diff options
| author | Cesar G <prototech91@gmail.com> | 2013-12-06 12:50:16 -0800 |
|---|---|---|
| committer | Cesar G <prototech91@gmail.com> | 2013-12-06 13:02:11 -0800 |
| commit | 3ccc8add10b4a6d915d3edbb3075351301277aab (patch) | |
| tree | ac3f37f20ad27e3143046e2242ef680e5154325f /phpBB/includes/acp/acp_permission_roles.php | |
| parent | 823d2b697a9bcec96f4ef841a77bfe900ce530f4 (diff) | |
| download | forums-3ccc8add10b4a6d915d3edbb3075351301277aab.tar forums-3ccc8add10b4a6d915d3edbb3075351301277aab.tar.gz forums-3ccc8add10b4a6d915d3edbb3075351301277aab.tar.bz2 forums-3ccc8add10b4a6d915d3edbb3075351301277aab.tar.xz forums-3ccc8add10b4a6d915d3edbb3075351301277aab.zip | |
[ticket/12038] Do not rely on stale order value to move items.
This makes it possible to move the items more than once with AJAX.
PHPBB3-12038
Diffstat (limited to 'phpBB/includes/acp/acp_permission_roles.php')
| -rw-r--r-- | phpBB/includes/acp/acp_permission_roles.php | 37 |
1 files changed, 19 insertions, 18 deletions
diff --git a/phpBB/includes/acp/acp_permission_roles.php b/phpBB/includes/acp/acp_permission_roles.php index 21729df4f1..b5b838faad 100644 --- a/phpBB/includes/acp/acp_permission_roles.php +++ b/phpBB/includes/acp/acp_permission_roles.php @@ -47,6 +47,11 @@ class acp_permission_roles $form_name = 'acp_permissions'; add_form_key($form_name); + if (!$role_id && in_array($action, array('remove', 'edit', 'move_up', 'move_down'))) + { + trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); + } + switch ($mode) { case 'admin_roles': @@ -86,11 +91,6 @@ class acp_permission_roles { case 'remove': - if (!$role_id) - { - trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); - } - $sql = 'SELECT * FROM ' . ACL_ROLES_TABLE . ' WHERE role_id = ' . $role_id; @@ -124,10 +124,6 @@ class acp_permission_roles break; case 'edit': - if (!$role_id) - { - trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); - } // Get role we edit $sql = 'SELECT * @@ -274,12 +270,7 @@ class acp_permission_roles case 'edit': if ($action == 'edit') - { - if (!$role_id) - { - trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); - } - + { $sql = 'SELECT * FROM ' . ACL_ROLES_TABLE . ' WHERE role_id = ' . $role_id; @@ -367,7 +358,17 @@ class acp_permission_roles case 'move_up': case 'move_down': - $order = request_var('order', 0); + $sql = 'SELECT role_order + FROM ' . ACL_ROLES_TABLE . " + WHERE role_id = $role_id"; + $result = $db->sql_query($sql); + $order = $db->sql_fetchfield('role_order'); + + if ($order === false || ($order == 0 && $action == 'move_up')) + { + break; + } + $order = (int) $order; $order_total = $order * 2 + (($action == 'move_up') ? -1 : 1); $sql = 'UPDATE ' . ACL_ROLES_TABLE . ' @@ -430,8 +431,8 @@ class acp_permission_roles 'U_EDIT' => $this->u_action . '&action=edit&role_id=' . $row['role_id'], 'U_REMOVE' => $this->u_action . '&action=remove&role_id=' . $row['role_id'], - 'U_MOVE_UP' => $this->u_action . '&action=move_up&order=' . $row['role_order'], - 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&order=' . $row['role_order'], + 'U_MOVE_UP' => $this->u_action . '&action=move_up&role_id=' . $row['role_id'], + 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&role_id=' . $row['role_id'], 'U_DISPLAY_ITEMS' => ($row['role_id'] == $display_item) ? '' : $this->u_action . '&display_item=' . $row['role_id'] . '#assigned_to') ); |