Changeset 143

Timestamp:

03/30/2009 10:30:26 PM (3 years ago)

Author:

ofer

Message:

Permissions before DB work

File:

• trunk/WordPress/plugin/transposh/transposh_db.php (modified) (3 diffs)

trunk/WordPress/plugin/transposh/transposh_db.php

@@ -112 +112 @@
         $source = $_POST['source'];
 
+        // check params
         logger("Enter " . __FILE__ . " Params: $original , $translation, $lang, $ref", 3);
         if(!isset($original) || !isset($translation) || !isset($lang))
@@ -117 +118 @@
                 logger("Enter " . __FILE__ . " missing params: $original , $translation, $lang," . $ref, 0);
                 return;
+        }
+
+        //Check permissions, first the lanugage must be on the edit list. Then either the user
+        //is a translator or automatic translation if it is enabled.
+        if(!(is_editable_lang($lang) &&
+            (is_translator() || ($source == 1 && get_option(ENABLE_AUTO_TRANSLATE)))))
+        {
+                logger("Unauthorized translation attempt " . $_SERVER['REMOTE_ADDR'] , 1);
+                header("HTTP/1.0 401 Unauthorized translation");
+                exit;
         }
 
@@ -141 +152 @@
                         return;
                 }
-        }
-
-        //Check permissions, first the lanugage must be on the edit list. Then either the user
-        //is a translator or automatic translation if it is enabled.
-        if(!(is_editable_lang($lang) &&
-            (is_translator() || ($source == 1 && get_option(ENABLE_AUTO_TRANSLATE)))))
-        {
-                logger("Unauthorized translation attempt " . $_SERVER['REMOTE_ADDR'] , 1);
-                header("HTTP/1.0 401 Unauthorized translation");
-                exit;
         }