From f488384a7b56b1e9511fa23d3ac359de64901213 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Mon, 30 Apr 2012 15:04:45 -0700
Subject: Guard reparent/rearrange against bad values in source_id.  Fixes
 #1843.

---
 modules/organize/controllers/organize.php | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'modules')

diff --git a/modules/organize/controllers/organize.php b/modules/organize/controllers/organize.php
index 5a2c3e4f..048f6fc3 100644
--- a/modules/organize/controllers/organize.php
+++ b/modules/organize/controllers/organize.php
@@ -81,6 +81,9 @@ class Organize_Controller extends Controller {
 
     foreach (explode(",", $input->post("source_ids")) as $source_id) {
       $source = ORM::factory("item", $source_id);
+      if (!$source->loaded()) {
+        continue;
+      }
       access::required("edit", $source->parent());
 
       if ($source->contains($new_parent) || $source->id == $new_parent->id) {
@@ -116,6 +119,11 @@ class Organize_Controller extends Controller {
 
     $input = Input::instance();
     $target = ORM::factory("item", $input->post("target_id"));
+    if (!$target->loaded()) {
+      json::reply(null);
+      return;
+    }
+
     $album = $target->parent();
     access::required("edit", $album);
 
-- 
cgit v1.2.3