From 89ca548864ca262f7d58f4ddfaf92fc08cb3dca9 Mon Sep 17 00:00:00 2001
From: Kevin Chabowski <kevin@kch42.de>
Date: Fri, 8 Jun 2012 22:39:03 +0200
Subject: Article::test_status implemented

---
 ratatoeskr/sys/models.php | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

(limited to 'ratatoeskr/sys/models.php')

diff --git a/ratatoeskr/sys/models.php b/ratatoeskr/sys/models.php
index a20f726..4c18ffd 100644
--- a/ratatoeskr/sys/models.php
+++ b/ratatoeskr/sys/models.php
@@ -2372,6 +2372,21 @@ class Article extends BySQLRowEnabled
 		return (bool) preg_match('/^[a-zA-Z0-9-_]+$/', $urlname);
 	}
 	
+	/*
+	 * Function: test_status
+	 * Test, if a status is valid.
+	 * 
+	 * Parameters:
+	 * 	$status - Status value to test.
+	 * 
+	 * Returns:
+	 * 	True, if the status is a valid status value, False otherwise.
+	 */
+	public static function test_status($status)
+	{
+		return is_numeric($status) and ($status >= 0) and ($status <= 3);
+	}
+	
 	/*
 	 * Constructor: create
 	 * Create a new Article object.
@@ -2675,7 +2690,10 @@ WHERE " . implode(" AND ", $subqueries) . " $sorting");
 	public function save()
 	{
 		if(!self::test_urlname($this->urlname))
-			throw new DoesNotExistError("invalid_urlname");
+			throw new InvalidDataError("invalid_urlname");
+		
+		if(!self::test_status($this->status))
+			throw new InvalidDataError("invalid_article_status");
 			
 		$result = qdb("SELECT COUNT(*) AS `n` FROM `PREFIX_articles` WHERE `urlname` = '%s' AND `id` != %d", $this->urlname, $this->id);
 		$sqlrow = mysql_fetch_assoc($result);
-- 
cgit v1.2.3-54-g00ecf