Revision 1457
Added by Dietmar over 13 years ago
settings2.php | ||
---|---|---|
20 | 20 |
// Create new admin object and print admin header |
21 | 21 |
require('../../config.php'); |
22 | 22 |
require_once(WB_PATH.'/framework/class.admin.php'); |
23 |
$admin = new admin('Pages', 'pages_settings'); |
|
24 | 23 |
|
24 |
// suppress to print the header, so no new FTAN will be set |
|
25 |
$admin = new admin('Pages', 'pages_settings',false); |
|
26 |
|
|
25 | 27 |
// Get page id |
26 | 28 |
if(!isset($_POST['page_id']) || !is_numeric($_POST['page_id'])) |
27 | 29 |
{ |
28 | 30 |
header("Location: index.php"); |
29 | 31 |
exit(0); |
30 | 32 |
} else { |
31 |
$page_id = $_POST['page_id']; |
|
33 |
$page_id = (int)$_POST['page_id'];
|
|
32 | 34 |
} |
35 |
|
|
36 |
/* |
|
37 |
if( (!($page_id = $admin->checkIDKEY('page_id', 0, $_SERVER['REQUEST_METHOD']))) ) |
|
38 |
{ |
|
39 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']); |
|
40 |
} |
|
41 |
*/ |
|
33 | 42 |
$pagetree_url = ADMIN_URL.'/pages/index.php'; |
34 | 43 |
$target_url = ADMIN_URL.'/pages/settings.php?page_id='.$page_id; |
35 | 44 |
|
36 | 45 |
if (!$admin->checkFTAN()) |
37 | 46 |
{ |
47 |
$admin->print_header(); |
|
38 | 48 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$target_url); |
39 |
exit(); |
|
40 | 49 |
} |
50 |
// After check print the header |
|
51 |
$admin->print_header(); |
|
41 | 52 |
|
42 |
/* |
|
43 |
if( (!($page_id = $admin->checkIDKEY('page_id', 0, $_SERVER['REQUEST_METHOD']))) ) |
|
44 |
{ |
|
45 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']); |
|
46 |
exit(); |
|
47 |
} |
|
48 |
*/ |
|
49 |
|
|
50 | 53 |
// Include the WB functions file |
51 | 54 |
require_once(WB_PATH.'/framework/functions.php'); |
52 | 55 |
|
... | ... | |
92 | 95 |
$old_admin_users = explode(',', str_replace('_', '', $results_array['admin_users'])); |
93 | 96 |
|
94 | 97 |
// Work-out if we should check for existing page_code |
95 |
$sql = 'DESCRIBE `'.TABLE_PREFIX.'pages` `page_code`'; |
|
96 |
$field_sql = $database->query($sql); |
|
97 |
$field_set = $field_sql->numRows(); |
|
98 |
$field_set = $database->field_exists(TABLE_PREFIX.'pages', 'page_code'); |
|
98 | 99 |
|
99 | 100 |
$in_old_group = FALSE; |
100 | 101 |
foreach($admin->get_groups_id() as $cur_gid) |
101 | 102 |
Also available in: Unified diff
Preparing 2.8.2 stable, last tests