Project

General

Profile

« Previous | Next » 

Revision 1777

Added by Dietmar about 12 years ago

+ add methode StripCodeFromText in class.wb to clean injection
! rebranding the admin/settings and security fixes
! a few new styling in backend wb_theme
! beginning aa lot of account changes like correction of $_SESSION indexe, security fixes
+ add head.load.min.js and head.min.js to /include/jquery/ to style HTML5 templates

View differences:

details.php
18 18 

  		




  19
  19
  
    
/* -------------------------------------------------------- */


  		




  20
  20
  
    
// Must include code to stop this file being accessed directly


  		




  21
  
  
    
if(defined('WB_PATH') == false)


  		




  22
  
  
    
{


  		




  23
  
  
    
	// Stop this file being access directly


  		




  24
  
  
    
		die('<h2 style="color:red;margin:3em auto;text-align:center;">Cannot access this file directly</h2>');


  		




  
  21
  
    
if(!defined('WB_PATH')) {


  		




  
  22
  
    
	require_once(dirname(dirname(__FILE__)).'/framework/globalExceptionHandler.php');


  		




  
  23
  
    
	throw new IllegalFileException();


  		




  25
  24
  
    
}


  		




  26
  25
  
    
/* -------------------------------------------------------- */


  		




  27
  26
  
    

  		




  28
  27
  
    
// Get entered values


  		




  29
  
  
    
	$display_name = $wb->add_slashes(strip_tags($wb->get_post('display_name')));


  		




  30
  
  
    
	$language = $wb->get_post('language');


  		




  31
  
  
    
	$timezone = $wb->get_post('timezone')*60*60;


  		




  32
  
  
    
	$date_format = $wb->get_post('date_format');


  		




  33
  
  
    
	$time_format = $wb->get_post('time_format');


  		




  
  28
  
    
	$display_name = strip_tags($wb->StripCodeFromText($wb->get_post('display_name')));


  		




  
  29
  
    
	$language = strip_tags($wb->StripCodeFromText($wb->get_post('language')));


  		




  
  30
  
    
	$timezone = intval($wb->StripCodeFromText($wb->get_post('timezone')))*60*60;


  		




  
  31
  
    
	$date_format = strip_tags($wb->StripCodeFromText($wb->get_post('date_format')));


  		




  
  32
  
    
	$time_format = strip_tags($wb->StripCodeFromText($wb->get_post('time_format')));


  		




  34
  33
  
    

  		




  35
  34
  
    
// Update the database


  		




  36
  35
  
    
// $database = new database();


  		




  ......




  46
  45
  
    
		$success[] = $MOD_PREFERENCE['DETAILS_SAVED'];


  		




  47
  46
  
    
		$_SESSION['DISPLAY_NAME'] = $display_name;


  		




  48
  47
  
    
		$_SESSION['LANGUAGE'] = $language;


  		




  
  48
  
    
		$_SESSION['TIME_FORMAT'] = $time_format;


  		




  
  49
  
    
		$_SESSION['DATE_FORMAT'] = $date_format;


  		




  49
  50
  
    
		$_SESSION['TIMEZONE'] = $timezone;


  		




  50
  
  
    
		$_SESSION['HTTP_REFERER'] = (($_SESSION['LANGUAGE']== LANGUAGE) ? $_SESSION['HTTP_REFERER'] : WB_URL);


  		




  51
  51
  
    
// Update date format


  		




  52
  52
  
    
		if($date_format != '') {


  		




  53
  53
  
    
			$_SESSION['DATE_FORMAT'] = $date_format;


  		












Also available in:  Unified diff