version 0.3.13

[fms.git] / src / http / pages / peertrustpage.cpp

diff --git a/src/http/pages/peertrustpage.cpp b/src/http/pages/peertrustpage.cpp
index 0ab34f1..3fee7ac 100644 (file)
--- a/src/http/pages/peertrustpage.cpp
+++ b/src/http/pages/peertrustpage.cpp
@@ -148,7 +148,7 @@ const std::string PeerTrustPage::GeneratePage(const std::string &method, const s
                }\r
        }\r
 \r
-       if(localidentityid!=-1 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="update")\r
+       if(localidentityid!=-1 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="update" && ValidateFormPassword(queryvars))\r
        {\r
                std::vector<std::string> identityids;\r
                std::vector<std::string> oldlmt;\r
@@ -276,6 +276,7 @@ const std::string PeerTrustPage::GeneratePage(const std::string &method, const s
        content+="</div>";\r
 \r
        content+="<form name=\"frmtrust\" method=\"POST\">";\r
+       content+=CreateFormPassword();\r
        content+="<input type=\"hidden\" name=\"formaction\" value=\"update\">";\r
        content+="<input type=\"hidden\" name=\"localidentityid\" value=\""+localidentityidstr+"\">";\r
        content+="<input type=\"hidden\" name=\"startrow\" value=\""+startrowstr+"\">";\r
@@ -295,8 +296,8 @@ const std::string PeerTrustPage::GeneratePage(const std::string &method, const s
        content+="</tr>\r\n";\r
        \r
        // get count of identities we are showing\r
-       sql="SELECT COUNT(*) FROM tblIdentity LEFT JOIN (SELECT IdentityID FROM tblIdentityTrust WHERE LocalIdentityID=?) AS 'tblIdentityTrust' ON tblIdentity.IdentityID=tblIdentityTrust.IdentityID ";\r
-       sql+="WHERE tblIdentity.Hidden='false'";\r
+       sql="SELECT COUNT(*) FROM tblIdentity LEFT JOIN tblIdentityTrust ON tblIdentity.IdentityID=tblIdentityTrust.IdentityID ";\r
+       sql+="WHERE tblIdentity.Hidden='false' AND tblIdentityTrust.LocalIdentityID=?";\r
        if(namesearch!="")\r
        {\r
                sql+=" AND (Name LIKE '%' || ? || '%' OR PublicKey LIKE '%' || ? || '%')";\r
@@ -314,8 +315,8 @@ const std::string PeerTrustPage::GeneratePage(const std::string &method, const s
        st.Finalize();\r
 \r
        sql="SELECT tblIdentity.IdentityID,Name,tblIdentityTrust.LocalMessageTrust,PeerMessageTrust,tblIdentityTrust.LocalTrustListTrust,PeerTrustListTrust,PublicKey,tblIdentityTrust.MessageTrustComment,tblIdentityTrust.TrustListTrustComment,COUNT(MessageID) AS 'MessageCount',tblIdentity.PublishTrustList ";\r
-       sql+="FROM tblIdentity LEFT JOIN (SELECT LocalIdentityID,IdentityID,LocalMessageTrust,LocalTrustListTrust,MessageTrustComment,TrustListTrustComment FROM tblIdentityTrust WHERE LocalIdentityID=?) AS tblIdentityTrust ON tblIdentity.IdentityID=tblIdentityTrust.IdentityID LEFT JOIN tblMessage ON tblIdentity.IdentityID=tblMessage.IdentityID ";\r
-       sql+="WHERE tblIdentity.Hidden='false'";\r
+       sql+="FROM tblIdentity LEFT JOIN tblIdentityTrust ON tblIdentity.IdentityID=tblIdentityTrust.IdentityID LEFT JOIN tblMessage ON tblIdentity.IdentityID=tblMessage.IdentityID ";\r
+       sql+="WHERE tblIdentity.Hidden='false' AND tblIdentityTrust.LocalIdentityID=?";\r
        if(namesearch!="")\r
        {\r
                sql+=" AND (Name LIKE  '%' || ? || '%' OR PublicKey LIKE '%' || ? || '%')";\r
@@ -443,7 +444,7 @@ const std::string PeerTrustPage::GeneratePage(const std::string &method, const s
        content+="</table>";\r
        content+="</form>";\r
 \r
-       return "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\n"+StringFunctions::Replace(m_template,"[CONTENT]",content);\r
+       return StringFunctions::Replace(m_template,"[CONTENT]",content);\r
 }\r
 \r
 const std::string PeerTrustPage::GetClassString(const std::string &trustlevel)\r