[geeklog-cvs] geeklog-1.3/plugins/staticpages functions.inc,1.29,1.30

[dhaun at geeklog.net]

Update of /usr/cvs/geeklog/geeklog-1.3/plugins/staticpages
In directory geeklog_prod:/tmp/cvs-serv23632/plugins/staticpages

Modified Files:
	functions.inc 
Log Message:
When execution of PHP code is not allowed, don't display static pages marked as containing PHP code - display a deny message instead and log it in error.log.


Index: functions.inc
===================================================================
RCS file: /usr/cvs/geeklog/geeklog-1.3/plugins/staticpages/functions.inc,v
retrieving revision 1.29
retrieving revision 1.30
diff -C2 -d -r1.29 -r1.30
*** functions.inc	18 Jan 2004 10:16:23 -0000	1.29
--- functions.inc	21 Jan 2004 19:13:34 -0000	1.30
***************
*** 348,352 ****
  function plugin_centerblock_staticpages ($where = 1, $page = 1, $topic ='')
  {
!     global $_CONF, $_TABLES, $_SP_CONF, $HTTP_GET_VARS;
  
      $retval = '';
--- 348,352 ----
  function plugin_centerblock_staticpages ($where = 1, $page = 1, $topic ='')
  {
!     global $_CONF, $_TABLES, $_SP_CONF, $LANG_STATIC, $HTTP_GET_VARS;
  
      $retval = '';
***************
*** 375,379 ****
          $perms = ' AND ' . $perms;
      }
!     $spsql = "SELECT sp_id,sp_content,sp_title,sp_format,sp_php FROM {$_TABLES['staticpage']} WHERE (sp_centerblock = 1) AND " . $moresql . $perms . " ORDER BY " . $sort;
      $result = DB_query ($spsql);
  
--- 375,379 ----
          $perms = ' AND ' . $perms;
      }
!     $spsql = "SELECT sp_id,sp_content,sp_title,sp_format,sp_php,sp_inblock FROM {$_TABLES['staticpage']} WHERE (sp_centerblock = 1) AND " . $moresql . $perms . " ORDER BY " . $sort;
      $result = DB_query ($spsql);
  
***************
*** 396,400 ****
              }
  
!             if (($_SP_CONF['in_block'] == 1) &&
                      ($spresult['sp_format'] != 'blankpage') &&
                      !empty ($spresult['sp_title'])) {
--- 396,400 ----
              }
  
!             if (($spresult['sp_inblock'] == 1) &&
                      ($spresult['sp_format'] != 'blankpage') &&
                      !empty ($spresult['sp_title'])) {
***************
*** 415,422 ****
                  }
              } else {
!                 $retval .= stripslashes ($spresult['sp_content']);
              }
  
!             if (($_SP_CONF['in_block'] == 1) &&
                      ($spresult['sp_format'] != 'blankpage') &&
                      !empty ($spresult['sp_title'])) {
--- 415,427 ----
                  }
              } else {
!                 if ($spresult['sp_php'] != 0) {
!                     COM_errorLog ("PHP in static pages is disabled. Can not display page '$sp_id'.", 1);
!                     $retval .= $LANG_STATIC['deny_msg'];
!                 } else {
!                     $retval .= stripslashes ($spresult['sp_content']);
!                 }
              }
  
!             if (($spresult['sp_inblock'] == 1) &&
                      ($spresult['sp_format'] != 'blankpage') &&
                      !empty ($spresult['sp_title'])) {