diff options
author | Brion Vibber <brion@pobox.com> | 2010-10-08 10:33:43 -0700 |
---|---|---|
committer | Brion Vibber <brion@pobox.com> | 2010-10-08 10:33:43 -0700 |
commit | f62e7c461f2fb4fcdc91b125072be953fc09fbe2 (patch) | |
tree | 7057431b5e23cfd0e684468b459f4467e180d1fa | |
parent | 06c4212bd4db8815b3f91e5eab3a079784738ae3 (diff) |
Fix PHP fatal error in DeletenoticeAction: died when we had a valid notice, but weren't logged in due to accessing $this->user before the login check. Moved check up to prepare() from handle() so it's done before usage
-rw-r--r-- | actions/deletenotice.php | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/actions/deletenotice.php b/actions/deletenotice.php index 68c43040b..2879faa5d 100644 --- a/actions/deletenotice.php +++ b/actions/deletenotice.php @@ -45,6 +45,12 @@ class DeletenoticeAction extends Action parent::prepare($args); $this->user = common_current_user(); + + if (!$this->user) { + common_user_error(_('Not logged in.')); + exit; + } + $notice_id = $this->trimmed('notice'); $this->notice = Notice::staticGet($notice_id); @@ -63,10 +69,7 @@ class DeletenoticeAction extends Action { parent::handle($args); - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - exit; - } else if ($this->notice->profile_id != $this->user_profile->id && + if ($this->notice->profile_id != $this->user_profile->id && !$this->user->hasRight(Right::DELETEOTHERSNOTICE)) { common_user_error(_('Can\'t delete this notice.')); exit; |