Menu
▾
▴
[mxbb-commits] mx_phpCA/admin admin_ads_categ.php, 1.1, 1.2 admin_ads_cfg.php, 1.1, 1.2 admin_ads_ext.php, 1.2, 1.3
|
From: OryNider <ory...@us...> - 2008-02-28 06:27:54
|
Update of /cvsroot/mxbb/mx_phpCA/admin In directory sc8-pr-cvs16.sourceforge.net:/tmp/cvs-serv21483/mx_phpCA/admin Modified Files: admin_ads_categ.php admin_ads_cfg.php admin_ads_ext.php Log Message: cvs commit test Index: admin_ads_categ.php =================================================================== RCS file: /cvsroot/mxbb/mx_phpCA/admin/admin_ads_categ.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** admin_ads_categ.php 6 Jun 2007 22:24:28 -0000 1.1 --- admin_ads_categ.php 28 Feb 2008 06:26:17 -0000 1.2 *************** *** 1,22 **** ! <? ! /*************************************************************************** ! * admin_ads_categ.php ! * ------------------- ! * begin : Wednesday, Feb 15, 2006 ! * copyright : (C) 2006 Peter Mansion ! * email : su...@ph... ! * ! * $Id$ ! * ! ***************************************************************************/ ! ! /*************************************************************************** ! * ! * This program is free software; you can redistribute it and/or modify ! * it under the terms of the GNU General Public License as published by ! * the Free Software Foundation; either version 2 of the License, or ! * (at your option) any later version. ! * ! ***************************************************************************/ define('IN_PORTAL', 1); --- 1,11 ---- ! <?php ! /** ! * ! * @package mxBB Portal Module - mx_phpCA ! * @version $Id$ ! * @copyright (c) 2002-2006 [Peter Mansion, su...@ph...] mxBB Project Team ! * @license http://opensource.org/licenses/gpl-license.php GNU General Public License v2 ! * ! */ define('IN_PORTAL', 1); *************** *** 63,69 **** // Mode setting // ! if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) { ! $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; $mode = htmlspecialchars($mode); } --- 52,58 ---- // Mode setting // ! if ( isset($_POST['mode']) || isset($HTTP_GET_VARS['mode']) ) { ! $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $HTTP_GET_VARS['mode']; $mode = htmlspecialchars($mode); } *************** *** 73,77 **** } ! if ( $HTTP_POST_VARS[cancel] ) { $mode = ""; --- 62,66 ---- } ! if ( $_POST[cancel] ) { $mode = ""; *************** *** 87,91 **** //Checks to see if the category, name, message or email fields are empty. ! if ( empty($HTTP_POST_VARS[category]) or empty($HTTP_POST_VARS[sub_category]) ) { mx_message_die(GENERAL_ERROR, $lang['create_category_instructions'], "", __LINE__, __FILE__); --- 76,80 ---- //Checks to see if the category, name, message or email fields are empty. ! if ( empty($_POST[category]) && empty($_POST[sub_category]) ) { mx_message_die(GENERAL_ERROR, $lang['create_category_instructions'], "", __LINE__, __FILE__); *************** *** 93,98 **** // Sanitize input data ! $category = htmlspecialchars($HTTP_POST_VARS[category]); ! $sub_category = htmlspecialchars($HTTP_POST_VARS[sub_category]); // Extra sanitize for SQL variables --- 82,87 ---- // Sanitize input data ! $category = htmlspecialchars($_POST[category]); ! $sub_category = empty($_POST[sub_category]) ? $category : htmlspecialchars($_POST[sub_category]); // Extra sanitize for SQL variables *************** *** 105,109 **** if ( $db->sql_query($sql) ) { ! $message = $lang['category_creation_conf'] . "<br /><br />" . sprintf($lang['ads_click_return_categories'], "<a href=\"" . append_sid("admin_ads_categ.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>"); mx_message_die(GENERAL_MESSAGE, $message); } --- 94,98 ---- if ( $db->sql_query($sql) ) { ! $message = $lang['category_creation_conf'] . "<br /><br />" . sprintf($lang['ads_click_return_categories'], "<a href=\"" . append_sid("admin_ads_categ.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid($mx_root_path . "admin/index.$phpEx?pane=right") . "\">", "</a>"); mx_message_die(GENERAL_MESSAGE, $message); } *************** *** 166,170 **** $sub_category = str_replace("\'", "''", $sub_category); ! if ( $HTTP_POST_VARS[confirm] ) { if ( $sub_category ) --- 155,159 ---- $sub_category = str_replace("\'", "''", $sub_category); ! if ( $_POST[confirm] ) { if ( $sub_category ) *************** *** 199,206 **** case 'edit': ! if ( isset($HTTP_POST_VARS['submit']) ) { ! if ( empty($HTTP_POST_VARS[category] ) ! or empty($HTTP_POST_VARS[sub_category]) ) { mx_message_die(GENERAL_ERROR, "Invalid edit request", "", __LINE__, __FILE__); --- 188,195 ---- case 'edit': ! if ( isset($_POST['submit']) ) { ! if ( empty($_POST[category] ) ! or empty($_POST[sub_category]) ) { mx_message_die(GENERAL_ERROR, "Invalid edit request", "", __LINE__, __FILE__); *************** *** 209,216 **** if ( file_exists("admin_ads_paid_ads.$phpEx") ) { ! $basic_cost = intval($HTTP_POST_VARS[basic_cost]); ! $standard_cost = intval($HTTP_POST_VARS[standard_cost]); ! $photo_cost = intval($HTTP_POST_VARS[photo_cost]); ! $premium_cost = intval($HTTP_POST_VARS[premium_cost]); } else --- 198,205 ---- if ( file_exists("admin_ads_paid_ads.$phpEx") ) { ! $basic_cost = intval($_POST[basic_cost]); ! $standard_cost = intval($_POST[standard_cost]); ! $photo_cost = intval($_POST[photo_cost]); ! $premium_cost = intval($_POST[premium_cost]); } else *************** *** 222,243 **** } ! $category = htmlspecialchars($HTTP_POST_VARS[category]); ! $sub_category = htmlspecialchars($HTTP_POST_VARS[sub_category]); ! $field_1_desc = htmlspecialchars($HTTP_POST_VARS[field_1_desc]); ! $field_2_desc = htmlspecialchars($HTTP_POST_VARS[field_2_desc]); ! $field_3_desc = htmlspecialchars($HTTP_POST_VARS[field_3_desc]); ! $field_4_desc = htmlspecialchars($HTTP_POST_VARS[field_4_desc]); ! $field_5_desc = htmlspecialchars($HTTP_POST_VARS[field_5_desc]); ! $field_6_desc = htmlspecialchars($HTTP_POST_VARS[field_6_desc]); ! $field_7_desc = htmlspecialchars($HTTP_POST_VARS[field_7_desc]); ! $field_8_desc = htmlspecialchars($HTTP_POST_VARS[field_8_desc]); ! $field_9_desc = htmlspecialchars($HTTP_POST_VARS[field_9_desc]); ! $field_10_desc = htmlspecialchars($HTTP_POST_VARS[field_10_desc]); ! $cat_create_level = htmlspecialchars($HTTP_POST_VARS[cat_create_level]); ! $cat_edit_level = htmlspecialchars($HTTP_POST_VARS[cat_edit_level]); ! $cat_delete_level = htmlspecialchars($HTTP_POST_VARS[cat_delete_level]); ! $cat_image_level = htmlspecialchars($HTTP_POST_VARS[cat_image_level]); ! $cat_comment_level = htmlspecialchars($HTTP_POST_VARS[cat_comment_level]); ! $cat_rate_level = htmlspecialchars($HTTP_POST_VARS[cat_rate_level]); // Extra sanitize for SQL variables --- 211,232 ---- } ! $category = htmlspecialchars($_POST[category]); ! $sub_category = htmlspecialchars($_POST[sub_category]); ! $field_1_desc = htmlspecialchars($_POST[field_1_desc]); ! $field_2_desc = htmlspecialchars($_POST[field_2_desc]); ! $field_3_desc = htmlspecialchars($_POST[field_3_desc]); ! $field_4_desc = htmlspecialchars($_POST[field_4_desc]); ! $field_5_desc = htmlspecialchars($_POST[field_5_desc]); ! $field_6_desc = htmlspecialchars($_POST[field_6_desc]); ! $field_7_desc = htmlspecialchars($_POST[field_7_desc]); ! $field_8_desc = htmlspecialchars($_POST[field_8_desc]); ! $field_9_desc = htmlspecialchars($_POST[field_9_desc]); ! $field_10_desc = htmlspecialchars($_POST[field_10_desc]); ! $cat_create_level = htmlspecialchars($_POST[cat_create_level]); ! $cat_edit_level = htmlspecialchars($_POST[cat_edit_level]); ! $cat_delete_level = htmlspecialchars($_POST[cat_delete_level]); ! $cat_image_level = htmlspecialchars($_POST[cat_image_level]); ! $cat_comment_level = htmlspecialchars($_POST[cat_comment_level]); ! $cat_rate_level = htmlspecialchars($_POST[cat_rate_level]); // Extra sanitize for SQL variables Index: admin_ads_ext.php =================================================================== RCS file: /cvsroot/mxbb/mx_phpCA/admin/admin_ads_ext.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** admin_ads_ext.php 8 Feb 2008 23:42:47 -0000 1.2 --- admin_ads_ext.php 28 Feb 2008 06:26:18 -0000 1.3 *************** *** 9,13 **** */ ! define( 'IN_PORTAL', 1 ); if ( !empty( $setmodules ) ) --- 9,13 ---- */ ! define('IN_PORTAL', 1); if ( !empty( $setmodules ) ) *************** *** 21,28 **** // Let's set the root dir for phpBB // ! $module_root_path = '../'; ! $mx_root_path = '../../../'; $ads_root_path = $module_root_path . 'ads_mod/'; ! $phpEx = substr(strrchr(__FILE__, '.'), 1); require($mx_root_path . 'admin/pagestart.' . $phpEx); --- 21,28 ---- // Let's set the root dir for phpBB // ! $module_root_path = './../'; ! $mx_root_path = './../../../'; $ads_root_path = $module_root_path . 'ads_mod/'; ! $phpEx = substr(strrchr(__FILE__, '.'), 1); require($mx_root_path . 'admin/pagestart.' . $phpEx); *************** *** 85,89 **** if ( isset( $HTTP_POST_VARS['submit'] ) ) { ! $message = $lang['ads_config_updated'] . "<br /><br />" . sprintf( $lang['Click_return_ads_config'], "<a href=\"" . append_sid( "admin_ads_ext.$phpEx" ) . "\">", "</a>" ) . "<br /><br />" . sprintf( $lang['Click_return_admin_index'], "<a href=\"" . append_sid( $mx_root_path . "admin/index.$phpEx?pane=right" ) . "\">", "</a>" ); mx_message_die( GENERAL_MESSAGE, $message ); } --- 85,89 ---- if ( isset( $HTTP_POST_VARS['submit'] ) ) { ! $message = $lang['ads_config_updated'] . "<br /><br />" . sprintf( $lang['Click_return_ads_config'], "<a href=\"" . append_sid( "admin_ads_ext.$phpEx" ) . "\">", "</a>" ) . "<br /><br />" . sprintf( $lang['Click_return_admin_index'], "<a href=\"" . append_sid($mx_root_path . "admin/index.$phpEx?pane=right") . "\">", "</a>" ); mx_message_die( GENERAL_MESSAGE, $message ); } *************** *** 164,166 **** include_once( $mx_root_path . 'admin/page_footer_admin.' . $phpEx ); ! ?> \ No newline at end of file --- 164,166 ---- include_once( $mx_root_path . 'admin/page_footer_admin.' . $phpEx ); ! ?> Index: admin_ads_cfg.php =================================================================== RCS file: /cvsroot/mxbb/mx_phpCA/admin/admin_ads_cfg.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** admin_ads_cfg.php 6 Jun 2007 22:24:29 -0000 1.1 --- admin_ads_cfg.php 28 Feb 2008 06:26:18 -0000 1.2 *************** *** 1,22 **** ! <? ! /*************************************************************************** ! * admin_ads_cfg.php ! * ------------------- ! * begin : Wednesday, Feb 15, 2006 ! * copyright : (C) 2006 Peter Mansion ! * email : su...@ph... ! * ! * $Id$ ! * ! ***************************************************************************/ ! ! /*************************************************************************** ! * ! * This program is free software; you can redistribute it and/or modify ! * it under the terms of the GNU General Public License as published by ! * the Free Software Foundation; either version 2 of the License, or ! * (at your option) any later version. ! * ! ***************************************************************************/ define('IN_PORTAL', 1); --- 1,11 ---- ! <?php ! /** ! * ! * @package mxBB Portal Module - mx_phpCA ! * @version $Id$ ! * @copyright (c) 2002-2006 [Peter Mansion, su...@ph...] mxBB Project Team ! * @license http://opensource.org/licenses/gpl-license.php GNU General Public License v2 ! * ! */ define('IN_PORTAL', 1); *************** *** 94,98 **** if( isset($HTTP_POST_VARS['submit']) ) { ! $message = $lang['Config_updated'] . "<br /><br />" . sprintf($lang['ads_click_return_config'], "<a href=\"" . append_sid("admin_ads_cfg.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>"); mx_message_die(GENERAL_MESSAGE, $message); --- 83,87 ---- if( isset($HTTP_POST_VARS['submit']) ) { ! $message = $lang['Config_updated'] . "<br /><br />" . sprintf($lang['ads_click_return_config'], "<a href=\"" . append_sid("admin_ads_cfg.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid($mx_root_path . "admin/index.$phpEx?pane=right") . "\">", "</a>"); mx_message_die(GENERAL_MESSAGE, $message); |