From 360f8f52a84ef859b597b92fbbc237f7007041fe Mon Sep 17 00:00:00 2001
From: Tim Steiner <tsteiner2@unl.edu>
Date: Wed, 3 Sep 2008 19:06:32 +0000
Subject: [PATCH] Throw an exception when a user tries to use an invalid
 subject code.

---
 .../modules/courses/models/CourseModel.php    | 40 +++++++++++++++++++
 1 file changed, 40 insertions(+)

diff --git a/application/modules/courses/models/CourseModel.php b/application/modules/courses/models/CourseModel.php
index 480be6d8..c30da5e8 100644
--- a/application/modules/courses/models/CourseModel.php
+++ b/application/modules/courses/models/CourseModel.php
@@ -1527,6 +1527,10 @@ class Courses_CourseModel extends Unl_Model
 
 	public function setCourseCode($subject, $courseNumber, $courseLetter = null)
 	{
+        if (!self::isSubjectValid($subject)) {
+            throw new Zend_Exception('The subject code ' . $subject . ' is invalid.');
+        }
+		
 		$homeIndex = null;
 		foreach ($this->_data['crosslistings'] as $index => $crosslisting) {
 			if ($crosslisting['type'] == 'home listing') {
@@ -1631,6 +1635,10 @@ class Courses_CourseModel extends Unl_Model
 
     public function addCrosslisting($type, $subject, $courseNumber, $courseLetter)
     {
+    	if (!self::isSubjectValid($subject)) {
+    		throw new Zend_Exception('The subject code ' . $subject . ' is invalid.');
+    	}
+    	
         $lowestId = min(array_keys($this->_data['crosslistings']));
         if (!($lowestId < 0)) {
         	$lowestId = 0;
@@ -1648,6 +1656,10 @@ class Courses_CourseModel extends Unl_Model
 
     public function editCrosslisting($id, $type, $subject, $courseNumber, $courseLetter)
     {
+        if (!self::isSubjectValid($subject)) {
+            throw new Zend_Exception('The subject code ' . $subject . ' is invalid.');
+        }
+        
         if (!$this->_data['crosslistings'][$id]) {
         	throw new Exception('Attempt to edit a non-existant crosslisting');
         }
@@ -2149,5 +2161,33 @@ class Courses_CourseModel extends Unl_Model
     	}
     	return true;
     }
+    
+    static $_subjectList;
+    
+    static protected function _loadSubjectList()
+    {
+    	if (self::$_subjectList) {
+    		return self::$_subjectList;
+    	}
+    	
+    	$db = Zend_Registry::get('db');
+    	$select = new Zend_Db_Select($db);
+    	
+    	$select->from('creqSubjects', array('name'));
+    	$records = $select->query()->fetchAll();
+    	self::$_subjectList = array();
+    	foreach ($records as $record) {
+    		self::$_subjectList[] = $record['name'];
+    	}
+    	
+    	return self::$_subjectList;
+    }
+    
+    static public function isSubjectValid($subject)
+    {
+    	self::_loadSubjectList();
+    	
+    	return in_array($subject, self::$_subjectList);
+    }
 }
 
-- 
GitLab