Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[4493] trunk
|
From: <dai...@us...> - 2011-02-18 21:41:20
|
Revision: 4493
http://web-erp.svn.sourceforge.net/web-erp/?rev=4493&view=rev
Author: daintree
Date: 2011-02-18 21:41:14 +0000 (Fri, 18 Feb 2011)
Log Message:
-----------
Changed PageSecurityArray to avoid problems with register_globals
Modified Paths:
--------------
trunk/doc/Change.log.html
trunk/includes/GetConfig.php
trunk/includes/session.inc
Modified: trunk/doc/Change.log.html
===================================================================
--- trunk/doc/Change.log.html 2011-02-18 09:56:52 UTC (rev 4492)
+++ trunk/doc/Change.log.html 2011-02-18 21:41:14 UTC (rev 4493)
@@ -1,5 +1,6 @@
<p><font SIZE=4 COLOR=BLUE><b>webERP Change Log</b></font></p>
-<p />
+<p>
+<p>18/2/11: Phil/Don Change PageSecurity array variable name to PageSecurityArray - caused problems with conflict with PageSecurity variable where register_globals = on; </p>
<p>18/2/11: PO_Items.php make number_format variables turn back into numbers for > 1000</p>
<p>16/2/11: FixedAssetItems.php now checks for location before allowing additions</p>
<p>16/2/11: Company preferences - changed wording of stock integration at cost removed the word standard as suggested by Exson</p>
Modified: trunk/includes/GetConfig.php
===================================================================
--- trunk/includes/GetConfig.php 2011-02-18 09:56:52 UTC (rev 4492)
+++ trunk/includes/GetConfig.php 2011-02-18 21:41:14 UTC (rev 4493)
@@ -31,9 +31,9 @@
if (DB_error_no($db)!=0){ // the table may not exist with the pagesecurity field in it if it is an older webERP database
header('Location: UpgradeDatabase.php'); //divert to the db upgrade if the VersionNumber is not in the config table
}
- //Populate the PageSecurity array for each script's PageSecurity value
+ //Populate the PageSecurityArray array for each script's PageSecurity value
while ($myrow=DB_fetch_array($result)) {
- $_SESSION['PageSecurity'][$myrow['script']]=$myrow['pagesecurity'];
+ $_SESSION['PageSecurityArray'][$myrow['script']]=$myrow['pagesecurity'];
}
Modified: trunk/includes/session.inc
===================================================================
--- trunk/includes/session.inc 2011-02-18 09:56:52 UTC (rev 4492)
+++ trunk/includes/session.inc 2011-02-18 21:41:14 UTC (rev 4493)
@@ -115,12 +115,12 @@
/*User is logged in so get configuration parameters - save in session*/
include($PathPrefix . 'includes/GetConfig.php');
-/*The page security variable is now retrieved from the database in GetConfig.php and stored in the $SESSION['PageSecurity'] array
+/*The page security variable is now retrieved from the database in GetConfig.php and stored in the $SESSION['PageSecurityArray'] array
* the key for the array is the script name - the script name is retrieved from the basename ($_SERVER['SCRIPT_NAME'])
*/
if (!isset($PageSecurity)){
//only hardcoded in the UpgradeDatabase script - so old versions that don't have the scripts.pagesecurity field do not choke
- $PageSecurity = $_SESSION['PageSecurity'][basename($_SERVER['SCRIPT_NAME'])];
+ $PageSecurity = $_SESSION['PageSecurityArray'][basename($_SERVER['SCRIPT_NAME'])];
}
/*If the Code $Version - held in ConnectDB.inc is > than the Database VersionNumber held in config table then do upgrades */
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
