[geeklog-hg] geeklog: Fixed a bug where if there's an error while saving a bl...
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Sun Nov 9 07:33:01 EST 2014
changeset 9551:9b497fc383f6
url: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/9b497fc383f6
user: dengen <taharaxp at gmail.com>
date: Sun Nov 09 21:31:08 2014 +0900
description:
Fixed a bug where if there's an error while saving a block, all options return to their default values (bug #0000983)
diffstat:
public_html/admin/block.php | 79 +++++++++++++++++++++++++++++++++++++++++++-
1 files changed, 76 insertions(+), 3 deletions(-)
diffs (121 lines):
diff -r 15053072f08e -r 9b497fc383f6 public_html/admin/block.php
--- a/public_html/admin/block.php Sun Nov 09 03:41:48 2014 +0900
+++ b/public_html/admin/block.php Sun Nov 09 21:31:08 2014 +0900
@@ -158,6 +158,68 @@
}
/**
+* Override the post data to the data given in the parameter
+*
+* This is helper function for editblock function
+*
+* @param array $A Array of data by reference
+* @return nothing
+*/
+function overridePostdata(&$A)
+{
+ if (isset($_POST['name'])) {
+ $A['name'] = COM_sanitizeID($_POST['name']);
+ }
+ if (isset($_POST['title'])) {
+ $A['title'] = COM_stripslashes(strip_tags($_POST['title']));
+ }
+ if (isset($_POST['help'])) {
+ $A['help'] = COM_sanitizeUrl($_POST['help'], array('http', 'https'));
+ }
+ if (in_array($_POST['type'], array('normal', 'portal', 'phpblock', 'gldefault'))) {
+ $A['type'] = $_POST['type'];
+ }
+ if (isset($_POST['blockorder'])) {
+ $A['blockorder'] = COM_applyFilter($_POST['blockorder'], true);
+ }
+ if (isset($_POST['content'])) {
+ $A['content'] = $_POST['content']; // to be sanitized when saving
+ }
+ if (isset($_POST['rdfurl'])) {
+ $A['rdfurl'] = $_POST['rdfurl']; // to be sanitized when saving
+ }
+ if (isset($_POST['rdfupdated'])) {
+ $A['rdfupdated'] = COM_applyFilter($_POST['rdfupdated']);
+ }
+ if (isset($_POST['rdflimit'])) {
+ $A['rdflimit'] = COM_applyFilter($_POST['rdflimit'], true);
+ }
+ if (isset($_POST['phpblockfn'])) {
+ $A['phpblockfn'] = $_POST['phpblockfn']; // to be sanitized when saving
+ }
+ if (isset($_POST['owner_id'])) {
+ $A['owner_id'] = COM_applyFilter($_POST['owner_id'], true);
+ }
+ if (isset($_POST['group_id'])) {
+ $A['group_id'] = COM_applyFilter($_POST['group_id'], true);
+ }
+
+ list($A['perm_owner'], $A['perm_group'],
+ $A['perm_members'], $A['perm_anon']) =
+ SEC_getPermissionValues(
+ $_POST['perm_owner'], $_POST['perm_group'],
+ $_POST['perm_members'], $_POST['perm_anon']);
+
+ $A['onleft'] = ($_POST['onleft'] == 1) ? 1 : 0;
+ $A['is_enabled'] = ($_POST['is_enabled'] == 'on') ? 1 : 0;
+ $A['allow_autotags'] = ($_POST['allow_autotags'] == 'on') ? 1 : 0;
+
+ if (isset($_POST['cache_time'])) {
+ $A['cache_time'] = COM_applyFilter($_POST['cache_time'], true);
+ }
+}
+
+/**
* Shows the block editor
*
* This will show a block edit form. If this is a Geeklog default block it will
@@ -224,6 +286,9 @@
}
SEC_setDefaultPermissions ($A, $_CONF['default_permissions_block']);
$access = 3;
+ if ($_POST['mode'] == $LANG_ADMIN['save'] && !empty($LANG_ADMIN['save'])) {
+ overridePostdata($A);
+ }
}
$token = SEC_createToken();
@@ -895,10 +960,18 @@
echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
}
} elseif (($mode == $LANG_ADMIN['save']) && !empty($LANG_ADMIN['save']) && SEC_checkToken()) {
+ $name = '';
+ if (isset ($_POST['name'])) {
+ $name = COM_sanitizeID ($_POST['name']);
+ }
$help = '';
if (isset ($_POST['help'])) {
$help = COM_sanitizeUrl ($_POST['help'], array ('http', 'https'));
}
+ $blockorder = 0;
+ if (isset ($_POST['blockorder'])) {
+ $blockorder = COM_applyFilter ($_POST['blockorder'], true);
+ }
$content = '';
if (isset ($_POST['content'])) {
$content = $_POST['content'];
@@ -909,7 +982,7 @@
}
$rdfupdated = '';
if (isset ($_POST['rdfupdated'])) {
- $rdfupdated = $_POST['rdfupdated'];
+ $rdfupdated = COM_applyFilter ($_POST['rdfupdated']);
}
$rdflimit = 0;
if (isset ($_POST['rdflimit'])) {
@@ -931,8 +1004,8 @@
if (isset ($_POST['cache_time'])) {
$cache_time = COM_applyFilter ($_POST['cache_time'], true);
}
- $display .= saveblock ($bid, $_POST['name'], $_POST['title'],
- $help, $_POST['type'], $_POST['blockorder'], $content,
+ $display .= saveblock ($bid, $name, $_POST['title'],
+ $help, $_POST['type'], $blockorder, $content,
$rdfurl, $rdfupdated,
$rdflimit, $phpblockfn, $_POST['onleft'],
COM_applyFilter ($_POST['owner_id'], true),
More information about the geeklog-cvs
mailing list