mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-04-02 01:52:10 +09:00
#18557491 : block embed, multimedia_link when administrators view non-administrator's articles
git-svn-id: http://xe-core.googlecode.com/svn/sandbox@7063 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
haneul
parent
f0621b76dc
commit
4a847a93ee
12 changed files with 75 additions and 1 deletions
|
|
@ -313,4 +313,6 @@
|
|||
$lang->filter->invalid_alpha = "The format of %s is invalid. Please input alphabets only";
|
||||
$lang->filter->invalid_alpha_number = "The format of %s is invalid. Please input alphabets or numbers";
|
||||
$lang->filter->invalid_number = "The format of %s is invalid. Please input numbers only";
|
||||
|
||||
$lang->security_warning_embed = "Due to security concern, administrators are not allowed to view embedded items.<BR /> To view them, please use another non-administrator ID.";
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -320,4 +320,6 @@
|
|||
$lang->filter->invalid_alpha = 'Sólo puede introducir los alfabetos en el %s';
|
||||
$lang->filter->invalid_alpha_number = 'Sólo puede introducir los alfanuméricos en el %s es inválido';
|
||||
$lang->filter->invalid_number = 'Sólo puede introducir los dígitos numéricos en el %s';
|
||||
|
||||
$lang->security_warning_embed = "Due to security concern, administrators are not allowed to view embedded items.<BR /> To view them, please use another non-administrator ID.";
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -313,4 +313,6 @@
|
|||
$lang->filter->invalid_alpha = "Das Format von% s ist ungültig. Bitte geben Sie nur Alphabete";
|
||||
$lang->filter->invalid_alpha_number = "Das Format von% s ist ungültig. Bitte geben Sie Ihre Alphabete oder Zahlen";
|
||||
$lang->filter->invalid_number = "Das Format von% s ist ungültig. Bitte geben Sie nur Zahlen";
|
||||
|
||||
$lang->security_warning_embed = "Due to security concern, administrators are not allowed to view embedded items.<BR /> To view them, please use another non-administrator ID.";
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -315,4 +315,6 @@
|
|||
$lang->filter->invalid_alpha = '%sの形式が正しくありません。半角英文字のみ入力して下さい。';
|
||||
$lang->filter->invalid_alpha_number = '%sの形式が正しくありません。半角英数で入力して下さい。';
|
||||
$lang->filter->invalid_number = '%sの形式が正しくありません。半角数字で入力して下さい。';
|
||||
|
||||
$lang->security_warning_embed = "Due to security concern, administrators are not allowed to view embedded items.<BR /> To view them, please use another non-administrator ID.";
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -314,4 +314,6 @@
|
|||
$lang->filter->invalid_alpha = '%s의 형식이 잘못되었습니다. 영문으로만 입력하셔야 합니다.';
|
||||
$lang->filter->invalid_alpha_number = '%s의 형식이 잘못되었습니다. 영문과 숫자로만 입력하셔야 합니다.';
|
||||
$lang->filter->invalid_number = '%s의 형식이 잘못되었습니다. 숫자로만 입력하셔야 합니다.';
|
||||
|
||||
$lang->security_warning_embed = "보안 문제로 관리자 아이디로는 embed를 볼 수 없습니다. 확인하시려면 다른 아이디로 접속하세요";
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -310,4 +310,6 @@
|
|||
$lang->filter->invalid_alpha = '%s-ын хэлбэр буруу байна. Зөвхөн латин үсгээр оруулах ёстой';
|
||||
$lang->filter->invalid_alpha_number = '%s-ын хэлбэр буруу байна. Зөвхөн латин үсэг болон тоогоор л оруулах ёстой.';
|
||||
$lang->filter->invalid_number = '%s-ын хэлбэр буруу байна. Зөвхөн тоогоор оруулах ёстой.';
|
||||
?>
|
||||
|
||||
$lang->security_warning_embed = "Due to security concern, administrators are not allowed to view embedded items.<BR /> To view them, please use another non-administrator ID.";
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -313,4 +313,6 @@
|
|||
$lang->filter->invalid_alpha = "Формат %s неверен. Пожалуйста, вводите только алфавитные символы";
|
||||
$lang->filter->invalid_alpha_number = "Формат %s неверен. Пожалуйста, вводите алфавитные символы или цифры";
|
||||
$lang->filter->invalid_number = "Формат %s неверен. Пожалуйста, вводите только цифры";
|
||||
|
||||
$lang->security_warning_embed = "Due to security concern, administrators are not allowed to view embedded items.<BR /> To view them, please use another non-administrator ID.";
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -303,4 +303,6 @@
|
|||
$lang->filter->invalid_alpha = "Định dạng của %s không hợp lệ. Chỉ sử dụng các kí tự từ a-z";
|
||||
$lang->filter->invalid_alpha_number = "Định dạng của %s không hợp lệ. Chỉ sử dụng các kí tự từ a-z và các chữ số";
|
||||
$lang->filter->invalid_number = "Định dạng của %s không hợp lệ. Chỉ sử dụng các chữ số";
|
||||
|
||||
$lang->security_warning_embed = "Due to security concern, administrators are not allowed to view embedded items.<BR /> To view them, please use another non-administrator ID.";
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -314,4 +314,6 @@
|
|||
$lang->filter->invalid_alpha = '%s只能输入英文字母';
|
||||
$lang->filter->invalid_alpha_number = '%s只能输入英文或数字';
|
||||
$lang->filter->invalid_number = '%s只能输入数字';
|
||||
|
||||
$lang->security_warning_embed = "Due to security concern, administrators are not allowed to view embedded items.<BR /> To view them, please use another non-administrator ID.";
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -314,4 +314,6 @@
|
|||
$lang->filter->invalid_alpha = '%s只能輸入英文字母';
|
||||
$lang->filter->invalid_alpha_number = '%s只能輸入英文或數字';
|
||||
$lang->filter->invalid_number = '%s只能輸入數字';
|
||||
|
||||
$lang->security_warning_embed = "Due to security concern, administrators are not allowed to view embedded items.<BR /> To view them, please use another non-administrator ID.";
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -160,6 +160,32 @@
|
|||
return htmlspecialchars($this->get('nick_name'));
|
||||
}
|
||||
|
||||
function stripEmbedTagForAdmin(&$content)
|
||||
{
|
||||
if(!Context::get('is_logged')) return;
|
||||
$oModuleModel = &getModel('module');
|
||||
$logged_info = Context::get('logged_info');
|
||||
$writer_member_srl = $this->get('member_srl');
|
||||
|
||||
if($writer_member_srl != $logged_info->member_srl && ($logged_info->is_admin == "Y" || $oModuleModel->isSiteAdmin($logged_info)) )
|
||||
{
|
||||
if($writer_member_srl)
|
||||
{
|
||||
$oMemberModel =& getModel('member');
|
||||
$member_info = $oMemberModel->getMemberInfoByMemberSrl($writer_member_srl);
|
||||
if($member_info->is_admin == "Y")
|
||||
{
|
||||
return;
|
||||
}
|
||||
}
|
||||
$security_msg = "<div style='border: 1px solid #DDD; background: #FAFAFA; text-align:center; margin: 1em 0;'><p style='margin: 1em;'>".Context::getLang('security_warning_embed')."</p></div>";
|
||||
$content = preg_replace('/<embed[^>]+>(\s*<\/embed>)?/is', $security_msg, $content);
|
||||
$content = preg_replace('/<img[^>]+editor_component="multimedia_link"[^>]*>(\s*<\/img>)?/is', $security_msg, $content);
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
function getContentText($strlen = 0) {
|
||||
if($this->isSecret() && !$this->isAccessible()) return Context::getLang('msg_is_secret');
|
||||
|
||||
|
|
@ -174,6 +200,7 @@
|
|||
if($this->isSecret() && !$this->isAccessible()) return Context::getLang('msg_is_secret');
|
||||
|
||||
$content = $this->get('content');
|
||||
$this->stripEmbedTagForAdmin($content);
|
||||
|
||||
// 이 댓글을... 팝업메뉴를 출력할 경우
|
||||
if($add_popup_menu && Context::get('is_logged') ) {
|
||||
|
|
|
|||
|
|
@ -251,6 +251,32 @@
|
|||
return htmlspecialchars($content);
|
||||
}
|
||||
|
||||
function stripEmbedTagForAdmin(&$content)
|
||||
{
|
||||
if(!Context::get('is_logged')) return;
|
||||
$oModuleModel = &getModel('module');
|
||||
$logged_info = Context::get('logged_info');
|
||||
$writer_member_srl = $this->get('member_srl');
|
||||
|
||||
if($writer_member_srl != $logged_info->member_srl && ($logged_info->is_admin == "Y" || $oModuleModel->isSiteAdmin($logged_info)) )
|
||||
{
|
||||
if($writer_member_srl)
|
||||
{
|
||||
$oMemberModel =& getModel('member');
|
||||
$member_info = $oMemberModel->getMemberInfoByMemberSrl($writer_member_srl);
|
||||
if($member_info->is_admin == "Y")
|
||||
{
|
||||
return;
|
||||
}
|
||||
}
|
||||
$security_msg = "<div style='border: 1px solid #DDD; background: #FAFAFA; text-align:center; margin: 1em 0;'><p style='margin: 1em;'>".Context::getLang('security_warning_embed')."</p></div>";
|
||||
$content = preg_replace('/<embed[^>]+>(\s*<\/embed>)?/is', $security_msg, $content);
|
||||
$content = preg_replace('/<img[^>]+editor_component="multimedia_link"[^>]*>(\s*<\/img>)?/is', $security_msg, $content);
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
function getContent($add_popup_menu = true, $add_content_info = true, $resource_realpath = false, $add_xe_content_class = true) {
|
||||
if(!$this->document_srl) return;
|
||||
|
||||
|
|
@ -259,6 +285,7 @@
|
|||
$_SESSION['accessible'][$this->document_srl] = true;
|
||||
|
||||
$content = $this->get('content');
|
||||
$this->stripEmbedTagForAdmin($content);
|
||||
|
||||
// rewrite모듈을 사용하면 링크 재정의
|
||||
$oContext = &Context::getInstance();
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue