aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorrvelices <rv-github@modusoptimus.com>2007-09-12 03:52:16 +0000
committerrvelices <rv-github@modusoptimus.com>2007-09-12 03:52:16 +0000
commit0a8cfa318a853943bc315d17c36cc4d7d6680f8b (patch)
treec0d1aefe7c9627bb26b9ab31478f9a1a9742de77
parent160fdcf517c4ac3fad9d9c914abeaaa65e791428 (diff)
urls used in http redirections must not be html escaped (eg. should use & instead of &amp;)
git-svn-id: http://piwigo.org/svn/branches/branch-1_7@2088 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r--admin/notification_by_mail.php24
-rw-r--r--admin/user_list.php12
-rw-r--r--include/functions.inc.php13
3 files changed, 23 insertions, 26 deletions
diff --git a/admin/notification_by_mail.php b/admin/notification_by_mail.php
index 8d1cc6520..377aed03e 100644
--- a/admin/notification_by_mail.php
+++ b/admin/notification_by_mail.php
@@ -84,7 +84,7 @@ function do_timeout_treatment($post_keyname, $check_key_treated = array())
$must_repost = true;
array_push($page['errors'],
- l10n_dec('nbm_background_treatment_redirect_second',
+ l10n_dec('nbm_background_treatment_redirect_second',
'nbm_background_treatment_redirect_seconds',
$time_refresh));
}
@@ -164,7 +164,7 @@ order by
// Insert new nbm_users
array_push
(
- $inserts,
+ $inserts,
array
(
'user_id' => $nbm_user['user_id'],
@@ -175,10 +175,10 @@ order by
array_push
(
- $page['infos'],
+ $page['infos'],
sprintf(
- l10n('nbm_user_x_added'),
- $nbm_user['username'],
+ l10n('nbm_user_x_added'),
+ $nbm_user['username'],
get_email_address_as_display_text($nbm_user['mail_address'])
)
);
@@ -203,7 +203,7 @@ order by
$query = 'delete from '.USER_MAIL_NOTIFICATION_TABLE.' where check_key in ('.implode(",", $quoted_check_key_list).');';
$result = pwg_query($query);
- redirect($base_url.get_query_string_diff(array()), l10n('nbm_redirect_msg'));
+ redirect($base_url.get_query_string_diff(array(), false), l10n('nbm_redirect_msg'));
}
}
}
@@ -218,7 +218,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
{
global $conf, $page, $user, $lang_info, $lang, $env_nbm;
$return_list = array();
-
+
if (in_array($action, array('list_to_send', 'send')))
{
list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();'));
@@ -313,7 +313,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
'content_new_elements_between',
array
(
- 'DATE_BETWEEN_1' => $nbm_user['last_send'],
+ 'DATE_BETWEEN_1' => $nbm_user['last_send'],
'DATE_BETWEEN_2' => $dbnow,
'END_PUNCT' => $end_punct
)
@@ -421,7 +421,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l
array_push($return_list, $nbm_user);
}
}
-
+
// unset env nbm user
unset_user_on_env_nbm();
}
@@ -519,7 +519,7 @@ where
$updated_param_count += 1;
}
}
-
+
array_push($page['infos'],
l10n_dec('nbm_updated_param_count', 'nbm_updated_params_count',
$updated_param_count));
@@ -586,7 +586,7 @@ if (is_autorize_status(ACCESS_WEBMASTER))
'param' => array
(
'caption' => l10n('nbm_param_mode'),
- 'url' => add_url_params($base_url.get_query_string_diff(array('mode', 'select')),
+ 'url' => add_url_params($base_url.get_query_string_diff(array('mode', 'select')),
array('mode' => 'param'))
),
'subscribe' => array
@@ -626,7 +626,7 @@ if ($must_repost)
$template->assign_block_vars
(
- 'repost',
+ 'repost',
array
(
'REPOST_SUBMIT_NAME' => $repost_submit_name
diff --git a/admin/user_list.php b/admin/user_list.php
index 1c7a752d4..6bd8c4046 100644
--- a/admin/user_list.php
+++ b/admin/user_list.php
@@ -256,7 +256,7 @@ if (isset($_POST['delete']) and count($collection) > 0)
{
array_push($page['errors'], l10n('Guest cannot be deleted'));
}
- if (($conf['guest_id'] != $conf['default_user_id']) and
+ if (($conf['guest_id'] != $conf['default_user_id']) and
in_array($conf['default_user_id'], $collection))
{
array_push($page['errors'], l10n('Default user cannot be deleted'));
@@ -353,7 +353,7 @@ DELETE FROM '.USER_GROUP_TABLE.'
'recent_period', 'maxwidth', 'expand', 'show_nb_comments',
'show_nb_hits', 'maxheight', 'status', 'enabled_high');
- $true_false_fields = array('expand', 'show_nb_comments',
+ $true_false_fields = array('expand', 'show_nb_comments',
'show_nb_hits', 'enabled_high');
if ($conf['allow_adviser'])
{
@@ -438,11 +438,7 @@ DELETE FROM '.USER_GROUP_TABLE.'
redirect(
PHPWG_ROOT_PATH.
'admin.php'.
- get_query_string_diff(
- array(
- 'start'
- )
- )
+ get_query_string_diff(array(), false)
);
}
@@ -836,7 +832,7 @@ foreach ($visible_user_list as $num => $local_user)
? '<BR />['.l10n('adviser').']' : ''),
'EMAIL' => get_email_address_as_display_text($local_user['email']),
'GROUPS' => $groups_string,
- 'PROPERTIES' =>
+ 'PROPERTIES' =>
(isset($local_user['enabled_high']) and ($local_user['enabled_high'] == 'true'))
? $lang['is_high_enabled'] : $lang['is_high_disabled']
)
diff --git a/include/functions.inc.php b/include/functions.inc.php
index b120cd0a6..aee815866 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -428,7 +428,7 @@ function pwg_log($image_id = null, $image_type = null)
}
$do_log = trigger_event('pwg_log_allowed', $do_log, $image_id, $image_type);
-
+
if (!$do_log)
{
return false;
@@ -458,7 +458,7 @@ SELECT CURDATE(), CURTIME()
list($curyear, $curmonth, $curday) = explode('-', $curdate);
list($curhour) = explode(':', $curtime);
-
+
$query = '
INSERT INTO '.HISTORY_TABLE.'
(
@@ -711,9 +711,10 @@ function redirect( $url , $msg = '', $refresh_time = 0)
* returns $_SERVER['QUERY_STRING'] whitout keys given in parameters
*
* @param array $rejects
+ * @param boolean $escape - if true escape & to &amp; (for html)
* @returns string
*/
-function get_query_string_diff($rejects = array())
+function get_query_string_diff($rejects=array(), $escape=true)
{
$query_string = '';
@@ -725,7 +726,7 @@ function get_query_string_diff($rejects = array())
{
if (!in_array($key, $rejects))
{
- $query_string.= $is_first ? '?' : '&amp;';
+ $query_string.= $is_first ? '?' : ($escape ? '&amp;' : '&' );
$is_first = false;
$query_string.= $key.'='.$value;
}
@@ -837,7 +838,7 @@ function get_thumbnail_title($element_info)
{
$thumbnail_title = '';
}
-
+
if (!empty($element_info['filesize']))
{
$thumbnail_title .= ' : '.l10n_dec('%d Kb', '%d Kb', $element_info['filesize']);
@@ -1073,7 +1074,7 @@ function get_l10n_args($key, $args)
* returns a string with formated with l10n_args elements
*
* @param element/array $key_args: element or array of l10n_args elements
- * @param $sep: if $key_args is array,
+ * @param $sep: if $key_args is array,
* separator is used when translated l10n_args elements are concated
* @return string
*/