diff options
| author | Adrian Lang <mail@adrianlang.de> | 2011-05-25 15:36:52 +0200 |
|---|---|---|
| committer | Adrian Lang <mail@adrianlang.de> | 2011-05-25 15:36:52 +0200 |
| commit | 2d79e536d13f7923a7059d03cc69f201a935a56b (patch) | |
| tree | 46e0d8f51612fc35a199a4c86171342e1d376e84 /lib/exe/ajax.php | |
| parent | 7ee92f4c27f4f435c2d44501bd326c965dbafd51 (diff) | |
| parent | 5ff127375bd2292958b989dcec18dbca5a8a751f (diff) | |
| download | rpg-2d79e536d13f7923a7059d03cc69f201a935a56b.tar.gz rpg-2d79e536d13f7923a7059d03cc69f201a935a56b.tar.bz2 | |
Merge branch 'master' into stable
Diffstat (limited to 'lib/exe/ajax.php')
| -rw-r--r-- | lib/exe/ajax.php | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/lib/exe/ajax.php b/lib/exe/ajax.php index 7d594dc04..1056a05f8 100644 --- a/lib/exe/ajax.php +++ b/lib/exe/ajax.php @@ -123,11 +123,21 @@ function ajax_suggestions() { function ajax_lock(){ global $conf; global $lang; - $id = cleanID($_POST['id']); - if(empty($id)) return; + global $ID; + global $INFO; + + $ID = cleanID($_POST['id']); + if(empty($ID)) return; + + $INFO = pageinfo(); + + if (!$INFO['writable']) { + echo 'Permission denied'; + return; + } - if(!checklock($id)){ - lock($id); + if(!checklock($ID)){ + lock($ID); echo 1; } @@ -135,14 +145,14 @@ function ajax_lock(){ $client = $_SERVER['REMOTE_USER']; if(!$client) $client = clientIP(true); - $draft = array('id' => $id, + $draft = array('id' => $ID, 'prefix' => substr($_POST['prefix'], 0, -1), 'text' => $_POST['wikitext'], 'suffix' => $_POST['suffix'], 'date' => (int) $_POST['date'], 'client' => $client, ); - $cname = getCacheName($draft['client'].$id,'.draft'); + $cname = getCacheName($draft['client'].$ID,'.draft'); if(io_saveFile($cname,serialize($draft))){ echo $lang['draftdate'].' '.dformat(); } |