aboutsummaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
authorGeorg Ehrke <dev@georgswebsite.de>2012-04-12 23:15:19 -0400
committerGeorg Ehrke <dev@georgswebsite.de>2012-04-12 23:15:19 -0400
commitdf2e788a1c29648d5d01f02166eef6cfb5a526c0 (patch)
treeea66f507aaa9b6236691fc4e6f063d3e4c4e9006 /apps
parenta7908ba76bd1b973a180eef4adbebbf2d9a1364f (diff)
downloadnextcloud-server-df2e788a1c29648d5d01f02166eef6cfb5a526c0.tar.gz
nextcloud-server-df2e788a1c29648d5d01f02166eef6cfb5a526c0.zip
fix calendarid in eventform and validation of calendarid
Diffstat (limited to 'apps')
-rw-r--r--apps/calendar/ajax/event/edit.form.php2
-rw-r--r--apps/calendar/lib/object.php5
-rw-r--r--apps/calendar/lib/share.php10
-rw-r--r--apps/calendar/templates/part.eventform.php2
4 files changed, 8 insertions, 11 deletions
diff --git a/apps/calendar/ajax/event/edit.form.php b/apps/calendar/ajax/event/edit.form.php
index 6783462eaf1..8db0ba79406 100644
--- a/apps/calendar/ajax/event/edit.form.php
+++ b/apps/calendar/ajax/event/edit.form.php
@@ -195,6 +195,8 @@ if($data['repeating'] == 1){
}
if($access == 'owner'){
$calendar_options = OC_Calendar_Calendar::allCalendars(OC_User::getUser());
+}else{
+ $calendar_options = array(OC_Calendar_App::getCalendar($data['calendarid'], false));
}
$category_options = OC_Calendar_App::getCategoryOptions();
$repeat_options = OC_Calendar_App::getRepeatOptions();
diff --git a/apps/calendar/lib/object.php b/apps/calendar/lib/object.php
index 8cd25bca00c..ab005bd4a4a 100644
--- a/apps/calendar/lib/object.php
+++ b/apps/calendar/lib/object.php
@@ -451,11 +451,6 @@ class OC_Calendar_Object{
$errarr['title'] = 'true';
$errnum++;
}
- $calendar = OC_Calendar_App::getCalendar($request['calendar'], true, true);
- if(!$calendar){
- $errarr['cal'] = 'true';
- $errnum++;
- }
if(isset($request['categories']) && !is_array($request['categories'])){
$errarr['categories'] = $l10n->t('Not an array');
diff --git a/apps/calendar/lib/share.php b/apps/calendar/lib/share.php
index 40f220fcaab..0c656f2d6ee 100644
--- a/apps/calendar/lib/share.php
+++ b/apps/calendar/lib/share.php
@@ -211,17 +211,17 @@ class OC_Calendar_Share{
*/
public static function check_access($share, $id, $type){
$group_where = self::group_sql(OC_Group::getUserGroups($share));
- $stmt = OC_DB::prepare('SELECT * FROM *PREFIX*calendar_share_' . $type . ' WHERE ((share = ? AND sharetype = "user") ' . $group_where . ')');
- $result = $stmt->execute(array($share));
+ $stmt = OC_DB::prepare('SELECT * FROM *PREFIX*calendar_share_' . $type . ' WHERE (' . $type . 'id = ? AND (share = ? AND sharetype = "user") ' . $group_where . ')');
+ $result = $stmt->execute(array($id,$share));
$rows = $result->numRows();
if($rows > 0){
return true;
- }
- if($type == self::EVENT){
+ }elseif($type == self::EVENT){
$event = OC_Calendar_App::getEventObject($id, false, false);
return self::check_access($share, $event['calendarid'], self::CALENDAR);
+ }else{
+ return false;
}
- return false;
}
/*
* @brief: returns the calendardata of an event or a calendar
diff --git a/apps/calendar/templates/part.eventform.php b/apps/calendar/templates/part.eventform.php
index 36c741b3a39..05e37243a19 100644
--- a/apps/calendar/templates/part.eventform.php
+++ b/apps/calendar/templates/part.eventform.php
@@ -44,7 +44,7 @@ echo 'Calendar.UI.Share.idtype = "event";' . "\n" . 'Calendar.UI.Share.currentid
<?php } else { ?>
<th width="75px">&nbsp;</th>
<td>
- <input type="hidden" name="calendar" value="<?php echo $_['calendar']; ?>">
+ <input type="hidden" name="calendar" value="<?php echo $_['calendar_options'][0]['id']; ?>">
</td>
<?php } ?>
</tr>