source: branches/2.4/plugins/LocalFilesEditor/include/lang.inc.php @ 20712

Revision 20712, 1.6 KB checked in by plg, 6 years ago (diff)

bug 2844: increase security on LocalFiles Editor, filter on files to edit.

Line 
1<?php
2if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
3
4$languages = get_languages();
5
6if (isset($_POST['edit']))
7{
8  $_POST['language'] = $_POST['language_select'];
9}
10
11if (isset($_POST['language']))
12{
13  $page['language'] = $_POST['language'];
14}
15 
16if (!isset($page['language']) or !in_array($page['language'], array_keys($languages)))
17{
18  $page['language'] = get_default_language();
19}
20
21$template->assign('language', $page['language']);
22
23$edited_file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'language/'.$page['language'].'.lang.php';;
24
25if (file_exists($edited_file))
26{
27  $content_file = file_get_contents($edited_file);
28}
29else
30{
31  $content_file = "<?php\n\n/* ".l10n('locfiledit_newfile')." */\n\n\n\n\n?>";
32}
33
34$selected = 0;
35foreach (get_languages() as $language_code => $language_name)
36{
37  $file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'language/'.$language_code.'.lang.php';
38
39  $options[$language_code] = (file_exists($file) ? '&#x2714;' : '&#x2718;').' '.$language_name;
40 
41  if ($page['language'] == $language_code)
42  {
43    $selected = $language_code;
44    $template->assign('show_default', array(
45      array(
46        'URL' => LOCALEDIT_PATH.'show_default.php?file=language/'.$language_code.'/common.lang.php',
47        'FILE' => 'common.lang.php'
48        ),
49      array(
50        'URL' => LOCALEDIT_PATH.'show_default.php?file=language/'.$language_code.'/admin.lang.php',
51        'FILE' => 'admin.lang.php'
52        )
53      )
54    );
55  }
56}
57
58$template->assign(
59  'css_lang_tpl',
60  array(
61    'SELECT_NAME' => 'language_select',
62    'OPTIONS' => $options,
63    'SELECTED' => $selected
64    )
65  );
66
67$codemirror_mode = 'application/x-httpd-php';
68
69?>
Note: See TracBrowser for help on using the repository browser.