mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-01 20:30:39 +02:00
Code Issues Releases Wiki Activity

Issue #4287 - Extended user fields - when editing a checkbox field a database lookup was attempted.

Browse Source
This commit is contained in:
Cameron
2020-12-09 09:15:16 -08:00
parent 7229aa6c50
commit eb94769e1c
2 changed files with 23 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
e107_admin/users_extended.php
View File

@@ -920,7 +920,7 @@ e107::js('footer-inline', js());
$type = intval($current['user_extended_struct_type']); $type = intval($current['user_extended_struct_type']);
$val_hide = ($type != 4 && $type !=1 ) ? "visible" : "none"; $val_hide = ($type !== EUF_DB_FIELD && $type !== EUF_TEXT && $type !== EUF_COUNTRY ) ? "visible" : "none";
if($type == 0) if($type == 0)
{ {
@@ -949,18 +949,21 @@ e107::js('footer-inline', js());
<input type='button' class='btn btn-primary' value='".EXTLAN_48."' onclick=\"duplicateHTML('value_line','value_container');\" /> <input type='button' class='btn btn-primary' value='".EXTLAN_48."' onclick=\"duplicateHTML('value_line','value_container');\" />
<br /><span class='field-help'>".EXTLAN_17."</span>"; <br /><span class='field-help'>".EXTLAN_17."</span>";
$text .= "<div style='margin-top:10px'>".$frm->checkbox('sort_user_values',1, false, EXTLAN_87)."</div>"; $text .= "<div class='checkbox' style='margin-top:10px; margin-bottom:0'>".$frm->checkbox('sort_user_values',1, false, EXTLAN_87)."</div>";
$text .= "</div>"; $text .= "</div>";
if($this->getController()->getMode() === 'edit' && ($type !== EUF_DB_FIELD))
{
return $text;
}
// End of Values. -------------------------------------- // End of Values. --------------------------------------
$db_hide = ($current['user_extended_struct_type'] == 4) ? "block" : "none"; $db_hide = ($current['user_extended_struct_type'] == EUF_DB_FIELD) ? "block" : "none";
// Ajax URL for "Table" dropdown. // Ajax URL for "Table" dropdown.
$ajaxGetTableSrc = e_SELF . '?mode=ajax&action=changeTable'; $ajaxGetTableSrc = e_SELF . '?mode=ajax&action=changeTable';

28
e107_handlers/e_parse_class.php
View File

@@ -42,7 +42,7 @@ class e_parse extends e_parser
public $e_emote; public $e_emote;
// 'Hooked' parsers (array) // 'Hooked' parsers (array)
protected $e_hook; protected $e_hook = array();
public $search = array('&amp;#039;', '&#039;', '&#39;', '&quot;', 'onerror', '&gt;', '&amp;quot;', ' & '); public $search = array('&amp;#039;', '&#039;', '&#39;', '&quot;', 'onerror', '&gt;', '&amp;quot;', ' & ');
@@ -1991,7 +1991,12 @@ class e_parse extends e_parser
{ {
foreach($pref['e_tohtml_list'] as $hook) foreach($pref['e_tohtml_list'] as $hook)
{ {
if (!is_object($this->e_hook[$hook])) if(empty($hook))
{
continue;
}
if (empty($this->e_hook[$hook]) /*&& !is_object($this->e_hook[$hook])*/)
{ {
if(is_readable(e_PLUGIN.$hook."/e_tohtml.php")) if(is_readable(e_PLUGIN.$hook."/e_tohtml.php"))
{ {
@@ -2225,6 +2230,7 @@ class e_parse extends e_parser
/** /**
* Use it on html attributes to avoid breaking markup . * Use it on html attributes to avoid breaking markup .
* @param string $text
* @example echo "<a href='#' title='".$tp->toAttribute($text)."'>Hello</a>"; * @example echo "<a href='#' title='".$tp->toAttribute($text)."'>Hello</a>";
*/ */
function toAttribute($text) function toAttribute($text)
@@ -4564,10 +4570,10 @@ class e_parser
return null; return null;
} }
if(strpos($icon,'e_MEDIA_IMAGE')!==false) // if(strpos($icon,'e_MEDIA_IMAGE')!==false)
{ // {
// return "<div class='alert alert-danger'>Use \$tp->toImage() instead of toIcon() for ".$icon."</div>"; // debug info only. // return "<div class='alert alert-danger'>Use \$tp->toImage() instead of toIcon() for ".$icon."</div>"; // debug info only.
} // }
if(substr($icon,0,3) == '<i ') // if it's html (ie. css sprite) return the code. if(substr($icon,0,3) == '<i ') // if it's html (ie. css sprite) return the code.
{ {
@@ -5198,7 +5204,7 @@ TMPL;
// -------------------- Encoding ---------------- // -------------------- Encoding ----------------
$acc = $this->getScriptAccess(); $acc = $this->getScriptAccess();
$accName = e107::getUserClass()->uc_get_classname($acc); $accName = e107::getUserClass()->getName($acc);
echo "<h2>e107 Parser Test <small>with script access by <span class='label label-warning'>".$accName."</span></small></h2>"; echo "<h2>e107 Parser Test <small>with script access by <span class='label label-warning'>".$accName."</span></small></h2>";
echo"<h3>User-input <small>(eg. from \$_POST)</small></h3>"; echo"<h3>User-input <small>(eg. from \$_POST)</small></h3>";
@@ -5518,13 +5524,7 @@ return;
{ {
$html = '<body>'.$html.'</body>'; $html = '<body>'.$html.'</body>';
} }
else // Full HTML page.
{
// $this->allowedTags[] = 'head';
// $this->allowedTags[] = 'body';
// $this->allowedTags[] = 'title';
//$this->allowedTags[] = 'meta';
}
if(!is_object($this->domObj)) if(!is_object($this->domObj))
{ {
@@ -5755,7 +5755,7 @@ return;
/** /**
* Check for Invalid Attribute Values * Check for Invalid Attribute Values
* @param $value string * @param $value string
* @return true/false * @return bool true/false
*/ */
function invalidAttributeValue($value) function invalidAttributeValue($value)
{ {