[geeklog-cvs] geeklog-1.3/plugins/staticpages functions.inc,1.29,1.30
dhaun at geeklog.net
dhaun at geeklog.net
Wed Jan 21 14:13:36 EST 2004
Update of /usr/cvs/geeklog/geeklog-1.3/plugins/staticpages
In directory geeklog_prod:/tmp/cvs-serv23632/plugins/staticpages
Modified Files:
functions.inc
Log Message:
When execution of PHP code is not allowed, don't display static pages marked as containing PHP code - display a deny message instead and log it in error.log.
Index: functions.inc
===================================================================
RCS file: /usr/cvs/geeklog/geeklog-1.3/plugins/staticpages/functions.inc,v
retrieving revision 1.29
retrieving revision 1.30
diff -C2 -d -r1.29 -r1.30
*** functions.inc 18 Jan 2004 10:16:23 -0000 1.29
--- functions.inc 21 Jan 2004 19:13:34 -0000 1.30
***************
*** 348,352 ****
function plugin_centerblock_staticpages ($where = 1, $page = 1, $topic ='')
{
! global $_CONF, $_TABLES, $_SP_CONF, $HTTP_GET_VARS;
$retval = '';
--- 348,352 ----
function plugin_centerblock_staticpages ($where = 1, $page = 1, $topic ='')
{
! global $_CONF, $_TABLES, $_SP_CONF, $LANG_STATIC, $HTTP_GET_VARS;
$retval = '';
***************
*** 375,379 ****
$perms = ' AND ' . $perms;
}
! $spsql = "SELECT sp_id,sp_content,sp_title,sp_format,sp_php FROM {$_TABLES['staticpage']} WHERE (sp_centerblock = 1) AND " . $moresql . $perms . " ORDER BY " . $sort;
$result = DB_query ($spsql);
--- 375,379 ----
$perms = ' AND ' . $perms;
}
! $spsql = "SELECT sp_id,sp_content,sp_title,sp_format,sp_php,sp_inblock FROM {$_TABLES['staticpage']} WHERE (sp_centerblock = 1) AND " . $moresql . $perms . " ORDER BY " . $sort;
$result = DB_query ($spsql);
***************
*** 396,400 ****
}
! if (($_SP_CONF['in_block'] == 1) &&
($spresult['sp_format'] != 'blankpage') &&
!empty ($spresult['sp_title'])) {
--- 396,400 ----
}
! if (($spresult['sp_inblock'] == 1) &&
($spresult['sp_format'] != 'blankpage') &&
!empty ($spresult['sp_title'])) {
***************
*** 415,422 ****
}
} else {
! $retval .= stripslashes ($spresult['sp_content']);
}
! if (($_SP_CONF['in_block'] == 1) &&
($spresult['sp_format'] != 'blankpage') &&
!empty ($spresult['sp_title'])) {
--- 415,427 ----
}
} else {
! if ($spresult['sp_php'] != 0) {
! COM_errorLog ("PHP in static pages is disabled. Can not display page '$sp_id'.", 1);
! $retval .= $LANG_STATIC['deny_msg'];
! } else {
! $retval .= stripslashes ($spresult['sp_content']);
! }
}
! if (($spresult['sp_inblock'] == 1) &&
($spresult['sp_format'] != 'blankpage') &&
!empty ($spresult['sp_title'])) {
More information about the geeklog-cvs
mailing list