|
||||
$con = pg_connect("host=".$config['SQL_host']." dbname=".$config['SQL_db']." user=".$config['SQL_user']." password=".$config['SQL_pass'])
|
||||
or die ("Could not connect to server\n");
|
||||
|
||||
pg_query($con, "BEGIN");
|
||||
|
||||
$query = "INSERT INTO contents (permalink, creation_date, is_public, is_commentable, type) VALUES
|
||||
($1, $2, TRUE, $3, 'blog') RETURNING id";
|
||||
|
||||
@@ -244,6 +250,8 @@ class BlogArticle
|
||||
$result = pg_execute($con, "prepare4", array($this->locale_id, $user->id))
|
||||
or die ("Cannot execute statement\n");
|
||||
|
||||
pg_query($con, "COMMIT");
|
||||
|
||||
pg_close($con);
|
||||
|
||||
error_log(
|
||||
|
||||
@@ -102,6 +102,8 @@ class WikiPage
|
||||
$con = pg_connect("host=".$config['SQL_host']." dbname=".$config['SQL_db']." user=".$config['SQL_user']." password=".$config['SQL_pass'])
|
||||
or die ("Could not connect to server\n");
|
||||
|
||||
pg_query($con, "BEGIN");
|
||||
|
||||
$query = "UPDATE content_versions SET is_archive = TRUE WHERE locale_id = $1";
|
||||
|
||||
pg_prepare($con, "prepare1", $query)
|
||||
@@ -129,6 +131,8 @@ class WikiPage
|
||||
$result = pg_execute($con, "prepare3", array($this->locale_id, $user->id))
|
||||
or die ("Cannot execute statement\n");
|
||||
|
||||
pg_query($con, "COMMIT");
|
||||
|
||||
pg_close($con);
|
||||
|
||||
error_log(
|
||||
@@ -197,6 +201,8 @@ class WikiPage
|
||||
$con = pg_connect("host=".$config['SQL_host']." dbname=".$config['SQL_db']." user=".$config['SQL_user']." password=".$config['SQL_pass'])
|
||||
or die ("Could not connect to server\n");
|
||||
|
||||
pg_query($con, "BEGIN");
|
||||
|
||||
$query = "INSERT INTO contents (permalink, creation_date, is_public, is_commentable, type) VALUES
|
||||
($1, $2, TRUE, FALSE, 'wiki') RETURNING id";
|
||||
|
||||
@@ -237,6 +243,8 @@ class WikiPage
|
||||
$result = pg_execute($con, "prepare4", array($this->locale_id, $user->id))
|
||||
or die ("Cannot execute statement\n");
|
||||
|
||||
pg_query($con, "COMMIT");
|
||||
|
||||
pg_close($con);
|
||||
|
||||
error_log(
|
||||
|
||||
Reference in New Issue
Block a user