fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-14 00:39:57 +09:00
Code Issues Projects Releases Packages Wiki Activity

#66 install php version check

Browse source 
#16 install rewrite module usable check
#48 htmlspecialchars function params add
This commit is contained in:
akasima 2013-11-18 16:54:17 +09:00 committed by bnu
parent 51b6b21cf2
commit 736f382b27
93 changed files with 240 additions and 215 deletions
Download patch file Download diff file Expand all files Collapse all files

2
modules/member/member.admin.model.php
View file

@ -73,7 +73,7 @@ class memberAdminModel extends member
case 'nick_name' :
if($search_keyword) $search_keyword = str_replace(' ','%',$search_keyword);
$args->s_nick_name = $search_keyword;
$args->html_nick_name = htmlspecialchars($search_keyword);
$args->html_nick_name = htmlspecialchars($search_keyword, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
break;
case 'email_address' :
if($search_keyword) $search_keyword = str_replace(' ','%',$search_keyword);

6
modules/member/member.controller.php
View file

@ -1874,9 +1874,9 @@ class memberController extends member
$oDB->begin();
// Insert data into the DB
$args->list_order = -1 * $args->member_srl;
$args->nick_name = htmlspecialchars($args->nick_name);
$args->homepage = htmlspecialchars($args->homepage);
$args->blog = htmlspecialchars($args->blog);
$args->nick_name = htmlspecialchars($args->nick_name, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
$args->homepage = htmlspecialchars($args->homepage, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
$args->blog = htmlspecialchars($args->blog, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
if($args->password && !$password_is_hashed) $args->password = md5($args->password);
elseif(!$args->password) unset($args->password);

6
modules/member/member.model.php
View file

@ -141,16 +141,16 @@ class memberModel extends member
// Send an email
if($member_info->email_address)
{
$url = 'mailto:'.htmlspecialchars($member_info->email_address);
$url = 'mailto:'.htmlspecialchars($member_info->email_address, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
$oMemberController->addMemberPopupMenu($url,'cmd_send_email',$icon_path);
}
}
// View homepage info
if($member_info->homepage)
$oMemberController->addMemberPopupMenu(htmlspecialchars($member_info->homepage), 'homepage', '', 'blank');
$oMemberController->addMemberPopupMenu(htmlspecialchars($member_info->homepage, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), 'homepage', '', 'blank');
// View blog info
if($member_info->blog)
$oMemberController->addMemberPopupMenu(htmlspecialchars($member_info->blog), 'blog', '', 'blank');
$oMemberController->addMemberPopupMenu(htmlspecialchars($member_info->blog, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), 'blog', '', 'blank');
// Call a trigger (after)
ModuleHandler::triggerCall('member.getMemberMenu', 'after', $null);
// Display a menu for editting member info to a top administrator

2
modules/member/member.view.php
View file

@ -416,7 +416,7 @@ class memberView extends member
Context::set('identifier', $config->identifier);
// Set a template file
Context::set('referer_url', htmlspecialchars($_SERVER['HTTP_REFERER']));
Context::set('referer_url', htmlspecialchars($_SERVER['HTTP_REFERER'], ENT_COMPAT | ENT_HTML401, 'UTF-8', false));
$this->setTemplateFile('login_form');
}

2
modules/member/skins/default/modify_info.html
View file

@ -16,7 +16,7 @@
<input type="hidden" name="act" value="procMemberModifyInfo" />
<input type="hidden" name="module" value="member" />
<input type="hidden" name="member_srl" value="{$member_info->member_srl}" />
<input type="hidden" name="signature" value="{htmlspecialchars($member_info->signature)}" />
<input type="hidden" name="signature" value="{htmlspecialchars($member_info->signature, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}" />
<input type="hidden" name="page" value="{$page}" />
<input type="hidden" name="xe_validator_id" value="modules/member/skins/default/modify_info/1" />
<div class="control-group">

2
modules/member/skins/default/scrapped_list.html
View file

@ -14,7 +14,7 @@
<tbody>
<tr loop="$document_list=>$no,$val">
<td>{$no}</td>
<td class="title"><a href="{getUrl('','document_srl',$val->document_srl)}" onclick="window.open(this.href);return false;">{htmlspecialchars($val->title)}</a></td>
<td class="title"><a href="{getUrl('','document_srl',$val->document_srl)}" onclick="window.open(this.href);return false;">{htmlspecialchars($val->title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}</a></td>
<td><a href="#popup_menu_area" class="member_{$val->target_member_srl}">{$val->nick_name}</a></td>
<td>{zdate($val->regdate, "Y-m-d")}</td>
<td><button type="button" class="text" onclick="doDeleteScrap({$val->document_srl});">{$lang->cmd_delete}</button></td>

4
modules/member/tpl/group_list.html
View file

@ -52,7 +52,7 @@
<div class="wrap">
<button type="button" class="dragBtn">Move to</button>
<input type="hidden" name="group_srls[]" value="{$group_info->group_srl}" />
<input type="text" name="group_titles[]" value="{htmlspecialchars($group_info->title)}" class="lang_code" title="{$lang->group_title}" />
<input type="text" name="group_titles[]" value="{htmlspecialchars($group_info->title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}" class="lang_code" title="{$lang->group_title}" />
<a class="x_icon-question-sign" href="./admin/help/index.html#UMAN_faq_administrator" target="_blank" cond="$group_info->title == '관리그룹'">{$lang->help}</a>
</div>
</td>
@ -60,7 +60,7 @@
<td><input type="radio" name="defaultGroup" value="{$group_info->group_srl}" title="Default" checked="checked"|cond="$group_info->is_default=='Y'" /></td>
<td class="_imageMarkButton">
<input type="hidden" name="image_marks[]" value="{$group_info->image_mark}" class="_imgMarkHidden" />
<img src="{$group_info->image_mark}" alt="{htmlspecialchars($group_info->title)}" cond="$config->group_image_mark == 'Y' && $group_info->image_mark" />
<img src="{$group_info->image_mark}" alt="{htmlspecialchars($group_info->title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}" cond="$config->group_image_mark == 'Y' && $group_info->image_mark" />
<a href="#imageMark" class="modalAnchor _imageMark filebox">{$lang->cmd_modify}</a>
</td>
<td><div class="_deleteTD" style="display:none"|cond="$group_info->is_default == 'Y'"><a href="#{$group_srl}" class="_deleteGroup">{$lang->cmd_delete}</a></div></td>

2
modules/member/tpl/insert_member.html
View file

@ -17,7 +17,7 @@
<input type="hidden" name="module" value="member" />
<input type="hidden" name="act" value="procMemberAdminInsert" />
<input type="hidden" name="member_srl" value="{$member_srl}" />
<input type="hidden" name="signature" value="{htmlspecialchars($member_info->signature)}" />
<input type="hidden" name="signature" value="{htmlspecialchars($member_info->signature, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}" />
<input type="hidden" name="success_return_url" value="{getUrl('act', $act)}" cond="$member_srl" />
<input type="hidden" name="success_return_url" value="{getUrl('act', 'dispMemberAdminList')}" cond="!$member_srl" />
<input type="hidden" name="xe_validator_id" value="modules/member/tpl/insert_member/1" />

2
modules/member/tpl/member_list.html
View file

@ -124,7 +124,7 @@
{@$lang->search_target_list = array_merge($lang->search_target_list, $usedIdentifiers)}
<option value="{$key}" loop="$lang->search_target_list=>$key,$val" selected="selected"|cond="$search_target==$key">{$val}</option>
</select>
<input type="search" name="search_keyword" value="{htmlspecialchars($search_keyword)}" style="width:140px">
<input type="search" name="search_keyword" value="{htmlspecialchars($search_keyword, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}" style="width:140px">
<button class="x_btn x_btn-inverse" type="submit">{$lang->cmd_search}</button>
<a class="x_btn" href="{getUrl('', 'module', 'admin', 'act', 'dispMemberAdminList', 'page', $page)}">{$lang->cmd_cancel}</a>
</form>