aboutsummaryrefslogtreecommitdiffstats
path: root/admin
diff options
context:
space:
mode:
authorvdigital <vdigital@piwigo.org>2007-01-27 18:52:20 +0000
committervdigital <vdigital@piwigo.org>2007-01-27 18:52:20 +0000
commit0a366bae9771766cf4bba47d8a3fa17be4d844c5 (patch)
treeb008ebb81eb2b393fca2390468d9f5a0804c4a6f /admin
parent9ab24e423b52e7f9503e849a403e3757033d91d1 (diff)
Web Service Revise ws_checker and ws_functions.inc.php
(Next steps: - Restrict Method need to be more generic maybe - Delete functions_webserv.inc.php - Activate $partner in ws.php - Include checked access in tools - ...) git-svn-id: http://piwigo.org/svn/trunk@1760 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r--admin.php2
-rw-r--r--admin/ws_checker.php21
2 files changed, 9 insertions, 14 deletions
diff --git a/admin.php b/admin.php
index 73b5ebb9a..f124980fc 100644
--- a/admin.php
+++ b/admin.php
@@ -114,7 +114,7 @@ $template->assign_vars(
'L_ADMIN_HINT' => $lang['hint_admin']
)
);
-if ($conf['allow_web_services'])
+if ($conf['ws_access_control']) // Do we need to display ws_checker
{
$template->assign_block_vars(
'web_services',
diff --git a/admin/ws_checker.php b/admin/ws_checker.php
index c90e55802..e887da3a2 100644
--- a/admin/ws_checker.php
+++ b/admin/ws_checker.php
@@ -2,7 +2,7 @@
// +-----------------------------------------------------------------------+
// | PhpWebGallery - a PHP based picture gallery |
// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
+// | Copyright (C) 2003-2007 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
// | file : $RCSfile$
@@ -62,11 +62,9 @@ if (isset($_POST['wsa_submit']))
{
// Check $_post (Some values are commented - maybe a future use)
$add_partner = htmlspecialchars( $_POST['add_partner'], ENT_QUOTES);
-$add_access = check_target( $_POST['add_access']) ;
-$add_start = 0; // ( is_numeric($_POST['add_start']) ) ? $_POST['add_start']:0;
+$add_target = check_target( $_POST['add_target']) ;
$add_end = ( is_numeric($_POST['add_end']) ) ? $_POST['add_end']:0;
-$add_request = ( ctype_alpha($_POST['add_request']) ) ?
- $_POST['add_request']:'';
+$add_request = htmlspecialchars( $_POST['add_request'], ENT_QUOTES);
$add_high = 'true'; // ( $_POST['add_high'] == 'true' ) ? 'true':'false';
$add_normal = 'true'; // ( $_POST['add_normal'] == 'true' ) ? 'true':'false';
$add_limit = ( is_numeric($_POST['add_limit']) ) ? $_POST['add_limit']:1;
@@ -79,8 +77,8 @@ INSERT INTO '.WEB_SERVICES_ACCESS_TABLE.'
( `name` , `access` , `start` , `end` , `request` ,
`high` , `normal` , `limit` , `comment` )
VALUES (' . "
- '$add_partner', '$add_access',
- ADDDATE( NOW(), INTERVAL $add_start DAY),
+ '$add_partner', '$add_target',
+ NOW(),
ADDDATE( NOW(), INTERVAL $add_end DAY),
'$add_request', '$add_high', '$add_normal', '$add_limit', '$add_comment' );";
@@ -207,12 +205,9 @@ while ($row = mysql_fetch_array($result))
'ID' => $row['id'],
'NAME' =>
(is_adviser()) ? '*********' : $row['name'],
- 'ACCESS' => $row['access'],
- 'START' => $row['start'],
+ 'TARGET' => $row['access'],
'END' => $row['end'],
- 'FORCE' => $row['request'],
- 'HIGH' => $row['high'],
- 'NORMAL' => $row['normal'],
+ 'REQUEST' => $row['request'],
'LIMIT' => $row['limit'],
'COMMENT' => $row['comment'],
'SELECTED' => '',
@@ -234,7 +229,7 @@ foreach ($req_type_list as $value) {
'add_request',
array(
'VALUE'=> $value,
- 'CONTENT' => $lang['ws_'.$value],
+ 'CONTENT' => $value,
'SELECTED' => '',
)
);