Skip to content
Permalink
Browse files Browse the repository at this point in the history
* template.class: filter file location path
  • Loading branch information
NavigateCMS committed May 9, 2020
1 parent 75e66e1 commit 88b41c7
Show file tree
Hide file tree
Showing 3 changed files with 208 additions and 109 deletions.
31 changes: 24 additions & 7 deletions lib/packages/templates/template.class.php
Expand Up @@ -48,7 +48,7 @@ public function load_from_resultset($rs)
$this->id = $main->id;
$this->website = $main->website;
$this->title = $main->title;
$this->file = $main->file;
$this->file = str_replace(array('../', '..\\'), '', $main->file);
$this->sections = mb_unserialize($main->sections);
$this->gallery = $main->gallery;
$this->comments = $main->comments;
Expand All @@ -74,10 +74,15 @@ public function load_from_theme($id, $theme_name=null)
for($t=0; $t < count($ws_theme->templates); $t++)
{
if($ws_theme->templates[$t]->type == $id)
$template = $ws_theme->templates[$t];
{
$template = $ws_theme->templates[$t];
}
}

if(!$template) return;
if(!$template)
{
return;
}

$defaults = array(
'sections' => array(
Expand All @@ -97,6 +102,9 @@ public function load_from_theme($id, $theme_name=null)
'properties' => array()
);

// filter file path
$template->file = str_replace(array('../', '..\\'), '', $template->file);

$this->id = $template->type;
$this->website = $website->id;
$this->title = $ws_theme->template_title($template->type);
Expand All @@ -117,7 +125,9 @@ public function load_from_theme($id, $theme_name=null)
{
$poptions = array();
foreach($this->properties[$p]->options as $key => $value)
{
$poptions[$key] = $ws_theme->t($value);
}

$this->properties[$p]->options = $poptions;
}
Expand All @@ -127,15 +137,18 @@ public function load_from_theme($id, $theme_name=null)
public function load_from_post()
{
$this->title = $_REQUEST['title'];
$this->file = $_REQUEST['file'];
$this->file = str_replace(array('../', '..\\'), '', $_REQUEST['file']);
$this->permission = intval($_REQUEST['permission']);
$this->enabled = intval($_REQUEST['enabled']);

// sections
$this->sections = array();
for($s = 0; $s < count($_REQUEST['template-sections-code']); $s++)
{
if(empty($_REQUEST['template-sections-code'][$s])) continue;
if(empty($_REQUEST['template-sections-code'][$s]))
{
continue;
}
$this->sections[] = array(
'code' => $_REQUEST['template-sections-code'][$s],
'name' => $_REQUEST['template-sections-name'][$s],
Expand Down Expand Up @@ -165,9 +178,13 @@ public function load_from_post()
public function save()
{
if(!empty($this->id))
return $this->update();
{
return $this->update();
}
else
return $this->insert();
{
return $this->insert();
}
}

public function delete()
Expand Down

0 comments on commit 88b41c7

Please sign in to comment.