diff options
author | vdigital <vdigital@piwigo.org> | 2007-01-27 18:52:20 +0000 |
---|---|---|
committer | vdigital <vdigital@piwigo.org> | 2007-01-27 18:52:20 +0000 |
commit | 0a366bae9771766cf4bba47d8a3fa17be4d844c5 (patch) | |
tree | b008ebb81eb2b393fca2390468d9f5a0804c4a6f /admin | |
parent | 9ab24e423b52e7f9503e849a403e3757033d91d1 (diff) |
Web Service Revise ws_checker and ws_functions.inc.php
(Next steps:
- Restrict Method need to be more generic maybe
- Delete functions_webserv.inc.php
- Activate $partner in ws.php
- Include checked access in tools
- ...)
git-svn-id: http://piwigo.org/svn/trunk@1760 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r-- | admin.php | 2 | ||||
-rw-r--r-- | admin/ws_checker.php | 21 |
2 files changed, 9 insertions, 14 deletions
@@ -114,7 +114,7 @@ $template->assign_vars( 'L_ADMIN_HINT' => $lang['hint_admin'] ) ); -if ($conf['allow_web_services']) +if ($conf['ws_access_control']) // Do we need to display ws_checker { $template->assign_block_vars( 'web_services', diff --git a/admin/ws_checker.php b/admin/ws_checker.php index c90e55802..e887da3a2 100644 --- a/admin/ws_checker.php +++ b/admin/ws_checker.php @@ -2,7 +2,7 @@ // +-----------------------------------------------------------------------+ // | PhpWebGallery - a PHP based picture gallery | // | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net | -// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net | +// | Copyright (C) 2003-2007 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) // | file : $RCSfile$ @@ -62,11 +62,9 @@ if (isset($_POST['wsa_submit'])) { // Check $_post (Some values are commented - maybe a future use) $add_partner = htmlspecialchars( $_POST['add_partner'], ENT_QUOTES); -$add_access = check_target( $_POST['add_access']) ; -$add_start = 0; // ( is_numeric($_POST['add_start']) ) ? $_POST['add_start']:0; +$add_target = check_target( $_POST['add_target']) ; $add_end = ( is_numeric($_POST['add_end']) ) ? $_POST['add_end']:0; -$add_request = ( ctype_alpha($_POST['add_request']) ) ? - $_POST['add_request']:''; +$add_request = htmlspecialchars( $_POST['add_request'], ENT_QUOTES); $add_high = 'true'; // ( $_POST['add_high'] == 'true' ) ? 'true':'false'; $add_normal = 'true'; // ( $_POST['add_normal'] == 'true' ) ? 'true':'false'; $add_limit = ( is_numeric($_POST['add_limit']) ) ? $_POST['add_limit']:1; @@ -79,8 +77,8 @@ INSERT INTO '.WEB_SERVICES_ACCESS_TABLE.' ( `name` , `access` , `start` , `end` , `request` , `high` , `normal` , `limit` , `comment` ) VALUES (' . " - '$add_partner', '$add_access', - ADDDATE( NOW(), INTERVAL $add_start DAY), + '$add_partner', '$add_target', + NOW(), ADDDATE( NOW(), INTERVAL $add_end DAY), '$add_request', '$add_high', '$add_normal', '$add_limit', '$add_comment' );"; @@ -207,12 +205,9 @@ while ($row = mysql_fetch_array($result)) 'ID' => $row['id'], 'NAME' => (is_adviser()) ? '*********' : $row['name'], - 'ACCESS' => $row['access'], - 'START' => $row['start'], + 'TARGET' => $row['access'], 'END' => $row['end'], - 'FORCE' => $row['request'], - 'HIGH' => $row['high'], - 'NORMAL' => $row['normal'], + 'REQUEST' => $row['request'], 'LIMIT' => $row['limit'], 'COMMENT' => $row['comment'], 'SELECTED' => '', @@ -234,7 +229,7 @@ foreach ($req_type_list as $value) { 'add_request', array( 'VALUE'=> $value, - 'CONTENT' => $lang['ws_'.$value], + 'CONTENT' => $value, 'SELECTED' => '', ) ); |