Revision 1785
Added by Dietmar over 11 years ago
| branches/2.8.x/CHANGELOG | ||
|---|---|---|
| 13 | 13 |
|
| 14 | 14 |
|
| 15 | 15 |
|
| 16 |
12 Oct-2012 Build 1785 Dietmar Woellbrink (Luisehahne) |
|
| 17 |
# fixed language uninstall, change mysql to strict |
|
| 18 |
! secure fix for search update in settings, search_footer now can be empty |
|
| 19 |
! change ->fetchRow() to ->fetchRow(MYSQL_ASSOC) in frontend.functions.php |
|
| 16 | 20 |
12 Oct-2012 Build 1784 Dietmar Woellbrink (Luisehahne) |
| 17 | 21 |
# fixed security warning if a group will be deleted |
| 18 | 22 |
11 Oct-2012 Build 1783 Dietmar Woellbrink (Luisehahne) |
| branches/2.8.x/wb/upgrade-script.php | ||
|---|---|---|
| 15 | 15 |
* |
| 16 | 16 |
*/ |
| 17 | 17 |
|
| 18 |
require_once('config.php');
|
|
| 18 |
// Include config file |
|
| 19 |
$config_file = realpath('config.php');
|
|
| 20 |
if(file_exists($config_file) && !defined('WB_URL'))
|
|
| 21 |
{
|
|
| 22 |
require_once($config_file); |
|
| 23 |
} |
|
| 19 | 24 |
|
| 25 |
//require_once(WB_PATH.'/framework/class.admin.php'); |
|
| 26 |
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); }
|
|
| 20 | 27 |
require_once(WB_PATH.'/framework/functions.php'); |
| 21 |
require_once(WB_PATH.'/framework/class.admin.php'); |
|
| 22 | 28 |
// require_once(WB_PATH.'/framework/Database.php'); |
| 23 | 29 |
$admin = new admin('Addons', 'modules', false, false);
|
| 24 | 30 |
|
| ... | ... | |
| 60 | 66 |
'[ADMIN]/themes/', |
| 61 | 67 |
); |
| 62 | 68 |
|
| 63 |
if(version_compare(WB_REVISION, '1762', '<'))
|
|
| 69 |
if(version_compare(WB_REVISION, '1785', '<'))
|
|
| 64 | 70 |
{
|
| 65 | 71 |
$filesRemove['0'] = array( |
| 66 | 72 |
|
| ... | ... | |
| 71 | 77 |
|
| 72 | 78 |
'[FRAMEWORK]/class.msg_queue.php', |
| 73 | 79 |
'[FRAMEWORK]/class.logfile.php', |
| 74 |
// '[FRAMEWORK]/class.database.php',
|
|
| 80 |
'[MODULES]/droplets/js/mdcr.js',
|
|
| 75 | 81 |
|
| 76 | 82 |
); |
| 77 | 83 |
|
| ... | ... | |
| 343 | 349 |
$bDebugModus = ( (isset($_POST['debug_confirmed']) && $_POST['debug_confirmed'] == 'debug') ? true : false); |
| 344 | 350 |
if (!(isset($_POST['backup_confirmed']) && $_POST['backup_confirmed'] == 'confirmed')) { ?>
|
| 345 | 351 |
<h2>Step 1: Backup your files</h2> |
| 346 |
<p>It is highly recommended to <strong>create a manual backup</strong> of the entire <strong><?php echo PAGES_DIRECTORY ?>/ folder</strong> and the <strong>MySQL database</strong> before proceeding.<br /><strong class="error">Note: </strong>The upgrade script alters some settings of your existing database!!! You need to confirm the disclaimer before proceeding.</p> |
|
| 352 |
<h5 class="warning">It is highly recommended to <strong>create a manual backup</strong> of the entire <strong class="error"><?php echo PAGES_DIRECTORY ?>/</strong> folder and the <strong>MySQL database</strong> before proceeding.</h5> |
|
| 353 |
<p><strong class="error">Note: </strong>The upgrade script alters some settings of your existing database!!! You need to confirm the disclaimer before proceeding.</p> |
|
| 347 | 354 |
|
| 348 | 355 |
<form name="send" action="<?php echo $_SERVER['SCRIPT_NAME'];?>" method="post"> |
| 349 | 356 |
<textarea cols="92" rows="5">DISCLAIMER: The WebsiteBaker upgrade script is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. One needs to confirm that a manual backup of the <?php echo PAGES_DIRECTORY ?>/ folder (including all files and subfolders contained in it) and backup of the entire WebsiteBaker MySQL database was created before you can proceed.</textarea> |
| branches/2.8.x/wb/admin/skel/themes/htt/settings.htt | ||
|---|---|---|
| 389 | 389 |
<div class="mbox sub-row"> |
| 390 | 390 |
<label class="setting_name">{TEXT_HEADER}:</label>
|
| 391 | 391 |
<div class="input" > |
| 392 |
<textarea name="search_header" style="height: 100px;" cols="50" rows="3">{SEARCH_HEADER}</textarea>
|
|
| 392 |
<textarea class="vert" name="search_header" style="height: 100px;" cols="50" rows="3">{SEARCH_HEADER}</textarea>
|
|
| 393 | 393 |
</div> |
| 394 | 394 |
</div> |
| 395 | 395 |
|
| 396 | 396 |
<div class="mbox sub-row"> |
| 397 | 397 |
<label class="setting_name">{TEXT_RESULTS_HEADER}:</label>
|
| 398 | 398 |
<div class="input" > |
| 399 |
<textarea name="search_results_header" cols="50" rows="3">{SEARCH_RESULTS_HEADER}</textarea>
|
|
| 399 |
<textarea class="vert" name="search_results_header" cols="50" rows="3">{SEARCH_RESULTS_HEADER}</textarea>
|
|
| 400 | 400 |
</div> |
| 401 | 401 |
</div> |
| 402 | 402 |
|
| 403 | 403 |
<div class="mbox sub-row"> |
| 404 | 404 |
<label class="setting_name">{TEXT_RESULTS_LOOP}:</label>
|
| 405 | 405 |
<div class="input" > |
| 406 |
<textarea name="search_results_loop" cols="50" rows="3">{SEARCH_RESULTS_LOOP}</textarea>
|
|
| 406 |
<textarea class="vert" name="search_results_loop" cols="50" rows="3">{SEARCH_RESULTS_LOOP}</textarea>
|
|
| 407 | 407 |
</div> |
| 408 | 408 |
</div> |
| 409 | 409 |
|
| 410 | 410 |
<div class="mbox sub-row"> |
| 411 | 411 |
<label class="setting_name">{TEXT_RESULTS_FOOTER}:</label>
|
| 412 | 412 |
<div class="input" > |
| 413 |
<textarea name="search_results_footer" cols="50" rows="3">{SEARCH_RESULTS_FOOTER}</textarea>
|
|
| 413 |
<textarea class="vert" name="search_results_footer" cols="50" rows="3">{SEARCH_RESULTS_FOOTER}</textarea>
|
|
| 414 | 414 |
</div> |
| 415 | 415 |
</div> |
| 416 | 416 |
|
| ... | ... | |
| 423 | 423 |
<div class="mbox sub-row"> |
| 424 | 424 |
<label class="setting_name">{TEXT_FOOTER}:</label>
|
| 425 | 425 |
<div class="input" > |
| 426 |
<textarea name="search_footer" cols="50" rows="3">{SEARCH_FOOTER}</textarea>
|
|
| 426 |
<textarea class="vert" name="search_footer" cols="50" rows="3">{SEARCH_FOOTER}</textarea>
|
|
| 427 | 427 |
</div> |
| 428 | 428 |
</div> |
| 429 | 429 |
|
| branches/2.8.x/wb/admin/interface/version.php | ||
|---|---|---|
| 51 | 51 |
|
| 52 | 52 |
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled) |
| 53 | 53 |
if(!defined('VERSION')) define('VERSION', '2.8.3');
|
| 54 |
if(!defined('REVISION')) define('REVISION', '1784');
|
|
| 54 |
if(!defined('REVISION')) define('REVISION', '1785');
|
|
| 55 | 55 |
if(!defined('SP')) define('SP', '');
|
| branches/2.8.x/wb/admin/settings/save.php | ||
|---|---|---|
| 22 | 22 |
$advanced = ($_POST['advanced'] == 'yes') ? '?advanced=yes' : ''; |
| 23 | 23 |
|
| 24 | 24 |
// Print admin header |
| 25 |
require('../../config.php');
|
|
| 26 |
require_once(WB_PATH.'/framework/class.admin.php'); |
|
| 25 |
//require('../../config.php');
|
|
| 26 |
//require_once(WB_PATH.'/framework/class.admin.php'); |
|
| 27 |
|
|
| 28 |
// Include config file |
|
| 29 |
$config_file = realpath('../../config.php');
|
|
| 30 |
if(file_exists($config_file) && !defined('WB_URL'))
|
|
| 31 |
{
|
|
| 32 |
require($config_file); |
|
| 33 |
} |
|
| 34 |
|
|
| 35 |
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); }
|
|
| 36 |
|
|
| 27 | 37 |
require_once(WB_PATH.'/framework/functions.php'); |
| 28 | 38 |
|
| 29 | 39 |
// suppress to print the header, so no new FTAN will be set |
| ... | ... | |
| 212 | 222 |
|
| 213 | 223 |
if($res_settings = $database->query($sql)) {
|
| 214 | 224 |
$passed = false; |
| 215 |
while($setting = $res_settings->fetchRow()) |
|
| 225 |
while($setting = $res_settings->fetchRow(MYSQL_ASSOC))
|
|
| 216 | 226 |
{
|
| 217 | 227 |
$setting_name = $setting['name']; |
| 218 | 228 |
$old_settings[$setting_name] = $setting['value']; |
| ... | ... | |
| 289 | 299 |
|
| 290 | 300 |
} |
| 291 | 301 |
$StripCodeFromISearch = array( |
| 302 |
'search_header', |
|
| 303 |
'search_results_header', |
|
| 304 |
'search_results_loop', |
|
| 305 |
'search_results_footer', |
|
| 306 |
'search_no_results', |
|
| 307 |
'search_footer', |
|
| 292 | 308 |
'search_module_order', |
| 293 | 309 |
'search_max_excerpt', |
| 294 | 310 |
'search_time_limit', |
| 295 | 311 |
); |
| 312 |
$allow_empty_values = array( |
|
| 313 |
'search_footer', |
|
| 314 |
); |
|
| 296 | 315 |
|
| 297 | 316 |
// Query current search settings in the db, then loop through them and update the db with the new value |
| 298 | 317 |
$sql = 'SELECT `name`, `value` FROM `'.TABLE_PREFIX.'search` '; |
| ... | ... | |
| 303 | 322 |
$admin->print_error($database->is_error(), $js_back ); |
| 304 | 323 |
} |
| 305 | 324 |
|
| 306 |
while($search_setting = $res_search->fetchRow()) |
|
| 325 |
while($search_setting = $res_search->fetchRow(MYSQL_ASSOC))
|
|
| 307 | 326 |
{
|
| 308 | 327 |
$old_value = $search_setting['value']; |
| 309 | 328 |
$setting_name = $search_setting['name']; |
| ... | ... | |
| 315 | 334 |
if(in_array($post_name, $StripCodeFromISearch) ) {
|
| 316 | 335 |
$value = $admin->StripCodeFromText($value); |
| 317 | 336 |
} |
| 318 |
$value = ( ($value == '') && ($setting_name != 'template') ) ? $old_value : $value; |
|
| 337 |
|
|
| 338 |
$passed = in_array($post_name, $allow_empty_values); |
|
| 339 |
|
|
| 340 |
$value = ( (!in_array($post_name, $allow_empty_values)) && ($setting_name != 'template') ) ? $old_value : $value; |
|
| 341 |
|
|
| 319 | 342 |
// $value = ( ($admin->get_post($post_name) == '') && ($setting_name == 'template') ) ? DEFAULT_TEMPLATE : $admin->get_post($post_name); |
| 320 | 343 |
if(isset($value)) |
| 321 | 344 |
{
|
| 322 | 345 |
$value = $admin->add_slashes($value); |
| 323 | 346 |
$sql = 'UPDATE `'.TABLE_PREFIX.'search` '; |
| 324 |
$sql .= 'SET `value` = "'.$value.'" ';
|
|
| 325 |
$sql .= 'WHERE `name` = "'.$setting_name.'" ';
|
|
| 326 |
$sql .= 'AND `extra` = ""';
|
|
| 347 |
$sql .= 'SET `value` = \''.$value.'\' ';
|
|
| 348 |
$sql .= 'WHERE `name` = \''.$setting_name.'\' ';
|
|
| 349 |
$sql .= 'AND `extra` = \'\' ';
|
|
| 327 | 350 |
if($database->query($sql)) {
|
| 328 | 351 |
} |
| 329 | 352 |
$sql_info = mysql_info($database->db_handle); |
| branches/2.8.x/wb/admin/languages/uninstall.php | ||
|---|---|---|
| 16 | 16 |
* |
| 17 | 17 |
*/ |
| 18 | 18 |
|
| 19 |
// Setup admin object |
|
| 20 |
require('../../config.php');
|
|
| 21 |
require_once(WB_PATH.'/framework/class.admin.php'); |
|
| 19 |
// Include config file |
|
| 20 |
$config_file = realpath('../../config.php');
|
|
| 21 |
if(file_exists($config_file) && !defined('WB_URL'))
|
|
| 22 |
{
|
|
| 23 |
require($config_file); |
|
| 24 |
} |
|
| 25 |
|
|
| 26 |
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); }
|
|
| 27 |
|
|
| 22 | 28 |
$admin = new admin('Addons', 'languages_uninstall', false);
|
| 23 | 29 |
if( !$admin->checkFTAN() ) |
| 24 | 30 |
{
|
| ... | ... | |
| 51 | 57 |
$admin->print_error($MESSAGE['ADMIN_INSUFFICIENT_PRIVELLIGES']); |
| 52 | 58 |
} |
| 53 | 59 |
|
| 54 |
/* |
|
| 55 |
// Check if user selected language |
|
| 56 |
if(!isset($_POST['code']) OR $_POST['code'] == "") {
|
|
| 57 |
header("Location: index.php");
|
|
| 58 |
exit(0); |
|
| 59 |
} |
|
| 60 |
|
|
| 61 |
// Extra protection |
|
| 62 |
if(trim($_POST['code']) == '') {
|
|
| 63 |
header("Location: index.php");
|
|
| 64 |
exit(0); |
|
| 65 |
} |
|
| 66 |
|
|
| 67 |
// Check if the language exists |
|
| 68 |
if(!file_exists(WB_PATH.'/languages/'.$_POST['code'].'.php')) {
|
|
| 69 |
$admin->print_error($MESSAGE['GENERIC_NOT_INSTALLED']); |
|
| 70 |
} |
|
| 71 |
*/ |
|
| 72 | 60 |
// Include the WB functions file |
| 73 | 61 |
require_once(WB_PATH.'/framework/functions.php'); |
| 74 | 62 |
|
| ... | ... | |
| 76 | 64 |
if($code == DEFAULT_LANGUAGE OR $code == LANGUAGE) {
|
| 77 | 65 |
$admin->print_error($MESSAGE['GENERIC_CANNOT_UNINSTALL_IN_USE']); |
| 78 | 66 |
} else {
|
| 79 |
$query_users = $database->query("SELECT user_id FROM ".TABLE_PREFIX."users WHERE language = '".$admin->add_slashes($code)."' LIMIT 1");
|
|
| 80 |
if($query_users->numRows() > 0) {
|
|
| 67 |
$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'users` '; |
|
| 68 |
$sql .= 'WHERE`language`=\''.mysql_real_escape_string($code).'\''; |
|
| 69 |
if( $database->get_one($sql) ) {
|
|
| 81 | 70 |
$admin->print_error($MESSAGE['GENERIC_CANNOT_UNINSTALL_IN_USE']); |
| 82 | 71 |
} |
| 83 | 72 |
} |
| ... | ... | |
| 87 | 76 |
$admin->print_error($MESSAGE['GENERIC_CANNOT_UNINSTALL']); |
| 88 | 77 |
} else {
|
| 89 | 78 |
// Remove entry from DB |
| 90 |
$database->query("DELETE FROM ".TABLE_PREFIX."addons WHERE directory = \'".$code."\' AND type = 'language'");
|
|
| 79 |
$sql = 'DELETE FROM `'.TABLE_PREFIX.'addons` '; |
|
| 80 |
$sql .= 'WHERE `directory`=\''.mysql_real_escape_string($code).'\' '; |
|
| 81 |
$sql .= 'AND `type`=`type`=\'language\' '; |
|
| 82 |
if( $database->query($sql) ) {
|
|
| 83 |
// Print success message |
|
| 84 |
$admin->print_success($MESSAGE['GENERIC_UNINSTALLED']); |
|
| 85 |
} else {
|
|
| 86 |
$admin->print_error($MESSAGE['GENERIC_CANNOT_UNINSTALL'].'<br />'.$database->get_error()); |
|
| 87 |
} |
|
| 91 | 88 |
} |
| 92 | 89 |
|
| 93 |
// Print success message |
|
| 94 |
$admin->print_success($MESSAGE['GENERIC_UNINSTALLED']); |
|
| 95 |
|
|
| 96 | 90 |
// Print admin footer |
| 97 | 91 |
$admin->print_footer(); |
| branches/2.8.x/wb/framework/frontend.functions.php | ||
|---|---|---|
| 37 | 37 |
$sql = 'SELECT `directory` FROM `'.TABLE_PREFIX.'addons` '; |
| 38 | 38 |
$sql .= 'WHERE `type`=\'module\' AND `function`=\'snippet\''; |
| 39 | 39 |
if(($resSnippets = $database->query($sql))) {
|
| 40 |
while($recSnippet = $resSnippets->fetchRow()) {
|
|
| 40 |
while($recSnippet = $resSnippets->fetchRow(MYSQL_ASSOC)) {
|
|
| 41 | 41 |
$module_dir = $recSnippet['directory']; |
| 42 | 42 |
if (is_readable(WB_PATH.'/modules/'.$module_dir.'/include.php')) {
|
| 43 | 43 |
include(WB_PATH.'/modules/'.$module_dir.'/include.php'); |
| ... | ... | |
| 101 | 101 |
* @return string |
| 102 | 102 |
*/ |
| 103 | 103 |
function search_highlight($foo='', $arr_string=array()) {
|
| 104 |
require_once(WB_PATH.'/framework/functions.php');
|
|
| 104 |
require(WB_PATH.'/framework/functions.php'); |
|
| 105 | 105 |
static $string_ul_umlaut = FALSE; |
| 106 | 106 |
static $string_ul_regex = FALSE; |
| 107 | 107 |
if($string_ul_umlaut === FALSE || $string_ul_regex === FALSE) {
|
| ... | ... | |
| 294 | 294 |
} |
| 295 | 295 |
|
| 296 | 296 |
// Loop through them and include their module file |
| 297 |
while($section = $oSections->fetchRow()) {
|
|
| 297 |
while($section = $oSections->fetchRow(MYSQL_ASSOC)) {
|
|
| 298 | 298 |
// skip this section if it is out of publication-date |
| 299 | 299 |
$now = time(); |
| 300 | 300 |
if( !(($now<=$section['publ_end'] || $section['publ_end']==0) && ($now>=$section['publ_start'] || $section['publ_start']==0)) ) {
|
| ... | ... | |
| 307 | 307 |
// fetch content -- this is where to place possible output-filters (before highlighting) |
| 308 | 308 |
ob_start(); // fetch original content |
| 309 | 309 |
$sectionAnchor = (defined('SEC_ANCHOR') && SEC_ANCHOR!='') ? SEC_ANCHOR.$section_id : 'section_'.$section_id;
|
| 310 |
echo PHP_EOL.'<div id="'.$sectionAnchor.'" class="wb_'.$module.'" >'.PHP_EOL;
|
|
| 310 |
echo "\n".'<div id="'.$sectionAnchor.'" class="wb_'.$module.'" >'."\n";
|
|
| 311 | 311 |
require(WB_PATH.'/modules/'.$module.'/view.php'); |
| 312 |
echo PHP_EOL.'</div><!-- '.$module.$section_id.' -->'.PHP_EOL;
|
|
| 312 |
echo "\n".'</div><!-- '.$module.$section_id.' -->'."\n";
|
|
| 313 | 313 |
$content = ob_get_clean(); |
| 314 |
echo $content; |
|
| 314 | 315 |
} else {
|
| 315 | 316 |
continue; |
| 316 | 317 |
} |
Also available in: Unified diff
! secure fix for search update in settings, search_footer now can be empty
! change ->fetchRow() to ->fetchRow(MYSQL_ASSOC) in frontend.functions.php