external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 09:43:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix deletion abilities such that:

Browse source 
TUs and DEVs may delete any package in unsupported
Otherwise only package maintainers may delete their own
This commit is contained in:
simo 2005-06-07 21:32:07 +00:00
parent 726a3a3b93
commit dd885424d7
1 changed files with 8 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

10
web/html/packages.php
View file

@ -202,8 +202,14 @@ if (isset($_REQUEST["do_Flag"])) {
$q.= "WHERE Packages.ID IN (" . $delete . ") ";
$q.= "AND Packages.LocationID = PackageLocations.ID ";
$q.= "AND PackageLocations.Location = 'unsupported' ";
$q.= "AND $field IN (0, " . uid_from_sid($_COOKIE["AURSID"]) . ")";
$result = db_query($q, $dbh);
# If they're a TU or dev, can always delete, otherwise check ownership
#
if ($atype == "Trusted User" || $atype == "Developer") {
$result = db_query($q, $dbh);
} else {
$q.= "AND $field IN (0, " . uid_from_sid($_COOKIE["AURSID"]) . ")";
$result = db_query($q, $dbh);
}
if ($result != Null && mysql_num_rows($result) > 0) {
while ($row = mysql_fetch_assoc($result)) {
$ids_to_delete[] = $row['ID'];