[geeklog-cvs] geeklog: Removed Geeklog Config values from Javascript variable ...
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Thu Jun 2 22:30:09 EDT 2011
changeset 8306:d22b1d33d2fe
url: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/d22b1d33d2fe
user: Tom <websitemaster at cogeco.net>
date: Thu Jun 02 22:30:08 2011 -0400
description:
Removed Geeklog Config values from Javascript variable list for security reasons.
diffstat:
system/classes/scripts.class.php | 17 +++--------------
1 files changed, 3 insertions(+), 14 deletions(-)
diffs (30 lines):
diff -r 102961cb332d -r d22b1d33d2fe system/classes/scripts.class.php
--- a/system/classes/scripts.class.php Thu Jun 02 14:33:17 2011 +0200
+++ b/system/classes/scripts.class.php Thu Jun 02 22:30:08 2011 -0400
@@ -438,23 +438,12 @@
// Do we need to set JavaScript
if ($this->javascript_set) {
// Add Core JavaScript global variables
- $footercode = '<script type="text/javascript">' . LB;
+ $footercode = '';
if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
+ $footercode = '<script type="text/javascript">' . LB;
$footercode .= "var geeklogEditorBaseUrl = '" . $_CONF['site_url'] . "';" . LB;
+ $footercode .= '</script>' . LB;
}
- // Create config variable array to pass to JavaScript
- $config_js = array();
- $keys = array('site_url', 'site_admin_url', 'layout_url', 'path', 'path_html', 'path_layout',
- 'site_name', 'site_slogan',
- 'theme', 'doctype', 'path_themes');
- foreach($keys as $key){
- $config_js[$key] = $_CONF[$key];
- }
-
- // Had to trim and add spaces to json_encode output since the data in the {} is seen by the template class as a template variable
- //$footercode .= "var GeeklogConfig = new Object(" . json_encode($config_js) . ");" . LB;
- $footercode .= "var GeeklogConfig = new Object({ ".trim(json_encode($config_js), '{}')." });" . LB;
- $footercode .= '</script>' . LB;
// Set JavaScript Library files first incase other scripts need them
if ($this->jquery_cdn) {
More information about the geeklog-cvs
mailing list