projects / fms.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
version 0.3.18
[fms.git] / src / http / pages / peertrustpage.cpp
diff --git a/src/http/pages/peertrustpage.cpp b/src/http/pages/peertrustpage.cpp
index 92f804c..fe03c91 100644 (file)
--- a/src/http/pages/peertrustpage.cpp
+++ b/src/http/pages/peertrustpage.cpp
@@ -148,7 +148,7 @@ const std::string PeerTrustPage::GeneratePage(const std::string &method, const s
                }\r
        }\r
 \r
-       if(localidentityid!=-1 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="update")\r
+       if(localidentityid!=-1 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="update" && ValidateFormPassword(queryvars))\r
        {\r
                std::vector<std::string> identityids;\r
                std::vector<std::string> oldlmt;\r
@@ -276,6 +276,7 @@ const std::string PeerTrustPage::GeneratePage(const std::string &method, const s
        content+="</div>";\r
 \r
        content+="<form name=\"frmtrust\" method=\"POST\">";\r
+       content+=CreateFormPassword();\r
        content+="<input type=\"hidden\" name=\"formaction\" value=\"update\">";\r
        content+="<input type=\"hidden\" name=\"localidentityid\" value=\""+localidentityidstr+"\">";\r
        content+="<input type=\"hidden\" name=\"startrow\" value=\""+startrowstr+"\">";\r
@@ -296,7 +297,7 @@ const std::string PeerTrustPage::GeneratePage(const std::string &method, const s
        \r
        // get count of identities we are showing\r
        sql="SELECT COUNT(*) FROM tblIdentity LEFT JOIN tblIdentityTrust ON tblIdentity.IdentityID=tblIdentityTrust.IdentityID ";\r
-       sql+="WHERE tblIdentity.Hidden='false' AND tblIdentityTrust.LocalIdentityID=?";\r
+       sql+="WHERE tblIdentityTrust.LocalIdentityID=? AND tblIdentity.Hidden='false'";\r
        if(namesearch!="")\r
        {\r
                sql+=" AND (Name LIKE '%' || ? || '%' OR PublicKey LIKE '%' || ? || '%')";\r
@@ -315,7 +316,7 @@ const std::string PeerTrustPage::GeneratePage(const std::string &method, const s
 \r
        sql="SELECT tblIdentity.IdentityID,Name,tblIdentityTrust.LocalMessageTrust,PeerMessageTrust,tblIdentityTrust.LocalTrustListTrust,PeerTrustListTrust,PublicKey,tblIdentityTrust.MessageTrustComment,tblIdentityTrust.TrustListTrustComment,COUNT(MessageID) AS 'MessageCount',tblIdentity.PublishTrustList ";\r
        sql+="FROM tblIdentity LEFT JOIN tblIdentityTrust ON tblIdentity.IdentityID=tblIdentityTrust.IdentityID LEFT JOIN tblMessage ON tblIdentity.IdentityID=tblMessage.IdentityID ";\r
-       sql+="WHERE tblIdentity.Hidden='false' AND tblIdentityTrust.LocalIdentityID=?";\r
+       sql+="WHERE tblIdentityTrust.LocalIdentityID=? AND tblIdentity.Hidden='false'";\r
        if(namesearch!="")\r
        {\r
                sql+=" AND (Name LIKE  '%' || ? || '%' OR PublicKey LIKE '%' || ? || '%')";\r
Freenet Message System (unofficial Git repository)