Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-01 11:35:55 +01:00
Code Issues Packages Projects Releases Wiki Activity

closes #2117

Browse Source
This commit is contained in:
barisusakli
2014-09-24 15:42:45 -04:00
parent 5d344b3dac
commit da64eb0873
3 changed files with 21 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/controllers/topics.js
View File

@@ -21,6 +21,10 @@ topicsController.get = function(req, res, next) {
uid = req.user ? req.user.uid : 0,
userPrivileges;
if (req.params.post_index && !utils.isNumber(req.params.post_index)) {
return categoriesController.notFound(req, res);
}
async.waterfall([
function (next) {
async.parallel({
@@ -32,6 +36,9 @@ topicsController.get = function(req, res, next) {
},
settings: function(next) {
user.getSettings(uid, next);
},
slug: function(next) {
topics.getTopicField(tid, 'slug', next);
}
}, next);
},
@@ -55,6 +62,10 @@ topicsController.get = function(req, res, next) {
return categoriesController.notFound(req, res);
}
if (tid + '/' + req.params.slug !== results.slug) {
return categoriesController.notFound(req, res);
}
if (!userPrivileges.read) {
return categoriesController.notAllowed(req, res);
}