[Web-erp-svn] SF.net SVN: web-erp:[4493] trunk

[<dai...@us...>]

Revision: 4493
          http://web-erp.svn.sourceforge.net/web-erp/?rev=4493&view=rev
Author:   daintree
Date:     2011-02-18 21:41:14 +0000 (Fri, 18 Feb 2011)

Log Message:
-----------
Changed PageSecurityArray to avoid problems with register_globals

Modified Paths:
--------------
    trunk/doc/Change.log.html
    trunk/includes/GetConfig.php
    trunk/includes/session.inc

Modified: trunk/doc/Change.log.html
===================================================================
--- trunk/doc/Change.log.html	2011-02-18 09:56:52 UTC (rev 4492)
+++ trunk/doc/Change.log.html	2011-02-18 21:41:14 UTC (rev 4493)
@@ -1,5 +1,6 @@
 <p><font SIZE=4 COLOR=BLUE><b>webERP Change Log</b></font></p>
-<p />
+<p>
+<p>18/2/11: Phil/Don Change PageSecurity array variable name to PageSecurityArray - caused problems with conflict with PageSecurity variable where register_globals = on; </p>
 <p>18/2/11: PO_Items.php make number_format variables turn back into numbers for > 1000</p>
 <p>16/2/11: FixedAssetItems.php now checks for location before allowing additions</p>
 <p>16/2/11: Company preferences - changed wording of stock integration at cost removed the word standard as suggested by Exson</p>

Modified: trunk/includes/GetConfig.php
===================================================================
--- trunk/includes/GetConfig.php	2011-02-18 09:56:52 UTC (rev 4492)
+++ trunk/includes/GetConfig.php	2011-02-18 21:41:14 UTC (rev 4493)
@@ -31,9 +31,9 @@
 	if (DB_error_no($db)!=0){ // the table may not exist with the pagesecurity field in it if it is an older webERP database
 		header('Location: UpgradeDatabase.php'); //divert to the db upgrade if the VersionNumber is not in the config table
 	}
-	//Populate the PageSecurity array for each script's  PageSecurity value
+	//Populate the PageSecurityArray array for each script's  PageSecurity value
 	while ($myrow=DB_fetch_array($result)) {
-		$_SESSION['PageSecurity'][$myrow['script']]=$myrow['pagesecurity'];
+		$_SESSION['PageSecurityArray'][$myrow['script']]=$myrow['pagesecurity'];
 	}
 
 

Modified: trunk/includes/session.inc
===================================================================
--- trunk/includes/session.inc	2011-02-18 09:56:52 UTC (rev 4492)
+++ trunk/includes/session.inc	2011-02-18 21:41:14 UTC (rev 4493)
@@ -115,12 +115,12 @@
 /*User is logged in so get configuration parameters  - save in session*/
 include($PathPrefix . 'includes/GetConfig.php');
 
-/*The page security variable is now retrieved from the database in GetConfig.php and stored in the $SESSION['PageSecurity'] array
+/*The page security variable is now retrieved from the database in GetConfig.php and stored in the $SESSION['PageSecurityArray'] array
  * the key for the array is the script name - the script name is retrieved from the basename ($_SERVER['SCRIPT_NAME']) 
  */
 if (!isset($PageSecurity)){ 
 //only hardcoded in the UpgradeDatabase script - so old versions that don't have the scripts.pagesecurity field do not choke
-	$PageSecurity = $_SESSION['PageSecurity'][basename($_SERVER['SCRIPT_NAME'])];
+	$PageSecurity = $_SESSION['PageSecurityArray'][basename($_SERVER['SCRIPT_NAME'])];
 }
 
 /*If the Code $Version - held in ConnectDB.inc is > than the Database VersionNumber held in config table then do upgrades */


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.