diff options
| -rw-r--r-- | includes/section.inc | 6 | ||||
| -rw-r--r-- | includes/submission.inc | 6 |
2 files changed, 6 insertions, 6 deletions
diff --git a/includes/section.inc b/includes/section.inc index 0bebaf026..def72400f 100644 --- a/includes/section.inc +++ b/includes/section.inc @@ -8,17 +8,17 @@ function section_get() { } function section_post_threshold($section, $threshold = 5) { - $result = db_query("SELECT post FROM sections WHERE name = '$section'"); + $result = db_query("SELECT post FROM sections WHERE name = '". check_input($section) ."'"); return ($result) ? db_result($result, 0) : $threshold; } function section_dump_threshold($section, $threshold = - 3) { - $result = db_query("SELECT dump FROM sections WHERE name = '$section'"); + $result = db_query("SELECT dump FROM sections WHERE name = '". check_input($section) ."'"); return ($result) ? db_result($result, 0) : $threshold; } function section_timout_threshold($section, $threshold = 10) { - $result = db_query("SELECT timout FROM sections WHERE name = '$section'"); + $result = db_query("SELECT timout FROM sections WHERE name = '". check_input($section) ."'"); return ($result) ? db_result($result, 0) : $threshold; } diff --git a/includes/submission.inc b/includes/submission.inc index 609dc06d9..2c5711ab5 100644 --- a/includes/submission.inc +++ b/includes/submission.inc @@ -29,15 +29,15 @@ function submission_vote($id, $vote, $comment) { // Update story table (if required): $result = db_query("SELECT * FROM stories WHERE id = $id"); if ($submission = db_fetch_object($result)) { - if ($submission->score >= section_post_threshold($submission->section)) { + if (section_post_threshold($submission->section) <= $submission->score) { db_query("UPDATE stories SET status = 2, timestamp = '". time() ."' WHERE id = $id"); watchdog("message", "posted story '$submission->subject'"); } - else if ($submission->score <= section_dump_threshold($submission->section)) { + else if (section_dump_threshold($submission->section) >= $submission->score) { db_query("UPDATE stories SET status = 0, timestamp = '". time() ."' WHERE id = $id"); watchdog("message", "dumped story '$submission->subject'"); } - else if ($submission->votes >= section_timout_threshold($submission->section)) { + else if (section_timout_threshold($submission->section) <= $submission->votes) { db_query("UPDATE stories SET status = 0, timestamp = '". time() ."' WHERE id = $id"); watchdog("message", "expired story '$submission->subject'"); } |