diff options
author | Alessandro Cosentino <cosenal@gmail.com> | 2012-08-12 21:27:16 -0400 |
---|---|---|
committer | Alessandro Cosentino <cosenal@gmail.com> | 2012-08-12 21:27:16 -0400 |
commit | 8aa247ca730a16c837859b644b0e2998d41885ac (patch) | |
tree | 5310819ac81ce4e4ca7502f4b43151eec3295174 /lib/foldermapper.php | |
parent | 90fb216e7dd61c9571d225aa7c5c834c654d9cef (diff) |
checks userid before deleting
Diffstat (limited to 'lib/foldermapper.php')
-rw-r--r-- | lib/foldermapper.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/lib/foldermapper.php b/lib/foldermapper.php index 7fb8aa9af..33a14a0c4 100644 --- a/lib/foldermapper.php +++ b/lib/foldermapper.php @@ -138,17 +138,17 @@ class FolderMapper { } // delete child folders - $stmt = \OCP\DB::prepare('SELECT id FROM ' . self::tableName .' WHERE parent_id = ?'); - $result = $stmt->execute(array($folderid)); + $stmt = \OCP\DB::prepare('SELECT id FROM ' . self::tableName .' WHERE parent_id = ? AND user_id = ?'); + $result = $stmt->execute(array($folderid, $this->userid)); while ($row = $result->fetchRow()) { if (!self::deleteById($row['id'])) return false; } - $stmt = \OCP\DB::prepare('DELETE FROM ' . self::tableName .' WHERE id = ?'); - $result = $stmt->execute(array($folderid)); + $stmt = \OCP\DB::prepare('DELETE FROM ' . self::tableName .' WHERE id = ? AND user_id = ?'); + $result = $stmt->execute(array($folderid, $this->userid)); - $feedMapper = new FeedMapper(); + $feedMapper = new FeedMapper($this->userid); //TODO: handle the value that the execute returns if(!$feedMapper->deleteAll($folderid)) return false; |