Fixed an access issue with the media-manager dialog window.

2025-08-04 13:47:31 +02:00 · 2012-07-07 06:04:04 +00:00
parent 06d2e91392
commit 7fa2971c83
3 changed files with 17 additions and 6 deletions
--- a/e107_admin/image.php
+++ b/e107_admin/image.php
@@ -18,7 +18,7 @@ if (!defined('e107_INIT'))
 	require_once("../class2.php");
 }

-if (!getperms("A"))
+if (!getperms("A") && ($_GET['action'] != 'dialog')) 
 {
 	header("location:".e_HTTP."index.php");
 	exit;
@@ -458,8 +458,10 @@ class media_admin_ui extends e_admin_ui
 			$this->updateSettings();
 		}
 		
-		if($this->getQuery('mode') == 'dialog')
+		if($this->getQuery('mode') == 'dialog')//TODO Check this actually does something, as it was changed to 'action'. 
 		{
+			if(!ADMIN){ exit; }
+			
 			$cat = $_GET['for'];
 			if(!isset($this->cats[$cat]))
 			{
@@ -574,6 +576,9 @@ class media_admin_ui extends e_admin_ui
 	
 	function uploadPage()
 	{
+		if(!ADMIN){ exit; } //TODO check for upload-access in perms. 
+		
+		
 		$text = '<div id="uploader" rel="'.e_JS.'plupload/upload.php?for='.$this->getQuery('for').'">
 	        <p>No HTML5 support.</p>
 		</div>';
@@ -702,7 +707,7 @@ class media_admin_ui extends e_admin_ui
 			$text .= "<div style='text-align:right;padding:5px'>
 			
 			<button type='submit' class='submit e-dialog-save e-dialog-close' data-target='".$this->getQuery('tagid')."' name='save_image' value='Save it'  >
-			<span>Save IT</span>
+			<span>Save</span>
 			</button>
 			<button type='submit' class='submit e-dialog-close' name='cancel_image' value='Cancel' >
 			<span>Cancel</span>
--- a/e107_admin/newspost.php
+++ b/e107_admin/newspost.php
@@ -1903,14 +1903,20 @@ class admin_newspost
 							<tr>
 								<td>".NWSLAN_12.":</td>
 								<td>
-									".$frm->text('news_title', $tp->post_toForm($_POST['news_title']))."
+								<input type='text' name='news_title' value=\"". $tp->post_toForm($_POST['news_title'])."\" class='tbox' style='width:90%' />
+									".
+								// TOO short ->	$frm->text('news_title', $tp->post_toForm($_POST['news_title']),200,array('size'=>300)).
+									"
 								</td>
 							</tr>

 							<tr>
 								<td>".LAN_NEWS_27.":</td>
 								<td>
-									".$frm->text('news_summary', $tp->post_toForm($_POST['news_summary']), 250)."
+								<input type='text' name='news_summary' value=\"". $tp->post_toForm($_POST['news_summary'])."\" class='tbox' style='width:90%' />
+									".
+								//	$frm->text('news_summary', $tp->post_toForm($_POST['news_summary']), 250).
+									"
 								</td>
 							</tr>
 							
--- a/e107_files/jslib/core/admin.jquery.js
+++ b/e107_files/jslib/core/admin.jquery.js
@@ -409,7 +409,7 @@ $(document).ready(function()
 		 
 		        // Specify what files to browse for
 		        filters : [
-		            {title : "Image files", extensions : "jpg,gif,png"},
+		            {title : "Image files", extensions : "jpg,gif,png,jpeg"},
 		            {title : "Zip files", extensions : "zip,gz"}
 		        ],
 		        preinit : {