Revision 1354
Added by Dietmar almost 14 years ago
save.php | ||
---|---|---|
129 | 129 |
$dir_mode = "0".$u.$g.$o; |
130 | 130 |
} |
131 | 131 |
|
132 |
$allow_tags_in_fields = array('website_header', 'website_footer'); |
|
133 |
$allow_empty_values = array('website_header','website_footer','sec_anchor','pages_directory','page_spacer'); |
|
134 |
$disallow_in_fields = array('pages_directory', 'media_directory','wb_version'); |
|
132 | 135 |
// Create new database object |
133 | 136 |
/*$database = new database(); */ |
134 | 137 |
|
135 | 138 |
// Query current settings in the db, then loop through them and update the db with the new value |
136 |
$query = "SELECT name FROM ".TABLE_PREFIX."settings"; |
|
137 |
$results = $database->query($query); |
|
138 |
while($setting = $results->fetchRow()) |
|
139 |
$settings = array(); |
|
140 |
$old_settings = array(); |
|
141 |
// Query current settings in the db, then loop through them to get old values |
|
142 |
$sql = 'SELECT `name`, `value` FROM `'.TABLE_PREFIX.'settings`'; |
|
143 |
$sql .= 'ORDER BY `name`'; |
|
144 |
|
|
145 |
$res_settings = $database->query($sql); |
|
146 |
|
|
147 |
while($setting = $res_settings->fetchRow()) |
|
139 | 148 |
{ |
149 |
$old_settings[$setting['name']] = $setting['value']; |
|
140 | 150 |
$setting_name = $setting['name']; |
141 | 151 |
$value = $admin->get_post($setting_name); |
142 |
if ($setting_name!='wb_version') |
|
152 |
switch ($setting_name) { |
|
153 |
case 'default_timezone': |
|
154 |
$value=$value*60*60; |
|
155 |
break; |
|
156 |
case 'string_dir_mode': |
|
157 |
$value=$dir_mode; |
|
158 |
break; |
|
159 |
case 'string_file_mode': |
|
160 |
$value=$file_mode; |
|
161 |
break; |
|
162 |
case 'pages_directory': |
|
163 |
if(trim($value)=='/') $value=''; |
|
164 |
break; |
|
165 |
default : |
|
166 |
|
|
167 |
break; |
|
168 |
} |
|
169 |
if (!in_array($setting_name, $allow_tags_in_fields)) |
|
143 | 170 |
{ |
144 |
$allow_tags_in_fields = array('website_header', 'website_footer','wbmailer_smtp_password'); |
|
145 |
if(!in_array($setting_name, $allow_tags_in_fields)) { |
|
146 |
$value = strip_tags($value); |
|
147 |
} |
|
171 |
$value = strip_tags($value); |
|
172 |
} |
|
148 | 173 |
|
149 |
switch ($setting_name) { |
|
150 |
case 'default_timezone': |
|
151 |
$value=$value*60*60; |
|
152 |
break; |
|
153 |
case 'string_dir_mode': |
|
154 |
$value=$dir_mode; |
|
155 |
break; |
|
156 |
case 'string_file_mode': |
|
157 |
$value=$file_mode; |
|
158 |
break; |
|
159 |
case 'pages_directory': |
|
160 |
if(trim($value)=='/') $value=''; |
|
161 |
break; |
|
162 |
default : |
|
174 |
$passed = in_array($setting_name, $allow_empty_values); |
|
163 | 175 |
|
164 |
break; |
|
165 |
} |
|
166 |
$value = $admin->add_slashes($value); |
|
167 |
$database->query("UPDATE ".TABLE_PREFIX."settings SET value = '$value' WHERE name = '$setting_name'"); |
|
176 |
if ( !in_array($value, $disallow_in_fields) && ((trim($value) <> '') || $passed == true) ) |
|
177 |
{ |
|
178 |
$value = trim($admin->add_slashes($value)); |
|
179 |
$sql = 'UPDATE `'.TABLE_PREFIX.'settings` '; |
|
180 |
$sql .= 'SET `value` = \''.$value.'\' '; |
|
181 |
$sql .= 'WHERE `name` <> \'wb_version\' '; |
|
182 |
$sql .= 'AND `name` = \''.$setting_name.'\' '; |
|
183 |
|
|
184 |
if ($database->query($sql)) |
|
185 |
{ |
|
186 |
} |
|
168 | 187 |
} |
169 | 188 |
} |
170 | 189 |
|
Also available in: Unified diff
added admin/images
local sync
fixed save handling settings entries