mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-04 21:57:51 +02:00
Code Issues Releases Wiki Activity

Fixed an access issue with the media-manager dialog window.

Browse Source
This commit is contained in:
CaMer0n
2012-07-07 06:04:04 +00:00
parent 06d2e91392
commit 7fa2971c83
3 changed files with 17 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
e107_admin/image.php
View File

@@ -18,7 +18,7 @@ if (!defined('e107_INIT'))
require_once("../class2.php"); require_once("../class2.php");
} }
if (!getperms("A")) if (!getperms("A") && ($_GET['action'] != 'dialog'))
{ {
header("location:".e_HTTP."index.php"); header("location:".e_HTTP."index.php");
exit; exit;
@@ -458,8 +458,10 @@ class media_admin_ui extends e_admin_ui
$this->updateSettings(); $this->updateSettings();
} }
if($this->getQuery('mode') == 'dialog') if($this->getQuery('mode') == 'dialog')//TODO Check this actually does something, as it was changed to 'action'.
{ {
if(!ADMIN){ exit; }
$cat = $_GET['for']; $cat = $_GET['for'];
if(!isset($this->cats[$cat])) if(!isset($this->cats[$cat]))
{ {
@@ -574,6 +576,9 @@ class media_admin_ui extends e_admin_ui
function uploadPage() function uploadPage()
{ {
if(!ADMIN){ exit; } //TODO check for upload-access in perms.
$text = '<div id="uploader" rel="'.e_JS.'plupload/upload.php?for='.$this->getQuery('for').'"> $text = '<div id="uploader" rel="'.e_JS.'plupload/upload.php?for='.$this->getQuery('for').'">
<p>No HTML5 support.</p> <p>No HTML5 support.</p>
</div>'; </div>';
@@ -702,7 +707,7 @@ class media_admin_ui extends e_admin_ui
$text .= "<div style='text-align:right;padding:5px'> $text .= "<div style='text-align:right;padding:5px'>
<button type='submit' class='submit e-dialog-save e-dialog-close' data-target='".$this->getQuery('tagid')."' name='save_image' value='Save it' > <button type='submit' class='submit e-dialog-save e-dialog-close' data-target='".$this->getQuery('tagid')."' name='save_image' value='Save it' >
<span>Save IT</span> <span>Save</span>
</button> </button>
<button type='submit' class='submit e-dialog-close' name='cancel_image' value='Cancel' > <button type='submit' class='submit e-dialog-close' name='cancel_image' value='Cancel' >
<span>Cancel</span> <span>Cancel</span>

10
e107_admin/newspost.php
View File

@@ -1903,14 +1903,20 @@ class admin_newspost
<tr> <tr>
<td>".NWSLAN_12.":</td> <td>".NWSLAN_12.":</td>
<td> <td>
".$frm->text('news_title', $tp->post_toForm($_POST['news_title']))." <input type='text' name='news_title' value=\"". $tp->post_toForm($_POST['news_title'])."\" class='tbox' style='width:90%' />
".
// TOO short -> $frm->text('news_title', $tp->post_toForm($_POST['news_title']),200,array('size'=>300)).
"
</td> </td>
</tr> </tr>
<tr> <tr>
<td>".LAN_NEWS_27.":</td> <td>".LAN_NEWS_27.":</td>
<td> <td>
".$frm->text('news_summary', $tp->post_toForm($_POST['news_summary']), 250)." <input type='text' name='news_summary' value=\"". $tp->post_toForm($_POST['news_summary'])."\" class='tbox' style='width:90%' />
".
// $frm->text('news_summary', $tp->post_toForm($_POST['news_summary']), 250).
"
</td> </td>
</tr> </tr>

2
e107_files/jslib/core/admin.jquery.js
View File

@@ -409,7 +409,7 @@ $(document).ready(function()
// Specify what files to browse for // Specify what files to browse for
filters : [ filters : [
{title : "Image files", extensions : "jpg,gif,png"}, {title : "Image files", extensions : "jpg,gif,png,jpeg"},
{title : "Zip files", extensions : "zip,gz"} {title : "Zip files", extensions : "zip,gz"}
], ],
preinit : { preinit : {