To use pkgbase_edit_comment() from within the RPC interface, no longer hardcode a specific POST variable, but use a parameter that defines the comment ID. Move the check for the existence of the POST variable to pkgbase.php.
Signed-off-by: Marcel Korpel <[email protected]> --- web/html/pkgbase.php | 8 +++++--- web/lib/pkgbasefuncs.inc.php | 8 +------- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/web/html/pkgbase.php b/web/html/pkgbase.php index 1581869..e025459 100644 --- a/web/html/pkgbase.php +++ b/web/html/pkgbase.php @@ -111,9 +111,11 @@ if (check_token()) { $ret = true; $fragment = '#news'; } elseif (current_action("do_EditComment")) { - list($ret, $output) = pkgbase_edit_comment($_REQUEST['comment']); - if ($ret && isset($_POST["comment_id"])) { - $fragment = '#comment-' . intval($_POST["comment_id"]); + if (isset($_POST["comment_id"])) { + list($ret, $output) = pkgbase_edit_comment($_REQUEST['comment'], $_POST["comment_id"]); + if ($ret) { + $fragment = '#comment-' . intval($_POST["comment_id"]); + } } } diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php index 6057d10..a210969 100644 --- a/web/lib/pkgbasefuncs.inc.php +++ b/web/lib/pkgbasefuncs.inc.php @@ -848,18 +848,12 @@ function pkgbase_delete_comment() { * * @return array Tuple of success/failure indicator and error message */ -function pkgbase_edit_comment($comment) { +function pkgbase_edit_comment($comment, $comment_id) { $uid = uid_from_sid($_COOKIE["AURSID"]); if (!$uid) { return array(false, __("You must be logged in before you can edit package information.")); } - if (isset($_POST["comment_id"])) { - $comment_id = $_POST["comment_id"]; - } else { - return array(false, __("Missing comment ID.")); - } - $dbh = DB::connect(); if (can_edit_comment($comment_id)) { $q = "UPDATE PackageComments "; -- 2.4.6
