diff --git a/account.php b/account.php index f9f25f7..bdde0d6 100644 --- a/account.php +++ b/account.php @@ -59,11 +59,9 @@ function do_account($sCmd = null) $_SESSION['current']->logout(); redirect(apidb_fullurl("index.php")); - exit; } //not valid command, display error page util_show_error_page("Internal Error","This module was called with incorrect parameters"); - exit; } /** diff --git a/addcomment.php b/addcomment.php index 4e91235..b156350 100644 --- a/addcomment.php +++ b/addcomment.php @@ -27,10 +27,7 @@ if(!$_SESSION['current']->isLoggedIn()) } if( !is_numeric($aClean['iVersionId']) ) -{ - util_show_error_page('Internal Database Access Error'); - exit; -} + util_show_error_page('Internal Database Access Error'); if(!is_numeric($aClean['iThread'])) { diff --git a/admin/addAppNote.php b/admin/addAppNote.php index 7e540ba..2acd497 100644 --- a/admin/addAppNote.php +++ b/admin/addAppNote.php @@ -27,7 +27,6 @@ if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isSuperMaintainer($aClean['iAppId'])) { util_show_error_page("Insufficient Privileges!"); - exit; } //set link for version @@ -45,7 +44,6 @@ if($aClean['sSub'] == "Submit") { $oNote->create(); redirect(apidb_fullurl("appview.php?".$sVersionLink)); - exit; } else if($aClean['sSub'] == 'Preview' OR empty($aClean['sSubmit'])) { diff --git a/admin/addCategory.php b/admin/addCategory.php index 3193c5e..a86a324 100644 --- a/admin/addCategory.php +++ b/admin/addCategory.php @@ -12,10 +12,8 @@ $aClean['iParentId'] = makeSafe($_REQUEST['iParentId']); $aClean['sSubmit'] = makeSafe($_REQUEST['sSubmit']); if(!$_SESSION['current']->hasPriv("admin")) -{ util_show_error_page(); - exit; -} + $oCat = new Category($aClean['iCatId']); if($aClean['sSubmit']) { diff --git a/admin/adminAppDataQueue.php b/admin/adminAppDataQueue.php index af187dc..e080b9e 100644 --- a/admin/adminAppDataQueue.php +++ b/admin/adminAppDataQueue.php @@ -20,10 +20,7 @@ $aClean['sReject'] = makeSafe($_REQUEST['sReject']); // deny access if not admin or at least some kind of maintainer if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer()) -{ util_show_error_page("Insufficient privileges."); - exit; -} // shows the list of appdata in queue if (!$aClean['iId']) diff --git a/admin/adminAppQueue.php b/admin/adminAppQueue.php index 3641a0e..09ecd0f 100644 --- a/admin/adminAppQueue.php +++ b/admin/adminAppQueue.php @@ -132,10 +132,8 @@ function display_move_test_to_versions_table($aVersionsIds,$icurrentVersionId) //deny access if not logged in or not a super maintainer of any applications if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isSuperMaintainer()) -{ util_show_error_page("Insufficient privileges."); - exit; -} + $oTest = new testData($aClean['iTestingId']); if ($aClean['sSub']) @@ -144,10 +142,7 @@ if ($aClean['sSub']) { /* make sure the user is authorized to view this application request */ if(!$_SESSION['current']->hasPriv("admin")) - { util_show_error_page("Insufficient privileges."); - exit; - } $oApp = new Application($aClean['iAppId']); @@ -164,10 +159,8 @@ if ($aClean['sSub']) /* make sure the user has permission to view this version */ $oVersion = new Version($aClean['iVersionId']); if(!$_SESSION['current']->hasAppVersionModifyPermission($oVersion)) - { util_show_error_page("Insufficient privileges."); - exit; - } + } else { //error no Id! diff --git a/admin/adminBugs.php b/admin/adminBugs.php index 78855a4..69590fd 100644 --- a/admin/adminBugs.php +++ b/admin/adminBugs.php @@ -22,10 +22,7 @@ $aClean['iPage'] = makeSafe($_REQUEST['iPage']); // deny access if not logged in if(!$_SESSION['current']->hasPriv("admin")) -{ util_show_error_page("Insufficient privileges."); - exit; -} if ($aClean['sSub']) { @@ -40,7 +37,6 @@ if ($aClean['sSub']) $oBuglink->unqueue(); } redirect($_SERVER['PHP_SELF']."?iItemsPerPage=".$aClean['iItemsPerPage']."&sQueuedOnly=".$aClean['sQueuedOnly']."&ipage=".$aClean['iPage']); - exit; } { diff --git a/admin/adminMaintainerQueue.php b/admin/adminMaintainerQueue.php index ca2088c..569daf3 100644 --- a/admin/adminMaintainerQueue.php +++ b/admin/adminMaintainerQueue.php @@ -20,10 +20,8 @@ $aClean['sReject'] = makeSafe( $_REQUEST['sReject'] ); $aClean['sReplyText'] = makeSafe( $_REQUEST['sReplyText'] ); if(!$_SESSION['current']->hasPriv("admin")) -{ util_show_error_page("Insufficient privileges."); - exit; -} + if ($aClean['sSub']) { diff --git a/admin/adminMaintainers.php b/admin/adminMaintainers.php index 309946a..ff48c99 100644 --- a/admin/adminMaintainers.php +++ b/admin/adminMaintainers.php @@ -16,10 +16,7 @@ $aClean['iMaintainerId'] = makeSafe($_REQUEST['iMaintainerId']); // deny access if not logged in if(!$_SESSION['current']->hasPriv("admin")) -{ util_show_error_page("Insufficient privileges."); - exit; -} apidb_header("Admin Maintainers"); echo '
',"\n"; diff --git a/admin/adminScreenshots.php b/admin/adminScreenshots.php index b4e19ad..909d9a5 100644 --- a/admin/adminScreenshots.php +++ b/admin/adminScreenshots.php @@ -21,10 +21,8 @@ $aClean['iVersionId'] = makeSafe($_REQUEST['iVersionId']); // deny access if not admin if(!$_SESSION['current']->hasPriv("admin")) -{ util_show_error_page("Insufficient privileges."); - exit; -} + /* * We issued a delete command. */ @@ -40,8 +38,6 @@ if($aClean['sCmd']) redirect($_SERVER['PHP_SELF']. "?iItemsPerPage=".$aClean['iItemsPerPage']. "&iPage=".$aClean['iPage']); - exit; - } diff --git a/admin/adminTestResults.php b/admin/adminTestResults.php index 1c627e2..4ef26c7 100644 --- a/admin/adminTestResults.php +++ b/admin/adminTestResults.php @@ -21,10 +21,7 @@ if ($aClean['sSub']) $oTest = new testData($aClean['iTestingId']); $oVersion = new Version($oTest->iVersionId); if(!($_SESSION['current']->hasAppVersionModifyPermission($oVersion))) - { util_show_error_page("Insufficient privileges."); - exit; - } if(($aClean['sSub'] == 'Submit') || ($aClean['sSub'] == 'Save') || ($aClean['sSub'] == 'Reject') || ($aClean['sSub'] == 'Delete')) diff --git a/admin/adminUsers.php b/admin/adminUsers.php index 6db3d0c..658b6ae 100644 --- a/admin/adminUsers.php +++ b/admin/adminUsers.php @@ -18,10 +18,8 @@ $aClean['sSubmit'] = makeSafe($_REQUEST['sSubmit']); apidb_header("Admin Users Management"); if(!$_SESSION['current']->hasPriv("admin")) -{ util_show_error_page("Insufficient privileges."); - exit; -} + // we want to delete a user if($aClean['sAction'] == "delete" && is_numeric($aClean['iUserId'])) diff --git a/admin/editAppFamily.php b/admin/editAppFamily.php index e7e75a5..d26047b 100644 --- a/admin/editAppFamily.php +++ b/admin/editAppFamily.php @@ -16,16 +16,10 @@ $aClean['iAppId'] = makeSafe($_REQUEST['iAppId']); $aClean['sSubmit'] = makeSafe($_REQUEST['sSubmit']); if(!is_numeric($aClean['iAppId'])) -{ util_show_error_page("Wrong ID"); - exit; -} if(!($_SESSION['current']->hasPriv("admin") || $_SESSION['current']->isSuperMaintainer($aClean['iAppId']))) -{ util_show_error_page("Insufficient Privileges!"); - exit; -} if(!empty($aClean['sSubmit'])) { diff --git a/admin/editAppNote.php b/admin/editAppNote.php index 711038c..26e45b9 100644 --- a/admin/editAppNote.php +++ b/admin/editAppNote.php @@ -16,20 +16,14 @@ $aClean['sSubmit'] = makeSafe($_REQUEST['sSubmit']); $aClean['sPreview'] = makeSafe($_REQUEST['sPreview']); if(!is_numeric($aClean['iNoteId'])) -{ util_show_error_page('Wrong note ID'); - exit; -} /* Get note data */ $oNote = new Note($aClean['iNoteId']); /* Check for privs */ if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($oNote->iVersionId) && !$_SESSION['current']->isSuperMaintainer($oNote->iAppId)) -{ util_show_error_page("Insufficient Privileges!"); - exit; -} if(!empty($aClean['sSub'])) { diff --git a/admin/editAppVersion.php b/admin/editAppVersion.php index 7417d3f..db2173f 100644 --- a/admin/editAppVersion.php +++ b/admin/editAppVersion.php @@ -12,17 +12,11 @@ $aClean['iVersionId'] = makeSafe($_REQUEST['iVersionId']); $aClean['sSubmit'] = makeSafe($_REQUEST['sSubmit']); if(!is_numeric($aClean['iAppId']) OR !is_numeric($aClean['iVersionId'])) -{ util_show_error_page("Wrong ID"); - exit; -} /* Check for admin privs */ if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($aClean['iVersionId']) && !$_SESSION['current']->isSuperMaintainer($aClean['iAppId'])) -{ util_show_error_page("Insufficient Privileges!"); - exit; -} /* process the changes the user entered into the web form */ if(!empty($aClean['sSubmit'])) diff --git a/admin/editBundle.php b/admin/editBundle.php index 00ca9de..fa69978 100644 --- a/admin/editBundle.php +++ b/admin/editBundle.php @@ -4,10 +4,7 @@ include("path.php"); include(BASE."include/"."incl.php"); if(!$_SESSION['current']->hasPriv("admin")) -{ util_show_error_page(); - exit; -} function build_app_list() { diff --git a/admin/editDistribution.php b/admin/editDistribution.php index c433639..cfada76 100644 --- a/admin/editDistribution.php +++ b/admin/editDistribution.php @@ -9,10 +9,7 @@ $aClean['iDistributionId'] = makeSafe($_REQUEST['iDistributionId']); $aClean['sSubmit'] = makeSafe($_REQUEST['sSubmit']); if(!$_SESSION['current']->hasPriv("admin")) -{ util_show_error_page("Insufficient privileges."); - exit; -} $oDistribution = new distribution($aClean['iDistributionId']); @@ -28,7 +25,6 @@ if($aClean['sSubmit']) } redirect(apidb_fullurl("distributionView.php")); - exit; } else { diff --git a/admin/editVendor.php b/admin/editVendor.php index ef377ff..7fbe2a8 100644 --- a/admin/editVendor.php +++ b/admin/editVendor.php @@ -10,10 +10,7 @@ $aClean['sName'] = makeSafe($_REQUEST['sName']); $aClean['sWebpage'] = makeSafe($_REQUEST['sWebpage']); if(!$_SESSION['current']->hasPriv("admin")) -{ util_show_error_page(); - exit; -} $oVendor = new Vendor($aClean['iVendorId']); if($aClean['sSubmit']) diff --git a/admin/moveAppVersion.php b/admin/moveAppVersion.php index e1b0f4f..ecf36b0 100644 --- a/admin/moveAppVersion.php +++ b/admin/moveAppVersion.php @@ -12,17 +12,11 @@ $aClean['iVersionId'] = makeSafe($_REQUEST['iVersionId']); $aClean['sAction'] = makeSafe($_REQUEST['sAction']); if(!is_numeric($aClean['iAppId']) OR !is_numeric($aClean['iVersionId'])) -{ util_show_error_page("Wrong ID"); - exit; -} /* Check for admin privs */ if(!$_SESSION['current']->hasPriv("admin")) -{ util_show_error_page("Insufficient Privileges!"); - exit; -} if(!empty($aClean['sAction'])) { diff --git a/appbrowse.php b/appbrowse.php index 05e11e6..80ba674 100644 --- a/appbrowse.php +++ b/appbrowse.php @@ -30,11 +30,8 @@ if( empty( $aClean['iCatId'] ) ) $aClean['iCatId'] = 0; // ROOT } -if( !is_numeric($aClean['iCatId']) ) -{ +if(!is_numeric($aClean['iCatId'])) util_show_error_page("Something went wrong with the category ID"); - exit; -} // list sub categories $cat = new Category($aClean['iCatId']); diff --git a/appimage.php b/appimage.php index e8eaada..69b387f 100644 --- a/appimage.php +++ b/appimage.php @@ -20,19 +20,14 @@ header("Pragma: "); /* if the user isn't supposed to be viewing this image */ /* display an error message and exit */ if(!$_SESSION['current']->canViewImage($aClean['iId'])) -{ util_show_error_page("Insufficient privileges."); - exit; -} if ($aClean['sREQUEST_METHOD']='HEAD') { /* WARNING! optimization of logic in include/screenshots.php */ if (sscanf($aClean['iId'],"%d", &$iId) < 1) - { util_show_error_page("Bad parameter"); - exit; - } + $hResult = query_parameters("SELECT id, url FROM appData WHERE id = '?' AND type = 'image' LIMIT 1", $iId); diff --git a/appsubmit.php b/appsubmit.php index be2daf3..c89173f 100644 --- a/appsubmit.php +++ b/appsubmit.php @@ -66,11 +66,7 @@ function newSubmition($errors) } //deny access if not logged on if(!$_SESSION['current']->isLoggedIn()) -{ util_show_error_page("Insufficient privileges to create application. Are you sure you are logged in?"); - exit; -} - if ($aClean['sSub']) { @@ -93,9 +89,7 @@ if ($aClean['sSub']) !$_SESSION['current']->isVersionSubmitter($oApp->AppId)) { util_show_error_page("Insufficient privileges."); - exit; } - $oVersion = new Version($oRow->versionId); } else { @@ -113,7 +107,6 @@ if ($aClean['sSub']) !$_SESSION['current']->isVersionSubmitter($oVersion->versionId)) { util_show_error_page("Insufficient privileges."); - exit; } } else diff --git a/appview.php b/appview.php index 36ec57e..af0b67a 100644 --- a/appview.php +++ b/appview.php @@ -83,10 +83,7 @@ function display_bundle($iAppId) } if(!is_numeric($aClean['iAppId']) && !is_numeric($aClean['iVersionId'])) -{ util_show_error_page("Something went wrong with the application or version id"); - exit; -} if ($aClean['sSub']) { @@ -99,7 +96,6 @@ if ($aClean['sSub']) $oBuglink = new bug($aClean['iBuglinkId']); $oBuglink->delete(); redirect(apidb_fullurl("appview.php?iVersionId=".$aClean['iVersionId'])); - exit; } } @@ -112,7 +108,6 @@ if ($aClean['sSub']) $oBuglink = new bug($aClean['iBuglinkId']); $oBuglink->unqueue(); redirect(apidb_fullurl("appview.php?iVersionId=".$aClean['iVersionId'])); - exit; } } @@ -121,14 +116,12 @@ if ($aClean['sSub']) $oBuglink = new bug(); $oBuglink->create($aClean['iVersionId'],$aClean['iBuglinkId']); redirect(apidb_fullurl("appview.php?iVersionId=".$aClean['iVersionId'])); - exit; } if($aClean['sSub'] == 'StartMonitoring') { $oMonitor = new Monitor(); $oMonitor->create($_SESSION['current']->iUserId,$aClean['iAppId'],$aClean['iVersionId']); redirect(apidb_fullurl("appview.php?iVersionId=".$aClean['iVersionId'])); - exit; } if($aClean['sSub'] == 'StopMonitoring') { @@ -139,7 +132,6 @@ if ($aClean['sSub']) $oMonitor->delete(); } redirect(apidb_fullurl("appview.php?iVersionId=".$aClean['iVersionId'])); - exit; } } @@ -159,7 +151,6 @@ if($aClean['iAppId']) { // Oops! Called with no params, bad llamah! util_show_error_page('Page Called with No Params!'); - exit; } apidb_footer(); diff --git a/commentview.php b/commentview.php index 37f0ed8..737ed7f 100644 --- a/commentview.php +++ b/commentview.php @@ -22,10 +22,7 @@ apidb_header("Comments"); if(!is_numeric($aClean['iAppId']) OR !is_numeric($aClean['iVersionId']) OR (!empty($aClean['iThreadId']) AND !is_numeric($aClean['iThreadId']))) -{ util_show_error_page("Wrong IDs"); - exit; -} view_app_comments($aClean['iVersionId'], $aClean['iThreadId']); diff --git a/deletecomment.php b/deletecomment.php index 12b6398..515c786 100644 --- a/deletecomment.php +++ b/deletecomment.php @@ -26,7 +26,6 @@ if (!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isSuperMaintainer($oComment->iAppId)) { util_show_error_page("You don't have sufficient privileges to delete this comment."); - exit; } if($_SESSION['current']->getPref("confirm_comment_deletion") != "no" && !isset($aClean['iDeleteIt'])) diff --git a/distributionView.php b/distributionView.php index 47908b0..8f1afee 100644 --- a/distributionView.php +++ b/distributionView.php @@ -20,10 +20,7 @@ $aClean['iDistributionId'] = makeSafe( $_REQUEST['iDistributionId']); if ($aClean['sSub']) { if(!$_SESSION['current']->hasPriv("admin")) - { util_show_error_page("Insufficient privileges."); - exit; - } if($aClean['sSub'] == 'delete') { diff --git a/include/application.php b/include/application.php index 52d5cab..815188f 100644 --- a/include/application.php +++ b/include/application.php @@ -519,10 +519,7 @@ class Application { /* is this user supposed to view this version? */ if(!$_SESSION['current']->canViewApplication($this)) - { util_show_error_page("Something went wrong with the application or version id"); - exit; - } // show Vote Menu if($_SESSION['current']->isLoggedIn()) diff --git a/include/util.php b/include/util.php index 2275948..f1ea593 100644 --- a/include/util.php +++ b/include/util.php @@ -12,6 +12,7 @@ function util_show_error_page($text = null, $message = null) echo "
$text
\n"; echo "

$message

\n"; apidb_footer(); + exit; } function makeSafe($var) diff --git a/include/version.php b/include/version.php index 690d885..b8cc7f5 100644 --- a/include/version.php +++ b/include/version.php @@ -622,25 +622,17 @@ class Version { /* is this user supposed to view this version? */ if(!$_SESSION['current']->canViewVersion($this)) - { util_show_error_page("Something went wrong with the application or version id"); - exit; - } $oApp = new Application($this->iAppId); - if(!$oApp->iAppId) - { - // Oops! application not found or other error. do something - util_show_error_page('Internal Database Access Error. No App found.'); - exit; - } + // Oops! application not found or other error. do something + if(!$oApp->iAppId) + util_show_error_page('Internal Database Access Error. No App found.'); + + // Oops! Version not found or other error. do something if(!$this->iVersionId) - { - // Oops! Version not found or other error. do something util_show_error_page('Internal Database Access Error. No Version Found.'); - exit; - } // header apidb_header("Viewing App- ".$oApp->sName." Version - ".$this->sName); diff --git a/include/vote.php b/include/vote.php index 1a15272..d5ca822 100644 --- a/include/vote.php +++ b/include/vote.php @@ -151,10 +151,7 @@ function vote_menu() function vote_update($vars) { if(!$_SESSION['current']->isLoggedIn()) - { util_show_error_page("You must be logged in to vote"); - return; - } if( !is_numeric($vars['iAppId']) OR !is_numeric($vars['iSlot'])) { diff --git a/maintainerdelete.php b/maintainerdelete.php index 9a18cb8..5541f01 100644 --- a/maintainerdelete.php +++ b/maintainerdelete.php @@ -19,10 +19,7 @@ $aClean['iConfirmed'] = makeSafe($_POST['iConfirmed']); $aClean['iSuperMaintainer'] = makeSafe($_POST['iSuperMaintainer']); if(!$_SESSION['current']->isLoggedIn()) -{ util_show_error_page("You need to be logged in to resign from being a maintainer."); - exit; -} if($aClean['iConfirmed']) diff --git a/maintainersubmit.php b/maintainersubmit.php index 7dd6373..6d1fdab 100644 --- a/maintainersubmit.php +++ b/maintainersubmit.php @@ -44,11 +44,7 @@ function checkAppMaintainerInput( $maintainReason ) if(!$_SESSION['current']->isLoggedIn()) -{ util_show_error_page("You need to be logged in to apply to be a maintainer."); - exit; -} - /* if we have a versionId to check against see if */ /* the user is already a maintainer */ @@ -70,10 +66,7 @@ if( $aClean['sMaintainReason'] ) // check the input for empty/invalid fields $errors = checkAppMaintainerInput($aClean['sMaintainReason']); if(!empty($errors)) - { util_show_error_page("We found the following errors:","
Please go back and correct them."); - exit; - } // header if($aClean['iSuperMaintainer']) diff --git a/preferences.php b/preferences.php index 075c0ad..5b5110f 100644 --- a/preferences.php +++ b/preferences.php @@ -32,10 +32,7 @@ while(list($key, $value) = each($_REQUEST)) if(!$_SESSION['current']->isLoggedIn()) -{ util_show_error_page("You must be logged in to edit preferences"); - exit; -} // we come from the administration to edit an user if($_SESSION['current']->hasPriv("admin") && diff --git a/testResults.php b/testResults.php index 4cf6115..46d84d9 100644 --- a/testResults.php +++ b/testResults.php @@ -82,7 +82,6 @@ if ($aClean['sSub']) !(($_SESSION['current']->iUserId == $oTest->iSubmitterId) && !($oTest->sQueued == 'false'))) { util_show_error_page("Insufficient privileges."); - exit; } else $oVersion = new version($oTest->iVersionId); } else diff --git a/vendorview.php b/vendorview.php index 811335f..463a4d7 100644 --- a/vendorview.php +++ b/vendorview.php @@ -20,10 +20,7 @@ $oVendor = new Vendor($aClean['iVendorId']); if ($aClean['sSub']) { if(!$_SESSION['current']->hasPriv("admin")) - { util_show_error_page("Insufficient privileges."); - exit; - } if($aClean['sSub'] == 'delete') { diff --git a/viewbugs.php b/viewbugs.php index fd0f13d..25ee5b0 100644 --- a/viewbugs.php +++ b/viewbugs.php @@ -12,12 +12,9 @@ $aClean['iBugId'] = makeSafe($_REQUEST['iBugId']); /* code to View versions affected by a Bug */ -if( !is_numeric($aClean['iBugId'])) -{ +if(!is_numeric($aClean['iBugId'])) util_show_error_page("Something went wrong with the bug ID"); - exit; -} -{ + apidb_header("Applications affected by Bug #".$aClean['iBugId']); echo '',"\n"; @@ -76,5 +73,4 @@ if( !is_numeric($aClean['iBugId'])) echo '',"\n"; apidb_footer(); -} ?>