diff options
| author | Georg Ehrke <dev@georgswebsite.de> | 2012-04-12 23:15:19 -0400 |
|---|---|---|
| committer | Georg Ehrke <dev@georgswebsite.de> | 2012-04-12 23:15:19 -0400 |
| commit | df2e788a1c29648d5d01f02166eef6cfb5a526c0 (patch) | |
| tree | ea66f507aaa9b6236691fc4e6f063d3e4c4e9006 /apps/calendar | |
| parent | a7908ba76bd1b973a180eef4adbebbf2d9a1364f (diff) | |
| download | nextcloud-server-df2e788a1c29648d5d01f02166eef6cfb5a526c0.tar.gz nextcloud-server-df2e788a1c29648d5d01f02166eef6cfb5a526c0.zip | |
fix calendarid in eventform and validation of calendarid
Diffstat (limited to 'apps/calendar')
| -rw-r--r-- | apps/calendar/ajax/event/edit.form.php | 2 | ||||
| -rw-r--r-- | apps/calendar/lib/object.php | 5 | ||||
| -rw-r--r-- | apps/calendar/lib/share.php | 10 | ||||
| -rw-r--r-- | apps/calendar/templates/part.eventform.php | 2 |
4 files changed, 8 insertions, 11 deletions
diff --git a/apps/calendar/ajax/event/edit.form.php b/apps/calendar/ajax/event/edit.form.php index 6783462eaf1..8db0ba79406 100644 --- a/apps/calendar/ajax/event/edit.form.php +++ b/apps/calendar/ajax/event/edit.form.php @@ -195,6 +195,8 @@ if($data['repeating'] == 1){ } if($access == 'owner'){ $calendar_options = OC_Calendar_Calendar::allCalendars(OC_User::getUser()); +}else{ + $calendar_options = array(OC_Calendar_App::getCalendar($data['calendarid'], false)); } $category_options = OC_Calendar_App::getCategoryOptions(); $repeat_options = OC_Calendar_App::getRepeatOptions(); diff --git a/apps/calendar/lib/object.php b/apps/calendar/lib/object.php index 8cd25bca00c..ab005bd4a4a 100644 --- a/apps/calendar/lib/object.php +++ b/apps/calendar/lib/object.php @@ -451,11 +451,6 @@ class OC_Calendar_Object{ $errarr['title'] = 'true'; $errnum++; } - $calendar = OC_Calendar_App::getCalendar($request['calendar'], true, true); - if(!$calendar){ - $errarr['cal'] = 'true'; - $errnum++; - } if(isset($request['categories']) && !is_array($request['categories'])){ $errarr['categories'] = $l10n->t('Not an array'); diff --git a/apps/calendar/lib/share.php b/apps/calendar/lib/share.php index 40f220fcaab..0c656f2d6ee 100644 --- a/apps/calendar/lib/share.php +++ b/apps/calendar/lib/share.php @@ -211,17 +211,17 @@ class OC_Calendar_Share{ */ public static function check_access($share, $id, $type){ $group_where = self::group_sql(OC_Group::getUserGroups($share)); - $stmt = OC_DB::prepare('SELECT * FROM *PREFIX*calendar_share_' . $type . ' WHERE ((share = ? AND sharetype = "user") ' . $group_where . ')'); - $result = $stmt->execute(array($share)); + $stmt = OC_DB::prepare('SELECT * FROM *PREFIX*calendar_share_' . $type . ' WHERE (' . $type . 'id = ? AND (share = ? AND sharetype = "user") ' . $group_where . ')'); + $result = $stmt->execute(array($id,$share)); $rows = $result->numRows(); if($rows > 0){ return true; - } - if($type == self::EVENT){ + }elseif($type == self::EVENT){ $event = OC_Calendar_App::getEventObject($id, false, false); return self::check_access($share, $event['calendarid'], self::CALENDAR); + }else{ + return false; } - return false; } /* * @brief: returns the calendardata of an event or a calendar diff --git a/apps/calendar/templates/part.eventform.php b/apps/calendar/templates/part.eventform.php index 36c741b3a39..05e37243a19 100644 --- a/apps/calendar/templates/part.eventform.php +++ b/apps/calendar/templates/part.eventform.php @@ -44,7 +44,7 @@ echo 'Calendar.UI.Share.idtype = "event";' . "\n" . 'Calendar.UI.Share.currentid <?php } else { ?> <th width="75px"> </th> <td> - <input type="hidden" name="calendar" value="<?php echo $_['calendar']; ?>"> + <input type="hidden" name="calendar" value="<?php echo $_['calendar_options'][0]['id']; ?>"> </td> <?php } ?> </tr> |