Changeset 9275


Ignore:
Timestamp:
02/18/11 17:15:58 (9 years ago)
Author:
patdenice
Message:

Permalink accept special chars.
Bug correction.

Location:
extensions/AdditionalPages
Files:
1 deleted
6 edited

Legend:

Unmodified
Added
Removed
  • extensions/AdditionalPages/admin/add_page.inc.php

    r9273 r9275  
    2020  if (!empty($_POST['permalink'])) 
    2121  { 
    22     $permalink = $_POST['permalink']; 
    23     $sanitized_permalink = preg_replace( '#[^a-zA-Z0-9_/-]#', '' ,$permalink); 
    24     $sanitized_permalink = trim($sanitized_permalink, '/'); 
    25     $sanitized_permalink = str_replace('//', '/', $sanitized_permalink); 
    26     if ( $sanitized_permalink != $permalink or preg_match( '#^(\d)+(-.*)?$#', $permalink) ) 
    27     { 
    28       array_push($page['errors'], l10n('The permalink name must be composed of a-z, A-Z, 0-9, "-", "_" or "/". It must not be numeric or start with number followed by "-"')); 
    29     } 
     22    $permalink = trim($_POST['permalink'], ' /'); 
     23    $permalink = str_replace(array(' ', '/'), '_',$permalink); 
     24 
    3025    $query =' 
    3126SELECT id FROM '.ADD_PAGES_TABLE.' 
     
    4742  $language = $_POST['lang'] != 'ALL' ? '"'.$_POST['lang'].'"' : 'NULL'; 
    4843  $group_access = !empty($_POST['groups']) ? '"'.implode(',', $_POST['groups']).'"' : 'NULL'; 
    49   $user_access = !empty($_POST['users']) ? '"'.implode(',', $_POST['users']).'"' : 'NULL'; 
    5044  $standalone = isset($_POST['standalone']) ? '"true"' : '"false"'; 
     45 
     46  $user_access = 'NULL'; 
     47  if ($conf['additional_pages']['user_perm']) 
     48  { 
     49    $user_access = !empty($_POST['users']) ? '"'.implode(',', $_POST['users']).'"' : '"admin"'; 
     50  } 
    5151 
    5252  if (empty($page['errors'])) 
     
    106106  $edited_page['title'] = stripslashes($_POST['title']); 
    107107  $edited_page['permalink'] = $_POST['permalink']; 
     108  $edited_page['lang'] = $_POST['lang']; 
    108109  $edited_page['content'] = stripslashes($_POST['ap_content']); 
    109110  $edited_page['groups'] = !empty($_POST['groups']) ? trim($group_access, '"') : ''; 
     
    139140if ($conf['additional_pages']['user_perm']) 
    140141{ 
    141   if (isset($_GET['edit'])) 
    142           $selected_users = isset($edited_page['users']) ? explode(',', $edited_page['users']) : array(); 
    143   else 
    144     $selected_users = array('guest', 'generic', 'normal'); 
     142  $selected_users = array('guest', 'generic', 'normal'); 
     143  if (isset($_GET['edit']) and isset($edited_page['users'])) 
     144  { 
     145    $selected_users = explode(',', $edited_page['users']); 
     146  } 
    145147 
    146148        $template->assign('user_perm', array( 
    147     'GUEST' => (in_array('guest', $selected_users) ? 'checked="checked"' : ''), 
    148                 'GENERIC' => (in_array('generic', $selected_users) ? 'checked="checked"' : ''), 
    149                 'NORMAL' => (in_array('normal', $selected_users) ? 'checked="checked"' : ''))); 
     149      'GUEST' => in_array('guest', $selected_users) ? 'checked="checked"' : '', 
     150      'GENERIC' => in_array('generic', $selected_users) ? 'checked="checked"' : '', 
     151      'NORMAL' => in_array('normal', $selected_users) ? 'checked="checked"' : '' 
     152    ) 
     153  ); 
    150154} 
    151155 
  • extensions/AdditionalPages/admin/config.inc.php

    r9273 r9275  
    88if (isset($_POST['submit'])) 
    99{ 
     10  if (!$conf['additional_pages']['user_perm'] and isset($_POST['user_perm'])) 
     11  { 
     12    pwg_query('UPDATE '.ADD_PAGES_TABLE.' SET users = "guest,generic,normal" WHERE users IS NULL;'); 
     13  } 
     14  if ($conf['additional_pages']['user_perm'] and !isset($_POST['user_perm'])) 
     15  { 
     16    pwg_query('UPDATE '.ADD_PAGES_TABLE.' SET users = NULL;'); 
     17  } 
     18  if ($conf['additional_pages']['group_perm'] and !isset($_POST['group_perm'])) 
     19  { 
     20    pwg_query('UPDATE '.ADD_PAGES_TABLE.' SET groups = NULL;'); 
     21  } 
     22 
    1023  $params = array('show_home', 'group_perm', 'user_perm'); 
    1124 
  • extensions/AdditionalPages/admin/template/add_page.tpl

    r9274 r9275  
     1{known_script id="jquery" src=$ROOT_URL|@cat:"themes/default/js/jquery.packed.js"} 
    12{html_head}{literal} 
    23<script type="text/javascript"> 
  • extensions/AdditionalPages/admin/template/config.tpl

    r9274 r9275  
     1{known_script id="jquery" src=$ROOT_URL|@cat:"themes/default/js/jquery.packed.js"} 
    12{html_head} 
    23<script type="text/javascript"> 
  • extensions/AdditionalPages/admin/upgrade_from_21.php

    r9272 r9275  
    44 
    55global $prefixeTable, $conf; 
     6 
     7load_conf_from_db('param = "additional_pages"'); 
     8$old_conf = explode ("," , $conf['additional_pages']); 
    69 
    710$query = 'ALTER TABLE ' . $prefixeTable . 'additionalpages 
     
    2831  $authorized_groups = 'NULL'; 
    2932 
    30   if (strpos($title , '/user_id=')) 
     33  if ($old_conf[7] == 'on' and strpos($title , '/user_id=')) 
    3134  { 
    3235    $array = explode('/user_id=' , $title); 
    3336    $title = $array[0]; 
    34     $authorized_users = '"'.$array[1].'"'; 
     37    $authorized_users = !empty($array[1]) ? '"'.$array[1].'"' : '"admin"'; 
    3538  } 
    36   if (strpos($title , '/group_id=')) 
     39  if ($old_conf[6] == 'on' and strpos($title , '/group_id=')) 
    3740  { 
    3841    $array = explode('/group_id=' , $title); 
    3942    $title = $array[0]; 
    40     $authorized_groups = '"'.$array[1].'"'; 
     43    $authorized_groups = !empty($array[1]) ? '"'.$array[1].'"' : 'NULL'; 
    4144  } 
    4245 
     
    6063  pwg_query($query); 
    6164} 
    62  
    63 load_conf_from_db('param = "additional_pages"'); 
    64 $old_conf = explode ("," , $conf['additional_pages']); 
    6565 
    6666if ($old_conf[1] == 'off') 
  • extensions/AdditionalPages/index_menu.php

    r9272 r9275  
    4848    while ($row = mysql_fetch_assoc($result)) 
    4949    { 
    50       if ($row['pos'] != '0' or is_admin()) 
     50      $authorized_users = array(); 
     51      $authorized_groups = array(); 
     52      if (!empty($row['users'])) 
    5153      { 
    52         $authorized_users = array(); 
    53         $authorized_groups = array(); 
    54         if (!empty($row['users'])) 
     54        $authorized_users = explode(',', $row['users']); 
     55      } 
     56      if (!empty($row['groups'])) 
     57      { 
     58        $auth = explode(',', $row['groups']); 
     59        $authorized_groups = array_intersect($groups, $auth); 
     60      } 
     61      if (is_admin() or ( 
     62        (!$conf['additional_pages']['group_perm'] or empty($row['groups']) or !empty($authorized_groups)) and 
     63        (!$conf['additional_pages']['user_perm'] or empty($row['users']) or in_array($user['status'], $authorized_users)))) 
     64      { 
     65        $url = make_index_url(); 
     66        if ($row['id'] != $conf['additional_pages']['homepage']) 
    5567        { 
    56           $authorized_users = explode(',', $row['users']); 
     68          $url .= '/page/'.(isset($row['permalink']) ? $row['permalink'] : $row['id']); 
    5769        } 
    58         if (!empty($row['groups'])) 
    59         { 
    60           $auth = explode(',', $row['groups']); 
    61           $authorized_groups = array_intersect($groups, $auth); 
    62         } 
    63         if (is_admin() or ( 
    64           (!$conf['additional_pages']['group_perm'] or empty($row['groups']) or !empty($authorized_groups)) and 
    65           (!$conf['additional_pages']['user_perm'] or empty($row['users']) or in_array($user['status'], $authorized_users)))) 
    66         { 
    67           $url = make_index_url(); 
    68           if ($row['id'] != $conf['additional_pages']['homepage']) 
    69           { 
    70             $url .= '/page/'.(isset($row['permalink']) ? $row['permalink'] : $row['id']); 
    71           } 
    72           array_push($data, array( 
    73             'URL' => $url, 
    74             'LABEL' => $row['title'])); 
    75         } 
    76         unset($authorized_groups); 
    77         unset($authorized_users); 
     70        array_push($data, array( 
     71          'URL' => $url, 
     72          'LABEL' => $row['title'])); 
    7873      } 
    7974    } 
Note: See TracChangeset for help on using the changeset viewer.