diff options
Diffstat (limited to 'application/modules/user/controllers/BootisoController.php')
-rw-r--r-- | application/modules/user/controllers/BootisoController.php | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/application/modules/user/controllers/BootisoController.php b/application/modules/user/controllers/BootisoController.php index 8f61838..b94404f 100644 --- a/application/modules/user/controllers/BootisoController.php +++ b/application/modules/user/controllers/BootisoController.php @@ -190,6 +190,9 @@ class user_BootisoController extends Zend_Controller_Action $this->_redirect('/user/bootiso/index/modifyresult/forbidden'); $bootisoID = $this->_request->getParam('bootisoID'); + if (!is_numeric($bootisoID)) + $this->_redirect('/user/bootiso/index/modifyresult/forbidden'); + $groupID = $this->membership->getGroupID(); $prebootMapper = new Application_Model_PreBootMapper(); @@ -200,9 +203,6 @@ class user_BootisoController extends Zend_Controller_Action if (!isset($_POST["editbootiso"])){ - if (!is_numeric($bootisoID)) - $this->_redirect('/user/bootiso/index/modifyresult/forbidden'); - $bootiso = new Application_Model_BootIso(); $this->bootisoMapper->find($bootisoID, $bootiso); @@ -219,7 +219,6 @@ class user_BootisoController extends Zend_Controller_Action $bootisoold = new Application_Model_BootIso(); $this->bootisoMapper->find($bootisoID, $bootisoold); - $bootiso = new Application_Model_BootIso($_POST); $bootiso->setMembershipID($this->membership->getID()); @@ -233,10 +232,11 @@ class user_BootisoController extends Zend_Controller_Action $bootiso->getPublic() != $bootisoold->getPublic() || $bootiso->getSerialnumber() != $bootisoold->getSerialnumber()){ //TODO ACL Is he allowed to edit other than Metadata? - if(false) - $this->_redirect('/user/preboot/index/modifyresult/forbidden'); + if(true) + $this->_redirect('/user/bootiso/index/modifyresult/forbidden'); } + try { $zip = new ZipArchive(); $res = $zip->open("../resources/bootmedium/$prebootID/$bootisoID".".zip"); |