Skip to content
Permalink
Browse files Browse the repository at this point in the history
Security FIX, Bug FIX
  • Loading branch information
semplon committed Mar 10, 2015
1 parent f33ef36 commit 6982454
Show file tree
Hide file tree
Showing 39 changed files with 1,165 additions and 528 deletions.
42 changes: 36 additions & 6 deletions gxadmin/inc/categories.php
Expand Up @@ -12,7 +12,35 @@
* @copyright 2014-2015 Puguh Wijayanto
* @license http://www.opensource.org/licenses/mit-license.php MIT
*
*/?>
*/

if (isset($data['alertgreen'])) {
# code...
echo "<div class=\"alert alert-success\" >
<button type=\"button\" class=\"close\" data-dismiss=\"alert\">
<span aria-hidden=\"true\">&times;</span>
<span class=\"sr-only\">Close</span>
</button>";
foreach ($data['alertgreen'] as $alert) {
# code...
echo "$alert\n";
}
echo "</div>";
}
if (isset($data['alertred'])) {
# code...
echo "<div class=\"alert alert-danger\" >
<button type=\"button\" class=\"close\" data-dismiss=\"alert\">
<span aria-hidden=\"true\">&times;</span>
<span class=\"sr-only\">Close</span>
</button>";
foreach ($data['alertred'] as $alert) {
# code...
echo "$alert\n";
}
echo "</div>";
}
?>
<div class="row">
<div class="col-md-12">
<h1><i class="fa fa-cubes"></i> Categories
Expand All @@ -34,12 +62,12 @@
// echo "<td>".$c->parent."</td>";
// echo "<td></td>";

if($c->parent == ""){
if($c->parent == "" || $c->parent == 0){
echo "<div class=\"col-md-4 item\" >
<div class=\"panel panel-default\">
<div class=\"panel-heading\">
<h3 class=\"panel-title\">{$c->name}
<a href=\"?page=categories&act=del&id={$c->id}\" class=\"pull-right\"
<a href=\"?page=categories&act=del&id={$c->id}&token=".TOKEN."\" class=\"pull-right\"
onclick=\"return confirm('Are you sure you want to delete this item?');\">
<span class=\"glyphicon glyphicon-remove\"></span></a></h3>
</div>
Expand All @@ -48,13 +76,14 @@
foreach ($data['cat'] as $c2) {
if($c2->parent == $c->id){
echo "<li class=\"list-group-item\">
<form action=\"\" method=\"POST\" name=\"updatecat\">
<form action=\"index.php?page=categories\" method=\"POST\" name=\"updatecat\">
<div class=\"input-group\">
<a href=\"?page=categories&act=del&id={$c2->id}\" class=\"input-group-addon\"
<a href=\"?page=categories&act=del&id={$c2->id}&token=".TOKEN."\" class=\"input-group-addon\"
onclick=\"return confirm('Are you sure you want to delete this item?');\"
><span class=\"glyphicon glyphicon-remove\"></span></a>
<input type=\"text\" name=\"cat\" class=\"form-control\" value=\"{$c2->name}\">
<input type=\"hidden\" name=\"id\" value=\"{$c2->id}\">
<input type=\"hidden\" name=\"token\" value=\"".TOKEN."\">
<span class=\"input-group-btn\">
<button class=\"btn btn-default\" type=\"submit\" name=\"updatecat\">Go!</button>
</span>
Expand Down Expand Up @@ -92,7 +121,7 @@
<label>Parent</label>
<?php
$vars = array(
'parent' => '',
'parent' => '0',
'name' => 'parent',
'sort' => 'ASC',
'order_by' => 'name'
Expand All @@ -107,6 +136,7 @@

</div>
<div class="modal-footer">
<input type="hidden" name="token" value="<?=TOKEN;?>">
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
<button type="submit" class="btn btn-success" name="addcat">Save changes</button>
</div>
Expand Down
35 changes: 33 additions & 2 deletions gxadmin/inc/menus.php
Expand Up @@ -12,7 +12,37 @@
* @copyright 2014-2015 Puguh Wijayanto
* @license http://www.opensource.org/licenses/mit-license.php MIT
*
*/?>
*/

if (isset($data['alertgreen'])) {
# code...
echo "<div class=\"alert alert-success\" >
<button type=\"button\" class=\"close\" data-dismiss=\"alert\">
<span aria-hidden=\"true\">&times;</span>
<span class=\"sr-only\">Close</span>
</button>
<ul>";
foreach ($data['alertgreen'] as $alert) {
# code...
echo "<li>$alert</li>\n";
}
echo "</ul></div>";
}elseif (isset($data['alertred'])) {
# code...
//print_r($data['alertred']);
echo "<div class=\"alert alert-danger\" >
<button type=\"button\" class=\"close\" data-dismiss=\"alert\">
<span aria-hidden=\"true\">&times;</span>
<span class=\"sr-only\">Close</span>
</button>
<ul>";
foreach ($data['alertred'] as $alert) {
# code...
echo "<li>$alert</li>\n";
}
echo "</ul></div>";
}
?>
<div class="row">
<div class="col-md-12">

Expand Down Expand Up @@ -84,7 +114,7 @@
</div>
<div class=\"tab-pane\" id=\"{$k}additem\">
";
$data['parent'] = Menus::getParent('', $k);
$data['parent'] = Menus::isHadParent('', $k);
//print_r($data['parent']);
$data['menuid'] = $k;
System::inc('menus_form', $data);
Expand Down Expand Up @@ -146,6 +176,7 @@

</div>
<div class="modal-footer">
<input type="hidden" name="token" value="<?=TOKEN;?>">
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
<button type="submit" class="btn btn-success" name="submit">Save changes</button>
</div>
Expand Down
30 changes: 30 additions & 0 deletions gxadmin/inc/menus_form.php
Expand Up @@ -19,6 +19,35 @@
}else{
$menuid = $data['menuid'];
}
if (isset($data['alertgreen'])) {
# code...
echo "<div class=\"alert alert-success\" >
<button type=\"button\" class=\"close\" data-dismiss=\"alert\">
<span aria-hidden=\"true\">&times;</span>
<span class=\"sr-only\">Close</span>
</button>
<ul>";
foreach ($data['alertgreen'] as $alert) {
# code...
echo "<li>$alert</li>\n";
}
echo "</ul></div>";
}elseif (isset($data['alertred'])) {
# code...
//print_r($data['alertred']);
echo "<div class=\"alert alert-danger\" >
<button type=\"button\" class=\"close\" data-dismiss=\"alert\">
<span aria-hidden=\"true\">&times;</span>
<span class=\"sr-only\">Close</span>
</button>
<ul>";
foreach ($data['alertred'] as $alert) {
# code...
echo "<li>$alert</li>\n";
}
echo "</ul></div>";
}

?>
<form action="" method="POST">
<h1><i class="fa fa-sitemap"></i> Add Menu
Expand Down Expand Up @@ -142,4 +171,5 @@
</div>
</div>
</div>
<input type="hidden" name="token" value="<?=TOKEN;?>">
</form>
38 changes: 31 additions & 7 deletions gxadmin/inc/menus_form_edit.php
Expand Up @@ -21,12 +21,34 @@
}

//print_r($data['menus']);
if(isset($data['alertgreen']) ) {
echo "<div class=\"alert alert-success\">";
foreach ($data['alertgreen'] as $alert) {
echo "$alert";
}
echo "</div>"; }
if (isset($data['alertgreen'])) {
# code...
echo "<div class=\"alert alert-success\" >
<button type=\"button\" class=\"close\" data-dismiss=\"alert\">
<span aria-hidden=\"true\">&times;</span>
<span class=\"sr-only\">Close</span>
</button>
<ul>";
foreach ($data['alertgreen'] as $alert) {
# code...
echo "<li>$alert</li>\n";
}
echo "</ul></div>";
}elseif (isset($data['alertred'])) {
# code...
//print_r($data['alertred']);
echo "<div class=\"alert alert-danger\" >
<button type=\"button\" class=\"close\" data-dismiss=\"alert\">
<span aria-hidden=\"true\">&times;</span>
<span class=\"sr-only\">Close</span>
</button>
<ul>";
foreach ($data['alertred'] as $alert) {
# code...
echo "<li>$alert</li>\n";
}
echo "</ul></div>";
}
?>
<form action="" method="POST">
<div class="row">
Expand All @@ -48,11 +70,12 @@
<div class="col-sm-4">
<div class="form-group">
<label>Parent Menu</label>

<select class="form-control" name="parent">
<option></option>
<?php
//echo($data['abc']);
//print_r($data['parent']);
//print_r($data['menus']);
foreach ($data['parent'] as $p) {
# code...
if($data['menus'][0]->parent == $p->id){
Expand Down Expand Up @@ -183,5 +206,6 @@
</div>
</div>
</div>
<input type="hidden" name="token" value="<?=$_GET['token'];?>">
</form>
</div>

0 comments on commit 6982454

Please sign in to comment.