test return value from db_query before assuming it is valid

make the sql query form consistent in usage by cleaning up instances
where db_query's result was not inspected before attempting to fetch row
data from the handle

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>

web/template/actions_form.php

@@ -8,39 +8,45 @@
 		#
 		$q = "SELECT * FROM PackageVotes WHERE UsersID = ". $uid;
 		$q.= " AND PackageID = ".$row["ID"];
-		if (!mysql_num_rows(db_query($q, $dbh))) {
-			echo "      <input type='submit' class='button' name='do_Vote'";
-			echo " value='".__("Vote")."' /> ";
-		} else {
-			echo "<input type='submit' class='button' name='do_UnVote'";
-			echo " value='".__("UnVote")."' /> ";
+		$result = db_query($q, $dbh);
+		if ($result) {
+			if (!mysql_num_rows($result)) {
+				echo "      <input type='submit' class='button' name='do_Vote'";
+				echo " value='".__("Vote")."' /> ";
+			} else {
+				echo "<input type='submit' class='button' name='do_UnVote'";
+				echo " value='".__("UnVote")."' /> ";
+			}
 		}
 
 		# Comment Notify Button
 		#
 		$q = "SELECT * FROM CommentNotify WHERE UserID = ". $uid;
 		$q.= " AND PkgID = ".$row["ID"];
-		if (!mysql_num_rows(db_query($q, $dbh))) {
-			echo "<input type='submit' class='button' name='do_Notify'";
-			echo " value='".__("Notify")."' title='".__("New Comment Notification")."' /> ";
-		} else {
-			echo "<input type='submit' class='button' name='do_UnNotify'";
-			echo " value='".__("UnNotify")."' title='".__("No New Comment Notification")."' /> ";
+		$result = db_query($q, $dbh);
+		if ($result) {
+			if (!mysql_num_rows($result)) {
+				echo "<input type='submit' class='button' name='do_Notify'";
+				echo " value='".__("Notify")."' title='".__("New Comment Notification")."' /> ";
+			} else {
+				echo "<input type='submit' class='button' name='do_UnNotify'";
+				echo " value='".__("UnNotify")."' title='".__("No New Comment Notification")."' /> ";
+			}
 		}
 
-if ($row["OutOfDateTS"] === NULL) {
-    echo "<input type='submit' class='button' name='do_Flag'";
-    echo " value='".__("Flag Out-of-date")."' />\n";
-} else {
-    echo "<input type='submit' class='button' name='do_UnFlag'";
-    echo " value='".__("UnFlag Out-of-date")."' />\n";
+		if ($row["OutOfDateTS"] === NULL) {
+			echo "<input type='submit' class='button' name='do_Flag'";
+			echo " value='".__("Flag Out-of-date")."' />\n";
+		} else {
+			echo "<input type='submit' class='button' name='do_UnFlag'";
+			echo " value='".__("UnFlag Out-of-date")."' />\n";
 		}
 			
-if ($row["MaintainerUID"] === NULL) {
-    echo "<input type='submit' class='button' name='do_Adopt'";
-    echo " value='".__("Adopt Packages")."' />\n";
-} else if ($uid == $row["MaintainerUID"] ||
-	$atype == "Trusted User" || $atype == "Developer") {
+		if ($row["MaintainerUID"] === NULL) {
+			echo "<input type='submit' class='button' name='do_Adopt'";
+			echo " value='".__("Adopt Packages")."' />\n";
+		} else if ($uid == $row["MaintainerUID"] ||
+			$atype == "Trusted User" || $atype == "Developer") {
 			echo "<input type='submit' class='button' name='do_Disown'";
 			echo " value='".__("Disown Packages")."' />\n";
 		}

web/template/tu_list.php

@@ -40,7 +40,13 @@
 					<td class='<?php print $c ?>'>
 						<?php
 						$q = "SELECT * FROM TU_Votes WHERE VoteID = " . $row['ID'] . " AND UserID = " . uid_from_sid($_COOKIE["AURSID"]);
-						$hasvoted = mysql_num_rows(db_query($q, $dbh));
+						$result_tulist = db_query($q, $dbh);
+						if ($result_tulist) {
+							$hasvoted = mysql_num_rows($result_tulist);
+						}
+						else {
+							$hasvoted = 0;
+						}
 						?>
 						<span class='f5'><span class='blue'>
 						<?php if ($hasvoted == 0) { ?>