[geeklog-cvs] geeklog-1.3/public_html/admin/plugins/staticpages index.php,1.29,1.30 install.php,1.12,1.13
dhaun at geeklog.net
dhaun at geeklog.net
Wed Jan 14 13:05:44 EST 2004
Update of /usr/cvs/geeklog/geeklog-1.3/public_html/admin/plugins/staticpages
In directory geeklog_prod:/tmp/cvs-serv29176/public_html/admin/plugins/staticpages
Modified Files:
index.php install.php
Log Message:
You can now disable PHP in static pages entirely by setting $_SP_CONF['allow_php'] = 0;
Index: index.php
===================================================================
RCS file: /usr/cvs/geeklog/geeklog-1.3/public_html/admin/plugins/staticpages/index.php,v
retrieving revision 1.29
retrieving revision 1.30
diff -C2 -d -r1.29 -r1.30
*** index.php 2 Jan 2004 22:10:03 -0000 1.29
--- index.php 14 Jan 2004 18:05:42 -0000 1.30
***************
*** 3,7 ****
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
! // | Static Pages Geeklog Plugin 1.3 |
// +---------------------------------------------------------------------------+
// | index.php |
--- 3,7 ----
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
! // | Static Pages Geeklog Plugin 1.4 |
// +---------------------------------------------------------------------------+
// | index.php |
***************
*** 9,13 ****
// | Administration page. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2000-2003 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony at tonybibbs.com |
--- 9,13 ----
// | Administration page. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2000-2004 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony at tonybibbs.com |
***************
*** 44,47 ****
--- 44,48 ----
$display .= COM_endBlock();
$display .= COM_siteFooter();
+ COM_accessLog("User {$_USER['username']} tried to illegally access the static pages administration screen.");
echo $display;
exit;
***************
*** 189,193 ****
$sp_template->set_var ('pos_selection', $position);
! if (SEC_hasRights ('staticpages.PHP')) {
$selection = '<select name="sp_php">' . LB;
$selection .= '<option value="0"';
--- 190,194 ----
$sp_template->set_var ('pos_selection', $position);
! if (($_SP_CONF['allow_php'] == 1) && SEC_hasRights ('staticpages.PHP')) {
$selection = '<select name="sp_php">' . LB;
$selection .= '<option value="0"';
***************
*** 209,218 ****
$sp_template->set_var ('php_selector', $selection);
$sp_template->set_var ('php_warn', $LANG_STATIC['php_warn']);
- $sp_template->set_var ('php_msg', $LANG_STATIC['php_msg']);
} else {
$sp_template->set_var ('php_selector', '');
! $sp_template->set_var ('php_warn', '');
! $sp_template->set_var ('php_msg', '');
}
// old variables (for the 1.3-type checkbox)
$sp_template->set_var ('php_checked', '');
--- 210,219 ----
$sp_template->set_var ('php_selector', $selection);
$sp_template->set_var ('php_warn', $LANG_STATIC['php_warn']);
} else {
$sp_template->set_var ('php_selector', '');
! $sp_template->set_var ('php_warn', $LANG_STATIC['php_not_activated']);
}
+ $sp_template->set_var ('php_msg', $LANG_STATIC['php_msg']);
+
// old variables (for the 1.3-type checkbox)
$sp_template->set_var ('php_checked', '');
***************
*** 529,533 ****
// If user does not have php edit perms, then set php flag to 0.
! if (!SEC_hasRights ('staticpages.PHP')) {
$sp_php = 0;
}
--- 530,534 ----
// If user does not have php edit perms, then set php flag to 0.
! if (($_SP_CONF['allow_php'] != 1) || !SEC_hasRights ('staticpages.PHP')) {
$sp_php = 0;
}
***************
*** 564,586 ****
if (($mode == $LANG_STATIC['delete']) && !empty ($LANG_STATIC['delete'])) {
if (empty ($sp_id) || (is_numeric ($sp_id) && ($sp_id == 0))) {
COM_errorLog ('Attempted to delete static page sp_id=' . $sp_id);
} else {
! DB_delete($_TABLES['staticpage'],'sp_id',$sp_id,$_CONF['site_admin_url'] . '/plugins/staticpages/index.php');
}
} else if ($mode == 'edit') {
! $display .= COM_siteHeader('menu');
! $display .= staticpageeditor($sp_id,$mode);
! $display .= COM_siteFooter();
} else if ($mode == 'clone') {
! $display .= COM_siteHeader ('menu');
! $display .= staticpageeditor ($sp_id,$mode);
! $display .= COM_siteFooter ();
} else if (($mode == $LANG_STATIC['save']) && !empty ($LANG_STATIC['save'])) {
! submitstaticpage ($sp_id, $sp_uid, $sp_title, $sp_content, $unixdate,
$sp_hits, $sp_format, $sp_onmenu, $sp_label, $owner_id, $group_id,
$perm_owner, $perm_group, $perm_members, $perm_anon, $sp_php,
$sp_nf, $sp_old_id, $sp_centerblock, $sp_tid, $sp_where, $sp_inblock);
} else {
$display .= COM_siteHeader ('menu');
$display .= liststaticpages ($page);
--- 565,605 ----
if (($mode == $LANG_STATIC['delete']) && !empty ($LANG_STATIC['delete'])) {
+ $sp_id = COM_applyFilter ($HTTP_POST_VARS['sp_id']);
if (empty ($sp_id) || (is_numeric ($sp_id) && ($sp_id == 0))) {
COM_errorLog ('Attempted to delete static page sp_id=' . $sp_id);
} else {
! DB_delete ($_TABLES['staticpage'], 'sp_id', $sp_id,
! $_CONF['site_admin_url'] . '/plugins/staticpages/index.php');
}
} else if ($mode == 'edit') {
! $sp_id = COM_applyFilter ($HTTP_GET_VARS['sp_id']);
! if (!empty ($sp_id)) {
! $display .= COM_siteHeader('menu');
! $display .= staticpageeditor($sp_id,$mode);
! $display .= COM_siteFooter();
! } else {
! $display = COM_refresh ($_CONF['site_admin_url'] . '/index.php');
! }
} else if ($mode == 'clone') {
! $sp_id = COM_applyFilter ($HTTP_GET_VARS['sp_id']);
! if (!empty ($sp_id)) {
! $display .= COM_siteHeader ('menu');
! $display .= staticpageeditor ($sp_id,$mode);
! $display .= COM_siteFooter ();
! } else {
! $display = COM_refresh ($_CONF['site_admin_url'] . '/index.php');
! }
} else if (($mode == $LANG_STATIC['save']) && !empty ($LANG_STATIC['save'])) {
! $sp_id = COM_applyFilter ($HTTP_POST_VARS['sp_id']);
! if (!empty ($sp_id)) {
! submitstaticpage ($sp_id, $sp_uid, $sp_title, $sp_content, $unixdate,
$sp_hits, $sp_format, $sp_onmenu, $sp_label, $owner_id, $group_id,
$perm_owner, $perm_group, $perm_members, $perm_anon, $sp_php,
$sp_nf, $sp_old_id, $sp_centerblock, $sp_tid, $sp_where, $sp_inblock);
+ } else {
+ $display = COM_refresh ($_CONF['site_admin_url'] . '/index.php');
+ }
} else {
+ $page = COM_applyFilter ($HTTP_GET_VARS['page'], true);
$display .= COM_siteHeader ('menu');
$display .= liststaticpages ($page);
Index: install.php
===================================================================
RCS file: /usr/cvs/geeklog/geeklog-1.3/public_html/admin/plugins/staticpages/install.php,v
retrieving revision 1.12
retrieving revision 1.13
diff -C2 -d -r1.12 -r1.13
*** install.php 29 Dec 2003 10:07:53 -0000 1.12
--- install.php 14 Jan 2004 18:05:42 -0000 1.13
***************
*** 3,7 ****
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
! // | Static Pages Plugin 1.3 for Geeklog - The Ultimate Weblog |
// +---------------------------------------------------------------------------+
// | install.php |
--- 3,7 ----
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
! // | Static Pages Plugin 1.4 for Geeklog - The Ultimate Weblog |
// +---------------------------------------------------------------------------+
// | install.php |
***************
*** 10,14 ****
// | plugin for Geeklog. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2002,2003 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony at tonybibbs.com |
--- 10,14 ----
// | plugin for Geeklog. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2002-2004 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony at tonybibbs.com |
***************
*** 211,215 ****
DB_delete($_TABLES['plugins'],'pi_name','staticpages');
DB_query("INSERT INTO {$_TABLES['plugins']} (pi_name, pi_version, pi_gl_version, pi_homepage, pi_enabled) "
! . "VALUES ('staticpages', '{$_SP_CONF['version']}', '1.3.8', 'http://www.tonybibbs.com', 1)");
if (DB_error()) {
--- 211,215 ----
DB_delete($_TABLES['plugins'],'pi_name','staticpages');
DB_query("INSERT INTO {$_TABLES['plugins']} (pi_name, pi_version, pi_gl_version, pi_homepage, pi_enabled) "
! . "VALUES ('staticpages', '{$_SP_CONF['version']}', '1.3.9', 'http://www.tonybibbs.com', 1)");
if (DB_error()) {
More information about the geeklog-cvs
mailing list