From 7fa2971c836fc194f00f90f6003166f585d0dd87 Mon Sep 17 00:00:00 2001
From: CaMer0n <cameron@e107coders.org>
Date: Sat, 7 Jul 2012 06:04:04 +0000
Subject: [PATCH] Fixed an access issue with the media-manager dialog window.

---
 e107_admin/image.php                  | 11 ++++++++---
 e107_admin/newspost.php               | 10 ++++++++--
 e107_files/jslib/core/admin.jquery.js |  2 +-
 3 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/e107_admin/image.php b/e107_admin/image.php
index e872be907..680238bd9 100644
--- a/e107_admin/image.php
+++ b/e107_admin/image.php
@@ -18,7 +18,7 @@ if (!defined('e107_INIT'))
 	require_once("../class2.php");
 }
 
-if (!getperms("A"))
+if (!getperms("A") && ($_GET['action'] != 'dialog')) 
 {
 	header("location:".e_HTTP."index.php");
 	exit;
@@ -458,8 +458,10 @@ class media_admin_ui extends e_admin_ui
 			$this->updateSettings();
 		}
 		
-		if($this->getQuery('mode') == 'dialog')
+		if($this->getQuery('mode') == 'dialog')//TODO Check this actually does something, as it was changed to 'action'. 
 		{
+			if(!ADMIN){ exit; }
+			
 			$cat = $_GET['for'];
 			if(!isset($this->cats[$cat]))
 			{
@@ -574,6 +576,9 @@ class media_admin_ui extends e_admin_ui
 	
 	function uploadPage()
 	{
+		if(!ADMIN){ exit; } //TODO check for upload-access in perms. 
+		
+		
 		$text = '<div id="uploader" rel="'.e_JS.'plupload/upload.php?for='.$this->getQuery('for').'">
 	        <p>No HTML5 support.</p>
 		</div>';
@@ -702,7 +707,7 @@ class media_admin_ui extends e_admin_ui
 			$text .= "<div style='text-align:right;padding:5px'>
 			
 			<button type='submit' class='submit e-dialog-save e-dialog-close' data-target='".$this->getQuery('tagid')."' name='save_image' value='Save it'  >
-			<span>Save IT</span>
+			<span>Save</span>
 			</button>
 			<button type='submit' class='submit e-dialog-close' name='cancel_image' value='Cancel' >
 			<span>Cancel</span>
diff --git a/e107_admin/newspost.php b/e107_admin/newspost.php
index 137151704..9392edf9e 100644
--- a/e107_admin/newspost.php
+++ b/e107_admin/newspost.php
@@ -1903,14 +1903,20 @@ class admin_newspost
 							<tr>
 								<td>".NWSLAN_12.":</td>
 								<td>
-									".$frm->text('news_title', $tp->post_toForm($_POST['news_title']))."
+								<input type='text' name='news_title' value=\"". $tp->post_toForm($_POST['news_title'])."\" class='tbox' style='width:90%' />
+									".
+								// TOO short ->	$frm->text('news_title', $tp->post_toForm($_POST['news_title']),200,array('size'=>300)).
+									"
 								</td>
 							</tr>
 
 							<tr>
 								<td>".LAN_NEWS_27.":</td>
 								<td>
-									".$frm->text('news_summary', $tp->post_toForm($_POST['news_summary']), 250)."
+								<input type='text' name='news_summary' value=\"". $tp->post_toForm($_POST['news_summary'])."\" class='tbox' style='width:90%' />
+									".
+								//	$frm->text('news_summary', $tp->post_toForm($_POST['news_summary']), 250).
+									"
 								</td>
 							</tr>
 							
diff --git a/e107_files/jslib/core/admin.jquery.js b/e107_files/jslib/core/admin.jquery.js
index 9bcac0dd3..442a4a43f 100644
--- a/e107_files/jslib/core/admin.jquery.js
+++ b/e107_files/jslib/core/admin.jquery.js
@@ -409,7 +409,7 @@ $(document).ready(function()
 		 
 		        // Specify what files to browse for
 		        filters : [
-		            {title : "Image files", extensions : "jpg,gif,png"},
+		            {title : "Image files", extensions : "jpg,gif,png,jpeg"},
 		            {title : "Zip files", extensions : "zip,gz"}
 		        ],
 		        preinit : {