[Webnotes-cvs] webnotes/core api.php,1.13,1.14 config_inc.php,1.4,1.5

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/webnotes/webnotes/core
In directory usw-pr-cvs1:/tmp/cvs-serv26048/core

Modified Files:
	api.php config_inc.php 
Log Message:
- Fixed a problem with the default value for $g_absolute_directory
- Enhanced the themes template.
- Cleanup of admin.php
- Did cleaning of parameters before injecting them into SQL in api.php
- Updated the roadmap.
- Cleanup of logout.php
- Cleanup of login_page.php
- Cleanup of login.php
- Cleanup of note_add.php
- Cleanup of note_add_page.php (still more work).
- Cleanup of xml.php
- Cleanup of webservices.php
- Cleanup of index.html


Index: api.php
===================================================================
RCS file: /cvsroot/webnotes/webnotes/core/api.php,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14

--- api.php	4 Sep 2002 22:59:46 -0000	1.13
+++ api.php	5 Sep 2002 06:25:19 -0000	1.14
@@ -120,9 +120,11 @@
 	function get_user_info_arr( $p_string_cookie_val ) {
 		global $g_phpWN_user_table;
 
+		$c_string_cookie_val = db_prepare_string( $p_string_cookie_val );
+
 		$query = "SELECT *
 				FROM $g_phpWN_user_table
-				WHERE cookie_string='$p_string_cookie_val'";
+				WHERE cookie_string='$c_string_cookie_val'";
 		$result = db_query( $query );
 		return db_fetch_array( $result );
 	}
@@ -135,9 +137,11 @@
 				$s_date, $s_email, $s_ip, $s_note,
 				$s_delete_button, $s_update_button;
 
+		$c_page_id = db_prepare_int( $p_page_id );
+
 		$query = "SELECT *
 				FROM $g_phpWN_note_table
-				WHERE page_id='$p_page_id'
+				WHERE page_id='$c_page_id'
 				ORDER BY date_submitted";
 		$result = db_query( $query );
 		$num_notes = db_num_rows( $result );
@@ -182,12 +186,12 @@
 										<input type="submit" value="$s_update_button" />
 									</td>
 			</form>
+									<td width="50%" align="center">
 			<form method="post" action="$g_admin_manage_notes">
 				<input type="hidden" name="f_action" value="delete" />
 				<input type="hidden" name="f_id" value="$v_id" />
 				<input type="hidden" name="f_page_id" value="$p_page_id" />
 				<input type="hidden" name="f_url" value="$p_url" />
-									<td width="50%" align="center">
 				<input type="submit" value="$s_delete_button" />
 			</form>
 									</td>

Index: config_inc.php
===================================================================
RCS file: /cvsroot/webnotes/webnotes/core/config_inc.php,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- config_inc.php	4 Sep 2002 13:36:58 -0000	1.4
+++ config_inc.php	5 Sep 2002 06:25:19 -0000	1.5
@@ -33,7 +33,7 @@
 	$g_web_directory          = DIRECTORY_SEPARATOR . 'webnotes' . DIRECTORY_SEPARATOR;
 
 	### absolute directory path
-	$g_absolute_directory     = dirname( __FILE__ ) . DIRECTORY_SEPARATOR;
+	$g_absolute_directory     = dirname( dirname( __FILE__ ) ) . DIRECTORY_SEPARATOR;
 
 	### default ordering of the notes.
 	### ASC = newest on bottom




