Skip to content
Permalink
Browse files

Merge pull request #13 from zorgch/develop

Bugfixes v4.0.0
  • Loading branch information...
fbentele committed Nov 7, 2019
2 parents b17f749 + 9abeca2 commit 01cb69d9dc341048c28f6d44946d066932ebefee
@@ -1,29 +1,39 @@
<?php
require_once( __DIR__ .'/../includes/main.inc.php');
if(count($_POST) > 0)
{
/** Delete SQL-Error */
if($_POST['del'] && !empty($_GET['id']))
{
$sql_del = 'DELETE FROM sql_error WHERE id='.$_GET['id'];
$db->query($sql_del, __FILE__, __LINE__, 'Delete SQL-Error');
header('Location: /tpl/'.$_GET['tpl']);
die();
}
/** Show Query details */
if($_POST['query'])
{
header('Location: /tpl/'.$_GET['tpl'].'&id='.$_GET['id'].'&query='.base64_encode($_POST['query']));
die();
}
if(count($_POST) > 0) {
if($_POST['del']) {
$sql_del = "UPDATE sql_error set status = 0 WHERE id = '".$_GET['id']."'";
$db->query($sql_del,__FILE__,__LINE__);
header("Location: /?tpl=".$_GET['tpl']."&".session_name()."=".session_id());
}
if($_POST['query']) {
header("Location: /?tpl=".$_GET['tpl']."&id=".$_GET['id']."&query=".base64_encode($_POST['query'])."&".session_name()."=".session_id());
}
if(@count($_POST['to_del']) > 0) {
$sql = "UPDATE sql_error set status = 0 WHERE id in(";
foreach($_POST['to_del'] as $del) {
$sql .= $del.",";
}
$sql .= "0)";
$db->query($sql,__FILE__,__LINE__);
header("Location: /?tpl=".$_GET['tpl']."&".session_name()."=".session_id());
/** Delete multiple SQL-Errors */
if(count($_POST['to_del']) > 0)
{
$del_ids = implode(',', $_POST['to_del']);
$sql = 'DELETE FROM sql_error WHERE id IN ('.$del_ids.')';
$db->query($sql, __FILE__, __LINE__, 'Delete multiple SQL-Errors');
header('Location: /tpl/'.$_GET['tpl']);
die();
}
if($_POST['num']) {
/** Change displayed number of SQL-Error */
if($_POST['num'])
{
$_SESSION['error_num'] = $_POST['num'];
header("Location: /?tpl=".$_GET['tpl']."&".session_name()."=".session_id());
header('Location: /tpl/'.$_GET['tpl'].'?error_num='.$_POST['num']);
die();
}
}
@@ -44,12 +44,10 @@
if (!$error)
{
$frm['id'] = htmlentities($frm['id'], ENT_QUOTES);
$frm['tpl'] = mysql_real_escape_string($frm['tpl']);
$frm['tpl'] = $frm['tpl']; // TODO add appropriate user input sanitization, respecting allowed Smarty template content
$frm['title'] = sanitize_userinput($frm['title']);
$frm['sidebar_tpl'] = (empty($frm['sidebar_tpl']) ? 'NULL' : htmlentities($frm['sidebar_tpl'], ENT_QUOTES));
$frm['page_title'] = htmlentities($frm['page_title'], ENT_NOQUOTES);
$frm['menus'] = htmlentities($frm['menus'], ENT_QUOTES);
$frm['packages'] = htmlentities($frm['packages'], ENT_QUOTES);
/**
* NEW TEMPLATE
@@ -125,25 +123,30 @@
{
/** Menus: remove all links between Template & Menus, relink selected Menus */
$db->query('DELETE FROM tpl_menus WHERE tpl_id ='.$frm['id']); // delete all
$tplmenusInsertData = null;
foreach ($_POST['frm']['menus'] as $menu_id) {
/** Note: only works when getting Array directly from $_POST, not via $frm.
Don't know why, cost me like 2 hours to figure this out WTF */
if (!empty($menu_id)) $tplmenusInsertData[] = sprintf('(%d, %d)', $frm['id'], $menu_id);
if (!empty($_POST['frm']['menus']))
{
$tplmenusInsertData = null;
foreach ($_POST['frm']['menus'] as $menu_id) {
/** Note: only works when getting Array directly from $_POST, not via $frm.
Don't know why, cost me like 2 hours to figure this out WTF */
if (!empty($menu_id)) $tplmenusInsertData[] = sprintf('(%d, %d)', $frm['id'], $menu_id);
}
$db->query('INSERT INTO tpl_menus (tpl_id, menu_id) VALUES '.implode(',',$tplmenusInsertData), __FILE__, __LINE__, 'Link Template to selected Menus'); // add new
if (DEVELOPMENT) error_log(sprintf('[DEBUG] <%s:%d> Template ID #%d linked to Menus: %s', __FILE__, __LINE__, $frm['id'], print_r($tplmenusInsertData, true)));
}
$db->query('INSERT INTO tpl_menus (tpl_id, menu_id) VALUES '.implode(',',$tplmenusInsertData), __FILE__, __LINE__, 'Link Template to selected Menus'); // add new
if (DEVELOPMENT) error_log(sprintf('[DEBUG] <%s:%d> Template ID #%d linked to Menus: %s', __FILE__, __LINE__, $frm['id'], print_r($tplmenusInsertData, true)));
/** Packages: remove all links between Template & Packages, relink selected Packages */
$db->query('DELETE FROM tpl_packages WHERE tpl_id ='.$frm['id']); // delete all
$tplpackagesInsertData = null;
foreach ($_POST['frm']['packages'] as $package_id) {
/** Note: only works when getting Array directly from $_POST, not via $frm.
Don't know why, cost me like 2 hours to figure this out WTF */
if (!empty($package_id)) $tplpackagesInsertData[] = sprintf('(%d, %d)', $frm['id'], $package_id);
if (!empty($_POST['frm']['packages']))
{
$tplpackagesInsertData = null;
foreach ($_POST['frm']['packages'] as $package_id) {
/** Note: only works when getting Array directly from $_POST, not via $frm.
Don't know why, cost me like 2 hours to figure this out WTF */
if (!empty($package_id)) $tplpackagesInsertData[] = sprintf('(%d, %d)', $frm['id'], $package_id);
}
$db->query('INSERT INTO tpl_packages (tpl_id, package_id) VALUES '.implode(',',$tplpackagesInsertData), __FILE__, __LINE__, 'Link Template to selected Packages'); // add new
if (DEVELOPMENT) error_log(sprintf('[DEBUG] <%s:%d> Template ID #%d linked to Packages: %s', __FILE__, __LINE__, $frm['id'], print_r($tplpackagesInsertData, true)));
}
$db->query('INSERT INTO tpl_packages (tpl_id, package_id) VALUES '.implode(',',$tplpackagesInsertData), __FILE__, __LINE__, 'Link Template to selected Packages'); // add new
if (DEVELOPMENT) error_log(sprintf('[DEBUG] <%s:%d> Template ID #%d linked to Packages: %s', __FILE__, __LINE__, $frm['id'], print_r($tplpackagesInsertData, true)));
}
}
@@ -207,7 +207,7 @@
* HTML5 Structure Styling
*/
body > * {
padding: 1vw 1vw 0 1.5vw;
padding: 1vh 3vw 0 3vw;
}
/** Old table-layout compatibility */
table {
@@ -408,24 +408,24 @@
margin-left: 5px;
height: 0.85em;
}
header > .service form fieldset {
header > .service form .login-input {
display: flex;
white-space: nowrap;
align-items: flex-start;
margin: 0;
padding: 0;
}
header > .service form fieldset label {
header > .service form .login-input label {
flex: 1;
margin: 0 0 0 10px;
padding: 0 2px 0 2px;
font-size: inherit;
}
header > .service form fieldset a {
header > .service form .login-input a {
flex: 1;
font-size: 0.8em;
}
header > .service form fieldset input[type=submit] {
header > .service form .login-input input[type=submit] {
flex: 1;
}
header > .service label.user::before { content: "\01F464"; }
@@ -275,19 +275,19 @@ header > .service .countryflag {
margin-left: 5px;
height: 0.85em;
}
header > .service form fieldset {
header > .service form .login-input {
display: flex;
white-space: nowrap;
align-items: center;
padding-top: 5px;
padding-bottom: 0;
}
header > .service form fieldset label {
header > .service form .login-input label {
flex: 1;
margin-right: 10px;
padding: 0 2px 0 2px;
}
header > .service form fieldset a {
header > .service form .login-input a {
flex: 2;
font-size: 0.8em;
}
@@ -260,11 +260,11 @@ header > .infos .solarstate .countryflag {
height: 1.2em;
vertical-align: text-top;
}
header > .service form fieldset {
header > .service form .login-input {
display: flex;
border: none;
}
header > .service form fieldset label {
header > .service form .login-input label {
flex: 1;
margin-right: 10px;
padding: 0 2px 0 2px;
@@ -46,7 +46,7 @@
* Ausnahme: APOD Gallery
* @link https://zorg.ch/bugtracker.php?bug_id=708
*/
if ($user->typ == USER_NICHTEINGELOGGT && $albumId != APOD_GALLERY_ID)
if (!$user->is_loggedin() && $album_id != APOD_GALLERY_ID)
{
$model->showOverview($smarty);
$smarty->assign('error', ['type' => 'warn', 'title' => t('error-not-logged-in', 'gallery', SITE_URL), 'dismissable' => 'false']);
@@ -254,15 +254,16 @@ function smartyresource_comments_get_commenttree ($id, $is_thread=false) {
.' style="table-layout:fixed;" width="100%">'
.'<tr style="font-size: x-small;">'
.'<td class="forum" style="width: 70%;">'
.'<a href="{comment_get_link board='.$rs['board'].' parent_id='.$rs['parent_id'].' id='.$rs['id'].' thread_id='.$rs['thread_id'].'}" name="'.$rs['id'].'"'.($is_thread ? 'itemprop="url"' : '').'>'
.'<div style="display: none;" itemscope itemtype="http://schema.org/Organization" itemprop="publisher"><span style="display: none;" itemprop="name">{$smarty.const.SITE_HOSTNAME}</span></div>'
.'<a href="{comment_get_link board='.$rs['board'].' parent_id='.$rs['parent_id'].' id='.$rs['id'].' thread_id='.$rs['thread_id'].'}" name="'.$rs['id'].'"'.($is_thread ? ' itemprop="url"' : '').'>'
.'#'.$rs['id']
.'</a>'
.' by <span itemprop="'.($is_thread ? 'author' : 'contributor').'" itemscope itemtype="http://schema.org/Person"><span itemprop="name">'.$user->userpagelink($rs['user_id'], $rs['clan_tag'], $rs['username'])
.'</span></span> @ <span itemprop="dateCreated" value="{'.$rs['date'].'|date_format:"%Y-%m-%d-T%H:00"}">{datename date='.$rs['date'].'}</span>'
.' by <span itemprop="'.($is_thread ? 'author' : 'contributor').'" itemscope itemtype="http://schema.org/Person">'.$user->userpagelink($rs['user_id'], $rs['clan_tag'], $rs['username'])
.'</span> @ <meta itemprop="datePublished" content="{'.$rs['date'].'|date_format:"%Y-%m-%d"}">{datename date='.$rs['date'].'}'
;
if($rs['date_edited'] > 0) {
$html .= ', edited @ <span itemprop="dateModified" value="{'.$rs['date_edited'].'|date_format:"%Y-%m-%d-T%H:00"}">{datename date='.$rs['date_edited'].'}</span>';
$html .= ', edited @ <meta itemprop="dateModified" content="{'.$rs['date_edited'].'|date_format:"%Y-%m-%d-T%H:00"}">{datename date='.$rs['date_edited'].'}';
}
$html .= '<!--googleoff: all-->';
@@ -55,7 +55,7 @@ function selectAll() {
document.error_form.elements[i].checked = !document.error_form.elements[i].checked;
}
</script>
<form action='actions/error_action.php?tpl=$_GET[tpl]' name='error_form' method='post'>";
<form action='/actions/error_action.php?tpl=$_GET[tpl]' name='error_form' method='post'>";
}
$html .= "
@@ -166,7 +166,7 @@ function selectAll() {
$html .= "
<tr><td align='left' colspan='7'>
<form action='actions/error_action.php?tpl=".$_GET['tpl']."&id=".$rs['id']."' method='post'>
<form action='/actions/error_action.php?tpl=".$_GET['tpl']."&id=".$rs['id']."' method='post'>
<table class='border'>
<tr><td align='center' valign='top'><small>
".$rs['msg']."</small>

0 comments on commit 01cb69d

Please sign in to comment.
You can’t perform that action at this time.