summaryrefslogtreecommitdiff
path: root/pages
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2014-04-02 01:02:23 +0200
committerMichael Tänzer <neo@nhng.de>2014-04-02 01:02:23 +0200
commitefcc291e3a7e1413bf6340ba76ae1ae11b62b05f (patch)
tree7d26811f09099b7648af0863412725192f68b356 /pages
parentd44ae6a04770b7abb0bcf2784b16fdcddc9ad9ac (diff)
downloadcacert-devel-efcc291e3a7e1413bf6340ba76ae1ae11b62b05f.tar.gz
cacert-devel-efcc291e3a7e1413bf6340ba76ae1ae11b62b05f.tar.xz
cacert-devel-efcc291e3a7e1413bf6340ba76ae1ae11b62b05f.zip
bug 1138: Error handling when inserting to the admin log
Signed-off-by: Michael Tänzer <neo@nhng.de>
Diffstat (limited to 'pages')
-rw-r--r--pages/account/43.php36
-rw-r--r--pages/account/59.php7
2 files changed, 31 insertions, 12 deletions
diff --git a/pages/account/43.php b/pages/account/43.php
index b055add..b4f2465 100644
--- a/pages/account/43.php
+++ b/pages/account/43.php
@@ -127,16 +127,20 @@ if(intval($_REQUEST['userid']) > 0) {
//deletes an assurance
if(array_key_exists('assurance',$_REQUEST) && $_REQUEST['assurance'] > 0 && $ticketvalidation == true)
{
- $assurance = mysql_escape_string(intval($_REQUEST['assurance']));
- $trow = 0;
- $res = mysql_query("select `to` from `notary` where `id`='$assurance'");
- if ($res) {
- $trow = mysql_fetch_assoc($res);
- }
- mysql_query("update `notary` set `deleted`=NOW() where `id`='$assurance'");
- if ($trow) {
- fix_assurer_flag($trow['to']);
- write_se_log($userid, $_SESSION['profile']['id'], 'SE assurance revoke', $ticketno);
+ if (!write_se_log($userid, $_SESSION['profile']['id'], 'SE assurance revoke', $ticketno)) {
+ $ticketmsg=_("Writing to the admin log failed. Can't continue.");
+ } else {
+ $assurance = mysql_escape_string(intval($_REQUEST['assurance']));
+ $trow = 0;
+ $res = mysql_query("select `to` from `notary` where `id`='$assurance'");
+ if ($res) {
+ $trow = mysql_fetch_assoc($res);
+ }
+
+ mysql_query("update `notary` set `deleted`=NOW() where `id`='$assurance'");
+ if ($trow) {
+ fix_assurer_flag($trow['to']);
+ }
}
} elseif(array_key_exists('assurance',$_REQUEST) && $_REQUEST['assurance'] > 0 && $ticketvalidation == FALSE) {
$ticketmsg=_('No assurance revoked. Ticket number is missing!');
@@ -314,7 +318,16 @@ if(intval($_REQUEST['userid']) > 0) {
<?
// This is intensionally a $_GET for audit purposes. DO NOT CHANGE!!!
if(array_key_exists('showlostpw',$_GET) && $_GET['showlostpw'] == "yes" && $ticketvalidation==true) {
- write_se_log($userid, $_SESSION['profile']['id'], 'SE view lost password information', $ticketno);
+ if (!write_se_log($userid, $_SESSION['profile']['id'], 'SE view lost password information', $ticketno)) {
+ ?>
+ <tr>
+ <td class="DataTD" colspan="2"><?=_("Writing to the admin log failed. Can't continue.")?></td>
+ </tr>
+ <tr>
+ <td class="DataTD" colspan="2"><a href="account.php?id=43&amp;userid=<?=$row['id']?>&amp;showlostpw=yes&amp;ticketno=<?=$ticketno?>"><?=_("Show Lost Password Details")?></a></td>
+ </tr>
+ <?
+ } else {
?>
<tr>
<td class="DataTD"><?=_("Lost Password")?> - Q1:</td>
@@ -357,6 +370,7 @@ if(intval($_REQUEST['userid']) > 0) {
<td class="DataTD"><?=sanitizeHTML($row['A5'])?></td>
</tr>
<?
+ }
} elseif (array_key_exists('showlostpw',$_GET) && $_GET['showlostpw'] == "yes" && $ticketvalidation==false) {
?>
<tr>
diff --git a/pages/account/59.php b/pages/account/59.php
index ae9ec09..e9643d0 100644
--- a/pages/account/59.php
+++ b/pages/account/59.php
@@ -52,7 +52,12 @@ if (!valid_ticket_number($ticketno) && $support == 1) {
exit;
}
if ( $support == 1) {
- write_se_log($userid, $_SESSION['profile']['id'], 'SE View account history', $_REQUEST['ticketno']);
+ if (!write_se_log($userid, $_SESSION['profile']['id'], 'SE View account history', $_REQUEST['ticketno'])) {
+ echo _("Writing to the admin log failed. Can't continue.");
+ printf('<br/><a href="account.php?id=43&amp;userid=' . intval($_REQUEST['userid']) . '">' . _('Back to previous page.') .'</a>');
+ showfooter();
+ exit;
+ }
}
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">