Project

General

Profile

« Previous | Next » 

Revision 1354

Added by Dietmar almost 14 years ago

added admin/images
local sync
fixed save handling settings entries

View differences:

branches/2.8.x/CHANGELOG
11 11
! = Update/Change
12 12

  
13 13
------------------------------------- 2.8.2 -------------------------------------
14
26 Dec-2010 Dietmar Woellbrink (Luisehahne)
15
+ added admin/images
16
# fixed save handling settings entries
17
! local sync
14 18
26 Dec-2010 Frank Heyne (FrankH)
15 19
# security fix: in modules/admin.php - check whether section belongs to page
16 20
! security fix: changed $section_required into $no_section_required (apparently used by no module at all)
branches/2.8.x/wb/admin/interface/version.php
52 52

  
53 53
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
54 54
if(!defined('VERSION')) define('VERSION', '2.8.2.RC1');
55
if(!defined('REVISION')) define('REVISION', '1353');
55
if(!defined('REVISION')) define('REVISION', '1354');
56 56

  
57 57
?>
branches/2.8.x/wb/admin/settings/save.php
129 129
	$dir_mode = "0".$u.$g.$o;
130 130
}
131 131

  
132
$allow_tags_in_fields = array('website_header', 'website_footer');
133
$allow_empty_values = array('website_header','website_footer','sec_anchor','pages_directory','page_spacer');
134
$disallow_in_fields = array('pages_directory', 'media_directory','wb_version');
132 135
// Create new database object
133 136
/*$database = new database(); */
134 137

  
135 138
// Query current settings in the db, then loop through them and update the db with the new value
136
$query = "SELECT name FROM ".TABLE_PREFIX."settings";
137
$results = $database->query($query);
138
while($setting = $results->fetchRow())
139
$settings = array();
140
$old_settings = array();
141
// Query current settings in the db, then loop through them to get old values
142
$sql = 'SELECT `name`, `value` FROM `'.TABLE_PREFIX.'settings`';
143
$sql .= 'ORDER BY `name`';
144

  
145
$res_settings = $database->query($sql);
146

  
147
while($setting = $res_settings->fetchRow())
139 148
{
149
	$old_settings[$setting['name']] = $setting['value'];
140 150
	$setting_name = $setting['name'];
141 151
	$value = $admin->get_post($setting_name);
142
	if ($setting_name!='wb_version')
152
	switch ($setting_name) {
153
		case 'default_timezone':
154
			$value=$value*60*60;
155
			break;
156
		case 'string_dir_mode':
157
			$value=$dir_mode;
158
			break;
159
		case 'string_file_mode':
160
			$value=$file_mode;
161
			break;
162
		case 'pages_directory':
163
			if(trim($value)=='/') $value='';
164
			break;
165
		default :
166

  
167
			break;
168
	}
169
    if (!in_array($setting_name, $allow_tags_in_fields))
143 170
    {
144
		$allow_tags_in_fields = array('website_header', 'website_footer','wbmailer_smtp_password');
145
		if(!in_array($setting_name, $allow_tags_in_fields)) {
146
			$value = strip_tags($value);
147
		}
171
        $value = strip_tags($value);
172
    }
148 173

  
149
		switch ($setting_name) {
150
			case 'default_timezone':
151
				$value=$value*60*60;
152
				break;
153
			case 'string_dir_mode':
154
				$value=$dir_mode;
155
				break;
156
			case 'string_file_mode':
157
				$value=$file_mode;
158
				break;
159
			case 'pages_directory':
160
				if(trim($value)=='/') $value='';
161
				break;
162
			default :
174
    $passed = in_array($setting_name, $allow_empty_values);
163 175

  
164
				break;
165
		}
166
		$value = $admin->add_slashes($value);
167
		$database->query("UPDATE ".TABLE_PREFIX."settings SET value = '$value' WHERE name = '$setting_name'");
176
    if ( !in_array($value, $disallow_in_fields) && ((trim($value) <> '') || $passed == true) )
177
    {
178
        $value = trim($admin->add_slashes($value));
179
        $sql = 'UPDATE `'.TABLE_PREFIX.'settings` ';
180
        $sql .= 'SET `value` = \''.$value.'\' ';
181
        $sql .= 'WHERE `name` <> \'wb_version\' ';
182
        $sql .= 'AND `name` = \''.$setting_name.'\' ';
183

  
184
        if ($database->query($sql))
185
        {
186
        }
168 187
	}
169 188
}
170 189

  
branches/2.8.x/wb/admin/images/index.php
1
<?php
2

  
3
// $Id$
4

  
5
/*
6

  
7
 Website Baker Project <http://www.websitebaker.org/>
8
 Copyright (C) 2004-2008, Ryan Djurovich
9

  
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14

  
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19

  
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23

  
24
*/
25

  
26
header("Location: ../../index.php");
27

  
28
?>
0 29

  
branches/2.8.x/wb/admin/images/README.txt
1
The folder admin/images isn't needed for WB 2.8. anymore.
2

  
3
It remains only to keep backward compatibility to old modules
4
wich make use of the images from this folder.
5

  
6
Modules should be adapted as soon as possible to use images
7
from the backend themes instead.
8

  
9
If you are shure you have only Modules wich uses images from
10
backend themes, this folder can be deleted.
0 11

  

Also available in: Unified diff