Revision 1400
Added by FrankH almost 14 years ago
- Security fix in account
- Security fix in admin/media, thanks to hal 9000
| setparameter.php | ||
|---|---|---|
| 1 | 1 |
<?php |
| 2 |
/** |
|
| 3 |
* |
|
| 4 |
* @category admin |
|
| 5 |
* @package admintools |
|
| 6 |
* @author WebsiteBaker Project |
|
| 7 |
* @copyright 2004-2009, Ryan Djurovich |
|
| 8 |
* @copyright 2009-2011, Website Baker Org. e.V. |
|
| 9 |
* @link http://www.websitebaker2.org/ |
|
| 10 |
* @license http://www.gnu.org/licenses/gpl.html |
|
| 11 |
* @platform WebsiteBaker 2.8.x |
|
| 12 |
* @requirements PHP 5.2.2 and higher |
|
| 13 |
* @version $Id$ |
|
| 14 |
* @filesource $HeadURL: $ |
|
| 15 |
* @lastmodified $Date: $ |
|
| 16 |
* |
|
| 17 |
*/ |
|
| 2 | 18 |
|
| 3 |
// $Id$ |
|
| 4 |
|
|
| 5 |
/* |
|
| 6 |
|
|
| 7 |
Website Baker Project <http://www.websitebaker.org/> |
|
| 8 |
Copyright (C) 2004-2009, Ryan Djurovich |
|
| 9 |
|
|
| 10 |
Website Baker is free software; you can redistribute it and/or modify |
|
| 11 |
it under the terms of the GNU General Public License as published by |
|
| 12 |
the Free Software Foundation; either version 2 of the License, or |
|
| 13 |
(at your option) any later version. |
|
| 14 |
|
|
| 15 |
Website Baker is distributed in the hope that it will be useful, |
|
| 16 |
but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
| 17 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
| 18 |
GNU General Public License for more details. |
|
| 19 |
|
|
| 20 |
You should have received a copy of the GNU General Public License |
|
| 21 |
along with Website Baker; if not, write to the Free Software |
|
| 22 |
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
|
| 23 |
|
|
| 24 |
*/ |
|
| 25 |
|
|
| 26 | 19 |
require('../../config.php');
|
| 27 | 20 |
require_once(WB_PATH.'/framework/class.admin.php'); |
| 28 | 21 |
$admin = new admin('Media', 'media', false);
|
| ... | ... | |
| 40 | 33 |
|
| 41 | 34 |
//Save post vars to the parameters file |
| 42 | 35 |
if ( !is_null($admin->get_post_escaped("save"))) {
|
| 36 |
if (!$admin->checkFTAN()) |
|
| 37 |
{
|
|
| 38 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], WB_URL); |
|
| 39 |
exit(); |
|
| 40 |
} |
|
| 41 |
|
|
| 43 | 42 |
//Check for existing settings entry, if not existing, create a record first! |
| 44 | 43 |
if (!$database->query ( "SELECT * FROM ".TABLE_PREFIX."settings where `name`='mediasettings'" )) {
|
| 45 | 44 |
$database->query ( "INSERT INTO ".TABLE_PREFIX."settings (`name`,`value`) VALUES ('mediasettings','')" );
|
| ... | ... | |
| 79 | 78 |
$template->set_var(array( |
| 80 | 79 |
'TEXT_HEADER' => $TEXT['TEXT_HEADER'], |
| 81 | 80 |
'SAVE_TEXT' => $TEXT['SAVE'], |
| 82 |
'BACK' => $TEXT['BACK'] |
|
| 81 |
'BACK' => $TEXT['BACK'],
|
|
| 83 | 82 |
) |
| 84 | 83 |
); |
| 85 | 84 |
|
| ... | ... | |
| 118 | 117 |
'ADMIN_ONLY_SELECTED' => $pathsettings['global']['admin_only'], |
| 119 | 118 |
'NO_SHOW_THUMBS' => $TEXT['NO_SHOW_THUMBS'], |
| 120 | 119 |
'NO_SHOW_THUMBS_SELECTED' => $pathsettings['global']['show_thumbs'], |
| 121 |
'ROW_BG_COLOR' => $row_bg_color |
|
| 120 |
'ROW_BG_COLOR' => $row_bg_color, |
|
| 121 |
'FTAN' => $admin->getFTAN() |
|
| 122 | 122 |
) |
| 123 | 123 |
); |
| 124 | 124 |
$template->parse('list', 'list_block', true);
|
Also available in: Unified diff