1
0
mirror of https://github.com/e107inc/e107.git synced 2025-08-04 13:47:31 +02:00

Fixed an access issue with the media-manager dialog window.

This commit is contained in:
CaMer0n
2012-07-07 06:04:04 +00:00
parent 06d2e91392
commit 7fa2971c83
3 changed files with 17 additions and 6 deletions

View File

@@ -18,7 +18,7 @@ if (!defined('e107_INIT'))
require_once("../class2.php");
}
if (!getperms("A"))
if (!getperms("A") && ($_GET['action'] != 'dialog'))
{
header("location:".e_HTTP."index.php");
exit;
@@ -458,8 +458,10 @@ class media_admin_ui extends e_admin_ui
$this->updateSettings();
}
if($this->getQuery('mode') == 'dialog')
if($this->getQuery('mode') == 'dialog')//TODO Check this actually does something, as it was changed to 'action'.
{
if(!ADMIN){ exit; }
$cat = $_GET['for'];
if(!isset($this->cats[$cat]))
{
@@ -574,6 +576,9 @@ class media_admin_ui extends e_admin_ui
function uploadPage()
{
if(!ADMIN){ exit; } //TODO check for upload-access in perms.
$text = '<div id="uploader" rel="'.e_JS.'plupload/upload.php?for='.$this->getQuery('for').'">
<p>No HTML5 support.</p>
</div>';
@@ -702,7 +707,7 @@ class media_admin_ui extends e_admin_ui
$text .= "<div style='text-align:right;padding:5px'>
<button type='submit' class='submit e-dialog-save e-dialog-close' data-target='".$this->getQuery('tagid')."' name='save_image' value='Save it' >
<span>Save IT</span>
<span>Save</span>
</button>
<button type='submit' class='submit e-dialog-close' name='cancel_image' value='Cancel' >
<span>Cancel</span>

View File

@@ -1903,14 +1903,20 @@ class admin_newspost
<tr>
<td>".NWSLAN_12.":</td>
<td>
".$frm->text('news_title', $tp->post_toForm($_POST['news_title']))."
<input type='text' name='news_title' value=\"". $tp->post_toForm($_POST['news_title'])."\" class='tbox' style='width:90%' />
".
// TOO short -> $frm->text('news_title', $tp->post_toForm($_POST['news_title']),200,array('size'=>300)).
"
</td>
</tr>
<tr>
<td>".LAN_NEWS_27.":</td>
<td>
".$frm->text('news_summary', $tp->post_toForm($_POST['news_summary']), 250)."
<input type='text' name='news_summary' value=\"". $tp->post_toForm($_POST['news_summary'])."\" class='tbox' style='width:90%' />
".
// $frm->text('news_summary', $tp->post_toForm($_POST['news_summary']), 250).
"
</td>
</tr>

View File

@@ -409,7 +409,7 @@ $(document).ready(function()
// Specify what files to browse for
filters : [
{title : "Image files", extensions : "jpg,gif,png"},
{title : "Image files", extensions : "jpg,gif,png,jpeg"},
{title : "Zip files", extensions : "zip,gz"}
],
preinit : {