Project

General

Profile

« Previous | Next » 

Revision 1354

Added by Dietmar almost 14 years ago

added admin/images
local sync
fixed save handling settings entries

View differences:

save.php
129 129
	$dir_mode = "0".$u.$g.$o;
130 130
}
131 131

  
132
$allow_tags_in_fields = array('website_header', 'website_footer');
133
$allow_empty_values = array('website_header','website_footer','sec_anchor','pages_directory','page_spacer');
134
$disallow_in_fields = array('pages_directory', 'media_directory','wb_version');
132 135
// Create new database object
133 136
/*$database = new database(); */
134 137

  
135 138
// Query current settings in the db, then loop through them and update the db with the new value
136
$query = "SELECT name FROM ".TABLE_PREFIX."settings";
137
$results = $database->query($query);
138
while($setting = $results->fetchRow())
139
$settings = array();
140
$old_settings = array();
141
// Query current settings in the db, then loop through them to get old values
142
$sql = 'SELECT `name`, `value` FROM `'.TABLE_PREFIX.'settings`';
143
$sql .= 'ORDER BY `name`';
144

  
145
$res_settings = $database->query($sql);
146

  
147
while($setting = $res_settings->fetchRow())
139 148
{
149
	$old_settings[$setting['name']] = $setting['value'];
140 150
	$setting_name = $setting['name'];
141 151
	$value = $admin->get_post($setting_name);
142
	if ($setting_name!='wb_version')
152
	switch ($setting_name) {
153
		case 'default_timezone':
154
			$value=$value*60*60;
155
			break;
156
		case 'string_dir_mode':
157
			$value=$dir_mode;
158
			break;
159
		case 'string_file_mode':
160
			$value=$file_mode;
161
			break;
162
		case 'pages_directory':
163
			if(trim($value)=='/') $value='';
164
			break;
165
		default :
166

  
167
			break;
168
	}
169
    if (!in_array($setting_name, $allow_tags_in_fields))
143 170
    {
144
		$allow_tags_in_fields = array('website_header', 'website_footer','wbmailer_smtp_password');
145
		if(!in_array($setting_name, $allow_tags_in_fields)) {
146
			$value = strip_tags($value);
147
		}
171
        $value = strip_tags($value);
172
    }
148 173

  
149
		switch ($setting_name) {
150
			case 'default_timezone':
151
				$value=$value*60*60;
152
				break;
153
			case 'string_dir_mode':
154
				$value=$dir_mode;
155
				break;
156
			case 'string_file_mode':
157
				$value=$file_mode;
158
				break;
159
			case 'pages_directory':
160
				if(trim($value)=='/') $value='';
161
				break;
162
			default :
174
    $passed = in_array($setting_name, $allow_empty_values);
163 175

  
164
				break;
165
		}
166
		$value = $admin->add_slashes($value);
167
		$database->query("UPDATE ".TABLE_PREFIX."settings SET value = '$value' WHERE name = '$setting_name'");
176
    if ( !in_array($value, $disallow_in_fields) && ((trim($value) <> '') || $passed == true) )
177
    {
178
        $value = trim($admin->add_slashes($value));
179
        $sql = 'UPDATE `'.TABLE_PREFIX.'settings` ';
180
        $sql .= 'SET `value` = \''.$value.'\' ';
181
        $sql .= 'WHERE `name` <> \'wb_version\' ';
182
        $sql .= 'AND `name` = \''.$setting_name.'\' ';
183

  
184
        if ($database->query($sql))
185
        {
186
        }
168 187
	}
169 188
}
170 189

  

Also available in: Unified diff