[geeklog-cvs] Geeklog-1.x/public_html/admin/install index.php, 1.14, 1.15

Dirk Haun dhaun at qs1489.pair.com
Sun Sep 9 03:59:45 EDT 2007 

Update of /cvsroot/geeklog/Geeklog-1.x/public_html/admin/install
In directory qs1489.pair.com:/tmp/cvs-serv45675

Modified Files:
	index.php 
Log Message:
Try to pick up the language from the language cookie; some sanitizing of the language file name


Index: index.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/public_html/admin/install/index.php,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -d -r1.14 -r1.15
*** index.php	6 Sep 2007 06:48:52 -0000	1.14
--- index.php	9 Sep 2007 07:59:43 -0000	1.15
***************
*** 677,680 ****
--- 677,681 ----
  {
      global $language;
+ 
      return '(<a href="help.php?language=' . $language . '#' . $var . '" target="_blank">?</a>)';
  }
***************
*** 1337,1343 ****
  $siteconfig_path    = '../../siteconfig.php';
  $dbconfig_path      = (isset($_POST['dbconfig_path'])) ? $_POST['dbconfig_path'] : ((isset($_GET['dbconfig_path'])) ? $_GET['dbconfig_path'] : '');
- $language           = isset($_POST['language']) ? $_POST['language'] : (isset($_GET['language']) ? $_GET['language'] : 'english') ;
  $step               = isset($_GET['step']) ? $_GET['step'] : (isset($_POST['step']) ? $_POST['step'] : 1);
  $mode               = isset($_GET['mode']) ? $_GET['mode'] : (isset($_POST['mode']) ? $_POST['mode'] : '');
  require_once 'language/' . $language . '.php';
  
--- 1338,1360 ----
  $siteconfig_path    = '../../siteconfig.php';
  $dbconfig_path      = (isset($_POST['dbconfig_path'])) ? $_POST['dbconfig_path'] : ((isset($_GET['dbconfig_path'])) ? $_GET['dbconfig_path'] : '');
  $step               = isset($_GET['step']) ? $_GET['step'] : (isset($_POST['step']) ? $_POST['step'] : 1);
  $mode               = isset($_GET['mode']) ? $_GET['mode'] : (isset($_POST['mode']) ? $_POST['mode'] : '');
+ 
+ $language = 'english';
+ if (isset($_REQUEST['language'])) {
+     $lng = $_REQUEST['language'];
+ } else if (isset($_COOKIE['language'])) {
+     // Okay, so the name of the language cookie is configurable, so it may not
+     // be named 'language' after all. Still worth a try ...
+     $lng = $_COOKIE['language'];
+     $lng = str_replace('_utf-8', '', $lng); // for now
+ } else {
+     $lng = $language;
+ }
+ // sanitize value and check for file
+ $lng = preg_replace('/[^a-z0-9\-_]/', '', $lng);
+ if (!empty($lng) && is_file('language/' . $lng . '.php')) {
+     $language = $lng;
+ }
  require_once 'language/' . $language . '.php';

More information about the geeklog-cvs mailing list