[wip] fixing errors brought by the big security changes... update browser preferences fix + some post/get/request messup + zip not working properly
This commit is contained in:
Benjamin Sonntag
parent
b4cd0d2a95
commit
aef4f58e8a
|
|
@ -36,7 +36,7 @@ require_once("../class/config.php");
|
|||
*/
|
||||
|
||||
$fields = array (
|
||||
"id" => array ("post", "integer", ""),
|
||||
"id" => array ("get", "integer", ""),
|
||||
);
|
||||
getFields($fields);
|
||||
|
||||
|
|
|
|||
|
|
@ -30,12 +30,12 @@
|
|||
require_once("../class/config.php");
|
||||
|
||||
$fields = array (
|
||||
"editfile" => array ("post", "string", ""),
|
||||
"editfile" => array ("request", "string", ""),
|
||||
"texte" => array ("post", "string", ""),
|
||||
"save" => array ("post", "string", ""),
|
||||
"saveret" => array ("post", "string", ""),
|
||||
"cancel" => array ("post", "string", ""),
|
||||
"R" => array ("post", "string", ""),
|
||||
"R" => array ("request", "string", ""),
|
||||
);
|
||||
getFields($fields);
|
||||
|
||||
|
|
@ -72,7 +72,7 @@ include_once("head.php");
|
|||
?>
|
||||
<p>
|
||||
<?php if (isset($error) && $error) echo "<p class=\"alert alert-danger\">$error</p>"; ?>
|
||||
<h3><?php echo _("File editing")." <code>$R/<b>$editfile</b></code><br />"; ?></h3>
|
||||
<h3><?php echo _("File editing")." <code>".ehe($R,false)."/<b>".ehe($editfile,false)."</b></code><br />"; ?></h3>
|
||||
</p>
|
||||
|
||||
<?php
|
||||
|
|
@ -106,7 +106,7 @@ echo "<pre class='prettyprint' id='file_content_view' >$content</pre>";
|
|||
<br/>
|
||||
<?php if (!empty($error)) echo "<p class=\"alert alert-danger\">".$error."</p>"; ?>
|
||||
<input type="hidden" name="editfile" value="<?php ehe($editfile); ?>" />
|
||||
<input type="hidden" name="R" value="<?php echo ehe($R); ?>" />
|
||||
<input type="hidden" name="R" value="<?php ehe($R); ?>" />
|
||||
|
||||
<input type="submit" class="inb" value="<?php __("Save"); ?>" name="save" />
|
||||
<input type="submit" class="inb" value="<?php __("Save & Quit"); ?>" name="saveret" />
|
||||
|
|
|
|||
|
|
@ -141,9 +141,9 @@ if ($errbrowsefold) {
|
|||
<form method="post" id="main" name="main" action="browseforfolder2.php">
|
||||
<?php csrf_get(); ?>
|
||||
<p>
|
||||
<input type="hidden" name="caller" value="<?php echo ehe($caller); ?>" />
|
||||
<input type="hidden" name="lastcurdir" value="<?php echo ehe($curdir); ?>" />
|
||||
<input type="hidden" name="bid" value="<?php echo ehe($bid); ?>" />
|
||||
<input type="hidden" name="caller" value="<?php ehe($caller); ?>" />
|
||||
<input type="hidden" name="lastcurdir" value="<?php ehe($curdir); ?>" />
|
||||
<input type="hidden" name="bid" value="<?php ehe($bid); ?>" />
|
||||
|
||||
<input type="text" class="int" id="file" name="file" size="20" value="<?php ehe($file); ?>" /><br />
|
||||
|
||||
|
|
|
|||
|
|
@ -67,8 +67,12 @@ if (!$r) {
|
|||
$rr[0]["dir"]=$dir;
|
||||
include_once("ftp_edit.php");
|
||||
exit();
|
||||
} else {
|
||||
if ($create) {
|
||||
$error=_("The ftp account has been successfully created");
|
||||
} else {
|
||||
$error=_("The ftp account has been successfully saved");
|
||||
}
|
||||
include("ftp_list.php");
|
||||
exit();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ require_once("../class/config.php");
|
|||
include_once("head.php");
|
||||
|
||||
$fields = array (
|
||||
"dir" => array ("post", "string", ""),
|
||||
"dir" => array ("request", "string", ""),
|
||||
);
|
||||
getFields($fields);
|
||||
|
||||
|
|
|
|||
|
|
@ -275,7 +275,7 @@ class m_bro {
|
|||
if ($db->num_rows() == 0) {
|
||||
$db->query("INSERT INTO browser (editsizex, editsizey, listmode, showicons, downfmt, createfile, showtype, uid, editor_font, editor_size, golastdir) VALUES (70, 21, 0, 0, 0, 0, 0, ?,'Arial, Helvetica, Sans-serif','12px',1);", array(intval($cuid)));
|
||||
}
|
||||
$db->query("UPDATE browser SET editsizex= ?, editsizey= ?, listmode= ?, showicons= ?, downfmt= ?, createfile= ?, showtype= ?, editor_font= ?, editor_size= e, golastdir= ? WHERE uid= ?;", array($editsizex, $editsizey, $downfmt, $createfile, $showtype, $editor_font, $editor_size, $golastdir, intval($cuid)));
|
||||
$db->query("UPDATE browser SET editsizex= ?, editsizey= ?, listmode= ?, showicons= ?, downfmt= ?, createfile= ?, showtype= ?, editor_font= ?, editor_size= ?, golastdir= ? WHERE uid= ?;", array($editsizex, $editsizey, $listmode, $showicons, $downfmt, $createfile, $showtype, $editor_font, $editor_size, $golastdir, intval($cuid)));
|
||||
return true;
|
||||
}
|
||||
|
||||
|
|
@ -1070,9 +1070,10 @@ class m_bro {
|
|||
header("Content-Disposition: attachment; filename=" . $mem->user["login"] . ".zip");
|
||||
header("Content-Type: application/x-zip");
|
||||
header("Content-Transfer-Encoding: binary");
|
||||
$d = escapeshellarg($this->convertabsolute($dir, false));
|
||||
$d = $this->convertabsolute($dir, false);
|
||||
set_time_limit(0);
|
||||
passthru("/usr/bin/zip -r - $d");
|
||||
chdir(dirname($d));
|
||||
passthru("/usr/bin/zip -r - ".escapeshellarg(basename($d)));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
Loading…
Reference in New Issue