Revision 657
Added by thorn almost 17 years ago
| trunk/CHANGELOG | ||
|---|---|---|
| 10 | 10 |
# = Bugfix |
| 11 | 11 |
! = Update/Change |
| 12 | 12 |
|
| 13 |
------------------------------------- 2.7.0 ------------------------------------- |
|
| 13 |
------------------------------------- 2.7.0 ------------------------------------- |
|
| 14 |
02-Feb-2008 Thomas Hornik |
|
| 15 |
! settings: pages-directory '/' will be converted to '' (empty string) on save. |
|
| 16 |
! changed last remaining call to my_htmlspecialchars() to htmlspecialchars() |
|
| 14 | 17 |
01-Feb-2008 Christian Sommer |
| 15 | 18 |
# Added default index.php to all folders to prevent directory spoofing |
| 16 | 19 |
01-Feb-2008 Thomas Hornik |
| trunk/wb/admin/pages/add.php | ||
|---|---|---|
| 33 | 33 |
|
| 34 | 34 |
// Get values |
| 35 | 35 |
$title = $admin->get_post_escaped('title');
|
| 36 |
$title = my_htmlspecialchars($title);
|
|
| 36 |
$title = htmlspecialchars($title); |
|
| 37 | 37 |
$module = $admin->get_post('type');
|
| 38 | 38 |
$parent = $admin->get_post('parent');
|
| 39 | 39 |
$visibility = $admin->get_post('visibility');
|
| trunk/wb/admin/settings/save.php | ||
|---|---|---|
| 149 | 149 |
case 'string_file_mode': |
| 150 | 150 |
$value=$file_mode; |
| 151 | 151 |
break; |
| 152 |
case 'pages_directory': |
|
| 153 |
if(trim($value)=='/') $value=''; |
|
| 154 |
break; |
|
| 152 | 155 |
} |
| 153 | 156 |
$database->query("UPDATE ".TABLE_PREFIX."settings SET value = '$value' WHERE name = '$setting_name'");
|
| 154 | 157 |
} |
Also available in: Unified diff
Settings: pages-directory '/' will be converted to '' (empty string) on save.
Changed last remaining call to my_htmlspecialchars() to htmlspecialchars()