liquid_feedback_frontend

view app/main/membership/_action/update.lua @ 9:0ee1e0c42d4c

find changesets by author, revision, files, or words in the commit message
Version beta5

Minor security fix: Added missing security filter for admin section. Reading of member listing including login names was possible for all users. Write access has not been possible though.

Changing of name and login is possible while a history of these changes is written and accessible by all users.

Statistics shown in area list

Trimming of user input also converts multiple whitespaces to single space character.
author bsw
date Mon Jan 04 12:00:00 2010 +0100 (2010-01-04)
parents 80c215dbf076
children 86988175dc89
line source
1 local area_id = assert(param.get("area_id", atom.integer), "no area id given")
2 local membership = Membership:by_pk(area_id, app.session.member.id)
3
4 if param.get("delete", atom.boolean) then
5 if membership then
6 membership:destroy()
7 slot.put_into("notice", _"Membership removed")
8 else
9 slot.put_into("notice", _"Membership not existant")
10 end
11 return
12 end
13
14 if not membership then
15 membership = Membership:new()
16 membership.area_id = area_id
17 membership.member_id = app.session.member_id
18 membership.autoreject = false
19 end
20
21 local autoreject = param.get("autoreject", atom.boolean)
22 if autoreject ~= nil then
23 membership.autoreject = autoreject
24 end
25
26 membership:save()
27
28 --slot.put_into("notice", _"Membership updated")

Impressum / About Us