Changeset 687
- Timestamp:
- 11/04/06 16:14:35 (2 years ago)
- Files:
-
- devel/_elggadmin/lib.php (modified) (3 diffs)
- devel/content/mainindex/content_loggedout.php (modified) (1 diff)
- devel/content/mainindex/content_main_index.php (modified) (1 diff)
- devel/content/mainindex/content_main_privacy.php (modified) (1 diff)
- devel/units/communities/userdetails_edit.php (modified) (1 diff)
- devel/units/groups/get_groups.php (modified) (1 diff)
- devel/units/magpie/function_subscriptions_publish_to_blog.php (modified) (1 diff)
- devel/units/templates/templates_edit.php (modified) (1 diff)
- devel/units/weblogs/weblogs_posts_edit.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
devel/_elggadmin/lib.php
r686 r687 179 179 180 180 case "requiredstring": 181 case "integer": echo "<input type=\"text\" name=\"$name\" value=\"" . html entities($value) . "\" />";181 case "integer": echo "<input type=\"text\" name=\"$name\" value=\"" . htmlspecialchars($value) . "\" />"; 182 182 break; 183 183 case "access": … … 206 206 } 207 207 } else { 208 echo "<input type=\"text\" name=\"$name\" value=\"" . html entities($value) . "\" />";208 echo "<input type=\"text\" name=\"$name\" value=\"" . htmlspecialchars($value) . "\" />"; 209 209 } 210 210 … … 545 545 <div id="navigation"><!-- start navigation --> 546 546 <ul> 547 548 549 547 <li><a href="index.php" {$current['config']}>Site configuration</a></li> 548 <li><a href="theme.php" {$current['theme']}>Site theme</a></li> 549 <li><a href="frontpage.php" {$current['frontpage']}>Front page</a></li> 550 550 <!-- <li><a href="profile.php" {$current['profile']}>Profile fields</a></li> 551 551 <li><a href="plugins.php" {$current['plugins']}>Plugins</a></li> --> 552 552 </ul> 553 553 </div> devel/content/mainindex/content_loggedout.php
r659 r687 36 36 if ($news = get_record_sql("SELECT wp.* FROM ".$CFG->prefix."weblog_posts wp 37 37 JOIN ".$CFG->prefix."users u ON u.ident = wp.weblog 38 WHERE u.username = ? ORDER BY posted DESC LIMIT 1",array('news'),false)) {38 WHERE u.username = ? ORDER BY posted DESC",array('news'),false)) { 39 39 $run_result .= "<div class=\"siteNews\">"; 40 40 $run_result .= "<h2>" . __gettext("Latest news") . "</h2>"; devel/content/mainindex/content_main_index.php
r659 r687 37 37 if ($news = get_record_sql("SELECT wp.* FROM ".$CFG->prefix."weblog_posts wp 38 38 JOIN ".$CFG->prefix."users u ON u.ident = wp.weblog 39 WHERE u.username = ? ORDER BY posted DESC LIMIT 1",array('news'),false)) {39 WHERE u.username = ? ORDER BY posted DESC",array('news'),false)) { 40 40 $run_result .= "<div class=\"sitenews\">"; 41 41 $run_result .= "<h2>" . __gettext("Latest news") . "</h2>"; devel/content/mainindex/content_main_privacy.php
r447 r687 1 1 <?php 2 global $CFG; 2 3 3 4 $sitename = sitename; devel/units/communities/userdetails_edit.php
r659 r687 82 82 'context' => 'databox', 83 83 'name' => __gettext("Community owner"), 84 'column1' => "<input type=\"text\" name=\"community_owner\" value=\"" . html entities($owner_username) . "\" />"84 'column1' => "<input type=\"text\" name=\"community_owner\" value=\"" . htmlspecialchars($owner_username) . "\" />" 85 85 ) 86 86 ); devel/units/groups/get_groups.php
r269 r687 22 22 $tempdata->ident = $group->ident; 23 23 $tempdata->access = $group->access; 24 $members = get_records_sql(" selectgm.user_id,25 u.name from".$CFG->prefix."group_membership gm26 join ".$CFG->prefix."users u onu.ident = gm.user_id27 where gm.group_id = ?", array($tempdata->ident));24 $members = get_records_sql("SELECT gm.user_id, 25 u.name FROM ".$CFG->prefix."group_membership gm 26 JOIN ".$CFG->prefix."users u ON u.ident = gm.user_id 27 WHERE gm.group_id = ? ORDER BY u.name", array($tempdata->ident)); 28 28 $tempdata->members = $members; 29 29 devel/units/magpie/function_subscriptions_publish_to_blog.php
r667 r687 39 39 if (run("permissions:check", "profile")) { 40 40 $name .= "<br />"; 41 $name .= __gettext("Keywords: ") . "<input type=\"text\" name=\"keywords[" . $feed->subid . "]\" value=\"" . html entities(stripslashes($feed->autopost_tag)) . "\" />";41 $name .= __gettext("Keywords: ") . "<input type=\"text\" name=\"keywords[" . $feed->subid . "]\" value=\"" . htmlspecialchars(stripslashes($feed->autopost_tag)) . "\" />"; 42 42 } 43 43 $column2 = "<a href=\"".url."_rss/individual.php?feed=".$feed->ident."\">". __gettext("View content") . "</a>"; devel/units/templates/templates_edit.php
r659 r687 74 74 } 75 75 76 if ( $current_template[$element['id']] == "" || !isset($current_template[$element['id']])) {76 if (empty($current_template[$element['id']])) { 77 77 $current_template[$element['id']] = $template[$element['id']]; 78 78 } devel/units/weblogs/weblogs_posts_edit.php
r659 r687 11 11 12 12 if (!run("permissions:check", array("weblog:edit",$post->owner))) { 13 exit( );13 exit(__gettext("Access Denied")); 14 14 } 15 15
