diff options
| author | Michael Tänzer <neo@nhng.de> | 2014-04-02 01:02:23 +0200 |
|---|---|---|
| committer | Michael Tänzer <neo@nhng.de> | 2014-04-02 01:02:23 +0200 |
| commit | efcc291e3a7e1413bf6340ba76ae1ae11b62b05f (patch) | |
| tree | 7d26811f09099b7648af0863412725192f68b356 /pages | |
| parent | d44ae6a04770b7abb0bcf2784b16fdcddc9ad9ac (diff) | |
| download | cacert-devel-efcc291e3a7e1413bf6340ba76ae1ae11b62b05f.tar.gz cacert-devel-efcc291e3a7e1413bf6340ba76ae1ae11b62b05f.tar.xz cacert-devel-efcc291e3a7e1413bf6340ba76ae1ae11b62b05f.zip | |
bug 1138: Error handling when inserting to the admin log
Signed-off-by: Michael Tänzer <neo@nhng.de>
Diffstat (limited to 'pages')
| -rw-r--r-- | pages/account/43.php | 36 | ||||
| -rw-r--r-- | pages/account/59.php | 7 |
2 files changed, 31 insertions, 12 deletions
diff --git a/pages/account/43.php b/pages/account/43.php index b055add..b4f2465 100644 --- a/pages/account/43.php +++ b/pages/account/43.php @@ -127,16 +127,20 @@ if(intval($_REQUEST['userid']) > 0) { //deletes an assurance if(array_key_exists('assurance',$_REQUEST) && $_REQUEST['assurance'] > 0 && $ticketvalidation == true) { - $assurance = mysql_escape_string(intval($_REQUEST['assurance'])); - $trow = 0; - $res = mysql_query("select `to` from `notary` where `id`='$assurance'"); - if ($res) { - $trow = mysql_fetch_assoc($res); - } - mysql_query("update `notary` set `deleted`=NOW() where `id`='$assurance'"); - if ($trow) { - fix_assurer_flag($trow['to']); - write_se_log($userid, $_SESSION['profile']['id'], 'SE assurance revoke', $ticketno); + if (!write_se_log($userid, $_SESSION['profile']['id'], 'SE assurance revoke', $ticketno)) { + $ticketmsg=_("Writing to the admin log failed. Can't continue."); + } else { + $assurance = mysql_escape_string(intval($_REQUEST['assurance'])); + $trow = 0; + $res = mysql_query("select `to` from `notary` where `id`='$assurance'"); + if ($res) { + $trow = mysql_fetch_assoc($res); + } + + mysql_query("update `notary` set `deleted`=NOW() where `id`='$assurance'"); + if ($trow) { + fix_assurer_flag($trow['to']); + } } } elseif(array_key_exists('assurance',$_REQUEST) && $_REQUEST['assurance'] > 0 && $ticketvalidation == FALSE) { $ticketmsg=_('No assurance revoked. Ticket number is missing!'); @@ -314,7 +318,16 @@ if(intval($_REQUEST['userid']) > 0) { <? // This is intensionally a $_GET for audit purposes. DO NOT CHANGE!!! if(array_key_exists('showlostpw',$_GET) && $_GET['showlostpw'] == "yes" && $ticketvalidation==true) { - write_se_log($userid, $_SESSION['profile']['id'], 'SE view lost password information', $ticketno); + if (!write_se_log($userid, $_SESSION['profile']['id'], 'SE view lost password information', $ticketno)) { + ?> + <tr> + <td class="DataTD" colspan="2"><?=_("Writing to the admin log failed. Can't continue.")?></td> + </tr> + <tr> + <td class="DataTD" colspan="2"><a href="account.php?id=43&userid=<?=$row['id']?>&showlostpw=yes&ticketno=<?=$ticketno?>"><?=_("Show Lost Password Details")?></a></td> + </tr> + <? + } else { ?> <tr> <td class="DataTD"><?=_("Lost Password")?> - Q1:</td> @@ -357,6 +370,7 @@ if(intval($_REQUEST['userid']) > 0) { <td class="DataTD"><?=sanitizeHTML($row['A5'])?></td> </tr> <? + } } elseif (array_key_exists('showlostpw',$_GET) && $_GET['showlostpw'] == "yes" && $ticketvalidation==false) { ?> <tr> diff --git a/pages/account/59.php b/pages/account/59.php index ae9ec09..e9643d0 100644 --- a/pages/account/59.php +++ b/pages/account/59.php @@ -52,7 +52,12 @@ if (!valid_ticket_number($ticketno) && $support == 1) { exit; } if ( $support == 1) { - write_se_log($userid, $_SESSION['profile']['id'], 'SE View account history', $_REQUEST['ticketno']); + if (!write_se_log($userid, $_SESSION['profile']['id'], 'SE View account history', $_REQUEST['ticketno'])) { + echo _("Writing to the admin log failed. Can't continue."); + printf('<br/><a href="account.php?id=43&userid=' . intval($_REQUEST['userid']) . '">' . _('Back to previous page.') .'</a>'); + showfooter(); + exit; + } } ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> |