Revision 1597
Added by Dietmar almost 13 years ago
| branches/2.8.x/CHANGELOG | ||
|---|---|---|
| 11 | 11 |
! = Update/Change |
| 12 | 12 |
|
| 13 | 13 |
=========================== add small Features 2.8.2 ========================== |
| 14 |
05 Feb-2012 Build 1597 Dietmar Woellbrink (Luisehahne) |
|
| 15 |
# fixed issues with get_magic_quotes_gpc and FCKeditor |
|
| 14 | 16 |
04 Feb-2012 Build 1596 Dietmar Woellbrink (Luisehahne) |
| 15 | 17 |
# highly critical security-fix |
| 16 | 18 |
# announced on http://www.darksecurity.de/advisories/2012/SSCHADV2012-003.txt |
| branches/2.8.x/wb/admin/interface/version.php | ||
|---|---|---|
| 51 | 51 |
|
| 52 | 52 |
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled) |
| 53 | 53 |
if(!defined('VERSION')) define('VERSION', '2.8.2');
|
| 54 |
if(!defined('REVISION')) define('REVISION', '1596');
|
|
| 54 |
if(!defined('REVISION')) define('REVISION', '1597');
|
|
| 55 | 55 |
if(!defined('SP')) define('SP', 'SP2');
|
| branches/2.8.x/wb/modules/wysiwyg/save.php | ||
|---|---|---|
| 47 | 47 |
$searchfor = '@(<[^>]*=\s*")('.preg_quote($sMediaUrl).')([^">]*".*>)@siU';
|
| 48 | 48 |
$content = preg_replace($searchfor, '$1{SYSVAR:MEDIA_REL}$3', $content);
|
| 49 | 49 |
// searching in $text will be much easier this way |
| 50 |
$text = umlauts_to_entities(strip_tags($content), strtoupper(DEFAULT_CHARSET), 0);
|
|
| 51 |
$content = $admin->add_slashes($content);
|
|
| 50 |
$content = addslashes($content);
|
|
| 51 |
$text = umlauts_to_entities($content, strtoupper(DEFAULT_CHARSET), 0);
|
|
| 52 | 52 |
$sql = 'UPDATE `'.TABLE_PREFIX.'mod_wysiwyg` '; |
| 53 | 53 |
$sql .= 'SET `content`=\''.$content.'\', `text`=\''.$text.'\' '; |
| 54 | 54 |
$sql .= 'WHERE `section_id`='.(int)$section_id; |
Also available in: Unified diff
fixed issues with get_magic_quotes_gpc and FCKeditor