From b12f6314c43aa013e80e10414cf41eac988c26fa Mon Sep 17 00:00:00 2001 From: plegall Date: Wed, 12 Nov 2014 13:34:53 +0000 Subject: fixes #288 on branch 2.7 (cherry-pick of commit 40256be64a61f3f8fda734a292d47c0ba4d54c1c from master) bug 3174 fixed: avoid using load_conf_from_db, use 3rd parameter updateGlobal instead git-svn-id: http://piwigo.org/svn/trunk@30460 68402e56-0260-453c-a942-63ccdbb3a9ee --- themes/elegant/admin/admin.inc.php | 5 ++--- themes/elegant/admin/upgrade.inc.php | 27 ++++++++++++--------------- themes/smartpocket/admin/admin.inc.php | 5 ++--- themes/smartpocket/admin/maintain.inc.php | 22 ++++++++++------------ themes/smartpocket/admin/upgrade.inc.php | 22 +++++++++------------- themes/smartpocket/themeconf.inc.php | 2 +- 6 files changed, 36 insertions(+), 47 deletions(-) (limited to 'themes') diff --git a/themes/elegant/admin/admin.inc.php b/themes/elegant/admin/admin.inc.php index bbb03c1c7..7f68dc072 100644 --- a/themes/elegant/admin/admin.inc.php +++ b/themes/elegant/admin/admin.inc.php @@ -14,8 +14,7 @@ if(isset($_POST['submit_elegant'])) $config_send['p_pict_descr']=(isset($_POST['p_pict_descr']) and !empty($_POST['p_pict_descr'])) ? $_POST['p_pict_descr'] : 'on'; $config_send['p_pict_comment']=(isset($_POST['p_pict_comment']) and !empty($_POST['p_pict_comment'])) ? $_POST['p_pict_comment'] : 'off'; - $conf['elegant'] = serialize($config_send); - conf_update_param('elegant', pwg_db_real_escape_string($conf['elegant'])); + conf_update_param('elegant', $config_send, true); array_push($page['infos'], l10n('Information data registered in database')); } @@ -23,7 +22,7 @@ if(isset($_POST['submit_elegant'])) $template->set_filenames(array( 'theme_admin_content' => dirname(__FILE__) . '/admin.tpl')); -$template->assign('options', unserialize($conf['elegant'])); +$template->assign('options', safe_unserialize($conf['elegant'])); $template->assign_var_from_handle('ADMIN_CONTENT', 'theme_admin_content'); diff --git a/themes/elegant/admin/upgrade.inc.php b/themes/elegant/admin/upgrade.inc.php index 6cda1318a..b07fb4768 100644 --- a/themes/elegant/admin/upgrade.inc.php +++ b/themes/elegant/admin/upgrade.inc.php @@ -7,25 +7,22 @@ global $prefixeTable, $conf; if (!isset($conf['elegant'])) { $config = array( - 'p_main_menu' => 'on',//on - off - disabled - 'p_pict_descr' => 'on',//on - off - disabled - 'p_pict_comment' => 'off',//on - off - disabled + 'p_main_menu' => 'on', //on - off - disabled + 'p_pict_descr' => 'on', //on - off - disabled + 'p_pict_comment' => 'off', //on - off - disabled ); - $query = " -INSERT INTO " . CONFIG_TABLE . " (param,value,comment) -VALUES ('elegant' , '".pwg_db_real_escape_string(serialize($config))."' , 'p_main_menu#');"; - pwg_query($query); - load_conf_from_db(); + + conf_update_param('elegant', $config, true); } -elseif (count(unserialize( $conf['elegant'] ))!=3) +elseif (count(safe_unserialize( $conf['elegant'] ))!=3) { - $conff=unserialize($conf['elegant']); + $conff = safe_unserialize($conf['elegant']); $config = array( - 'p_main_menu' => (isset($conff['p_main_menu'])) ? $conff['p_main_menu'] :'on', - 'p_pict_descr' => (isset($conff['p_pict_descr'])) ? $conff['p_pict_descr'] :'on', - 'p_pict_comment' => (isset($conff['p_pict_comment'])) ? $conff['p_pict_comment'] :'off', + 'p_main_menu' => (isset($conff['p_main_menu'])) ? $conff['p_main_menu'] :'on', + 'p_pict_descr' => (isset($conff['p_pict_descr'])) ? $conff['p_pict_descr'] :'on', + 'p_pict_comment' => (isset($conff['p_pict_comment'])) ? $conff['p_pict_comment'] :'off', ); - conf_update_param('elegant', pwg_db_real_escape_string(serialize($config))); - load_conf_from_db(); + + conf_update_param('elegant', $config, true); } ?> \ No newline at end of file diff --git a/themes/smartpocket/admin/admin.inc.php b/themes/smartpocket/admin/admin.inc.php index a5a9300c4..6b2069837 100644 --- a/themes/smartpocket/admin/admin.inc.php +++ b/themes/smartpocket/admin/admin.inc.php @@ -13,8 +13,7 @@ if(isset($_POST['submit_smartpocket'])) $config_send['loop'] = isset($_POST['loop']); $config_send['autohide'] = (isset($_POST['autohide']) ? 5000 : 0); - $conf['smartpocket'] = serialize($config_send); - conf_update_param('smartpocket', pwg_db_real_escape_string($conf['smartpocket'])); + conf_update_param('smartpocket', $config_send, true); array_push($page['infos'], l10n('Information data registered in database')); } @@ -22,7 +21,7 @@ if(isset($_POST['submit_smartpocket'])) $template->set_filenames(array( 'theme_admin_content' => dirname(__FILE__) . '/admin.tpl')); -$template->assign('options', unserialize($conf['smartpocket'])); +$template->assign('options', safe_unserialize($conf['smartpocket'])); $template->assign_var_from_handle('ADMIN_CONTENT', 'theme_admin_content'); diff --git a/themes/smartpocket/admin/maintain.inc.php b/themes/smartpocket/admin/maintain.inc.php index d3beb4873..92fe7b1e3 100644 --- a/themes/smartpocket/admin/maintain.inc.php +++ b/themes/smartpocket/admin/maintain.inc.php @@ -14,27 +14,25 @@ class smartpocket_maintain extends ThemeMaintain if (empty($conf['smartpocket'])) { - $conf['smartpocket'] = serialize($this->default_conf); - $query = " - INSERT INTO " . CONFIG_TABLE . " (param,value,comment) - VALUES ('smartpocket' , '".pwg_db_real_escape_string($conf['smartpocket'])."' , 'loop#autohide');"; - pwg_query($query); + conf_update_param('smartpocket', $this->default_conf, true); } - elseif (count(unserialize( $conf['smartpocket'] ))!=2) + elseif (count(safe_unserialize($conf['smartpocket'])) != 2) { - $conff=unserialize($conf['smartpocket']); + $conff = safe_unserialize($conf['smartpocket']); + $config = array( - 'loop' => (!empty($conff['loop'])) ? $conff['loop'] :true, - 'autohide' => (!empty($conff['autohide'])) ? $conff['autohide'] :5000, + 'loop' => (!empty($conff['loop'])) ? $conff['loop'] :true, + 'autohide' => (!empty($conff['autohide'])) ? $conff['autohide'] :5000, ); - conf_update_param('smartpocket', pwg_db_real_escape_string(serialize($config))); - load_conf_from_db(); + + conf_update_param('smartpocket', $config, true); } $this->installed = true; } function deactivate() - { } + { + } function delete() { diff --git a/themes/smartpocket/admin/upgrade.inc.php b/themes/smartpocket/admin/upgrade.inc.php index 1e1925d77..53e4e1aae 100644 --- a/themes/smartpocket/admin/upgrade.inc.php +++ b/themes/smartpocket/admin/upgrade.inc.php @@ -7,23 +7,19 @@ global $prefixeTable, $conf; if (!isset($conf['smartpocket'])) { $config = array( - 'loop' => true,//true - false - 'autohide' => 5000,//5000 - 0 + 'loop' => true,//true - false + 'autohide' => 5000,//5000 - 0 ); - $query = " -INSERT INTO " . CONFIG_TABLE . " (param,value,comment) -VALUES ('smartpocket' , '".pwg_db_real_escape_string(serialize($config))."' , 'loop#autohide');"; - pwg_query($query); - load_conf_from_db(); + + conf_update_param('smartpocket', $config, true); } -elseif (count(unserialize( $conf['smartpocket'] ))!=2) +elseif (count(safe_unserialize($conf['smartpocket'])) != 2) { - $conff=unserialize($conf['smartpocket']); + $conff = safe_unserialize($conf['smartpocket']); $config = array( - 'loop' => (!empty($conff['loop'])) ? $conff['loop'] :true, - 'autohide' => (!empty($conff['autohide'])) ? $conff['autohide'] :5000, + 'loop' => (!empty($conff['loop'])) ? $conff['loop'] :true, + 'autohide' => (!empty($conff['autohide'])) ? $conff['autohide'] :5000, ); - conf_update_param('smartpocket', pwg_db_real_escape_string(serialize($config))); - load_conf_from_db(); + conf_update_param('smartpocket', $config, true); } ?> \ No newline at end of file diff --git a/themes/smartpocket/themeconf.inc.php b/themes/smartpocket/themeconf.inc.php index 83ffd505e..419e7a68b 100644 --- a/themes/smartpocket/themeconf.inc.php +++ b/themes/smartpocket/themeconf.inc.php @@ -109,7 +109,7 @@ add_event_handler('init', 'mobile_link'); function mobile_link() { global $template, $conf; - $config = unserialize( $conf['smartpocket'] ); + $config = safe_unserialize( $conf['smartpocket'] ); $template->assign( 'smartpocket', $config ); if ( !empty($conf['mobile_theme']) && (get_device() != 'desktop' || mobile_theme())) { -- cgit v1.2.3