fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-04-29 23:32:54 +09:00
Code Issues Projects Releases Packages Wiki Activity

#66 install php version check

Browse source 
#16 install rewrite module usable check
#48 htmlspecialchars function params add
This commit is contained in:
akasima 2013-11-18 16:54:17 +09:00 committed by bnu
parent 51b6b21cf2
commit 736f382b27
93 changed files with 240 additions and 215 deletions
Download patch file Download diff file Expand all files Collapse all files

14
modules/document/document.controller.php
View file

@ -260,7 +260,7 @@ class documentController extends document
{
if($obj->use_html != 'Y')
{
$obj->content = htmlspecialchars($obj->content);
$obj->content = htmlspecialchars($obj->content, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
$obj->content = nl2br($obj->content);
}
@ -443,7 +443,7 @@ class documentController extends document
{
if($obj->use_html != 'Y')
{
$obj->content = htmlspecialchars($obj->content);
$obj->content = htmlspecialchars($obj->content, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
$obj->content = nl2br($obj->content);
}
@ -1830,10 +1830,10 @@ class documentController extends document
$title = $node->title;
$oModuleAdminModel = &getAdminModel('module');
$langs = $oModuleAdminModel->getLangCode($site_srl, $title);
if(count($langs)) foreach($langs as $key => $val) $xml_header_buff .= sprintf('$_titles[%d]["%s"] = "%s"; ', $category_srl, $key, str_replace('"','\\"',htmlspecialchars($val)));
if(count($langs)) foreach($langs as $key => $val) $xml_header_buff .= sprintf('$_titles[%d]["%s"] = "%s"; ', $category_srl, $key, str_replace('"','\\"',htmlspecialchars($val, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)));
$langx = $oModuleAdminModel->getLangCode($site_srl, $description);
if(count($langx)) foreach($langx as $key => $val) $xml_header_buff .= sprintf('$_descriptions[%d]["%s"] = "%s"; ', $category_srl, $key, str_replace('"','\\"',htmlspecialchars($val)));
if(count($langx)) foreach($langx as $key => $val) $xml_header_buff .= sprintf('$_descriptions[%d]["%s"] = "%s"; ', $category_srl, $key, str_replace('"','\\"',htmlspecialchars($val, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)));
$attribute = sprintf(
'mid="%s" module_srl="%d" node_srl="%d" parent_srl="%d" category_srl="%d" text="<?php echo (%s?($_titles[%d][$lang_type]):"")?>" url="%s" expand="%s" color="%s" description="<?php echo (%s?($_descriptions[%d][$lang_type]):"")?>" document_count="%d" ',
@ -1846,7 +1846,7 @@ class documentController extends document
$category_srl,
getUrl('','mid',$node->mid,'category',$category_srl),
$expand,
htmlspecialchars($color),
htmlspecialchars($color, ENT_COMPAT | ENT_HTML401, 'UTF-8', false),
$group_check_code,
$category_srl,
$node->document_count
@ -1894,9 +1894,9 @@ class documentController extends document
$description= $node->description;
$oModuleAdminModel = &getAdminModel('module');
$langs = $oModuleAdminModel->getLangCode($site_srl, $title);
if(count($langs)) foreach($langs as $key => $val) $php_header_buff .= sprintf('$_titles[%d]["%s"] = "%s"; ', $category_srl, $key, str_replace('"','\\"',htmlspecialchars($val)));
if(count($langs)) foreach($langs as $key => $val) $php_header_buff .= sprintf('$_titles[%d]["%s"] = "%s"; ', $category_srl, $key, str_replace('"','\\"',htmlspecialchars($val, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)));
$langx = $oModuleAdminModel->getLangCode($site_srl, $description);
if(count($langx)) foreach($langx as $key => $val) $php_header_buff .= sprintf('$_descriptions[%d]["%s"] = "%s"; ', $category_srl, $key, str_replace('"','\\"',htmlspecialchars($val)));
if(count($langx)) foreach($langx as $key => $val) $php_header_buff .= sprintf('$_descriptions[%d]["%s"] = "%s"; ', $category_srl, $key, str_replace('"','\\"',htmlspecialchars($val, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)));
// Create attributes(Use the category_srl_list to check whether to belong to the menu's node. It seems to be tricky but fast fast and powerful;)
$attribute = sprintf(
'"mid" => "%s", "module_srl" => "%d","node_srl"=>"%s","category_srl"=>"%s","parent_srl"=>"%s","text"=>$_titles[%d][$lang_type],"selected"=>(in_array(Context::get("category"),array(%s))?1:0),"expand"=>"%s","color"=>"%s","description"=>$_descriptions[%d][$lang_type],"list"=>array(%s),"document_count"=>"%d","grant"=>%s?true:false',

14
modules/document/document.item.php
View file

@ -307,22 +307,22 @@ class documentItem extends Object
function getUserID()
{
return htmlspecialchars($this->get('user_id'));
return htmlspecialchars($this->get('user_id'), ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
function getUserName()
{
return htmlspecialchars($this->get('user_name'));
return htmlspecialchars($this->get('user_name'), ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
function getNickName()
{
return htmlspecialchars($this->get('nick_name'));
return htmlspecialchars($this->get('nick_name'), ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
function getLastUpdater()
{
return htmlspecialchars($this->get('last_updater'));
return htmlspecialchars($this->get('last_updater'), ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
function getTitleText($cut_size = 0, $tail='...')
@ -346,8 +346,8 @@ class documentItem extends Object
if($this->get('title_bold')=='Y') $attrs[] = "font-weight:bold;";
if($this->get('title_color') && $this->get('title_color') != 'N') $attrs[] = "color:#".$this->get('title_color');
if(count($attrs)) return sprintf("<span style=\"%s\">%s</span>", implode(';',$attrs), htmlspecialchars($title));
else return htmlspecialchars($title);
if(count($attrs)) return sprintf("<span style=\"%s\">%s</span>", implode(';',$attrs), htmlspecialchars($title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false));
else return htmlspecialchars($title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
function getContentText($strlen = 0)
@ -365,7 +365,7 @@ class documentItem extends Object
if($strlen) return cut_str(strip_tags($content),$strlen,'...');
return htmlspecialchars($content);
return htmlspecialchars($content, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
function _addAllowScriptAccess($m)

2
modules/document/tpl/document_list.html
View file

@ -115,7 +115,7 @@ xe.lang.msg_empty_search_keyword = '{$lang->msg_empty_search_keyword}';
<option value="{$key}" <!--@if($search_target==$key)-->selected="selected"<!--@end-->>{$val}</option>
<!--@end-->
</select>
<input type="search" name="search_keyword" value="{htmlspecialchars($search_keyword)}" title="{$lang->cmd_search}" />
<input type="search" name="search_keyword" value="{htmlspecialchars($search_keyword, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}" title="{$lang->cmd_search}" />
<button type="submit" class="x_btn x_btn-inverse">{$lang->cmd_search}</button>
<a href="{getUrl('','module',$module,'act',$act)}" class="x_btn">{$lang->cmd_cancel}</a>
</form>

2
modules/document/tpl/document_trash_list.html
View file

@ -44,7 +44,7 @@
[{$oDocument->getTrackbackCount()}]
<!--@end-->
</td>
<td><a href="#popup_menu_area" class="member_{$oDocument->get('trash_member_srl')}">{htmlspecialchars($oDocument->get('trash_nick_name'))}</a></td>
<td><a href="#popup_menu_area" class="member_{$oDocument->get('trash_member_srl')}">{htmlspecialchars($oDocument->get('trash_nick_name'), ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}</a></td>
<td>{zdate($oDocument->get('trash_date'), "Y-m-d H:i:s")}</td>
<td>{$oDocument->get('ipaddress')}</td>
<td >{$oDocument->get('trash_description')}</td>

2
modules/document/tpl/extra_keys.html
View file

@ -30,7 +30,7 @@
<div class="x_control-group">
<label class="x_control-label" for="lang_name">{$lang->column_name}</label>
<div class="x_controls">
<input type="text" name="name" id="name" value="<!--@if(strpos($selected_var->name, '$user_lang->') === false)-->{$selected_var->name}<!--@else-->{htmlspecialchars($selected_var->name)}<!--@end-->" class="lang_code" placeholder="Ex) Your favorite color." />
<input type="text" name="name" id="name" value="<!--@if(strpos($selected_var->name, '$user_lang->') === false)-->{$selected_var->name}<!--@else-->{htmlspecialchars($selected_var->name, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}<!--@end-->" class="lang_code" placeholder="Ex) Your favorite color." />
</div>
</div>
<div class="x_control-group">