github/torrentpier
1
0
Fork 0
mirror of https://github.com/torrentpier/torrentpier synced 2025-08-22 14:23:57 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

r510

Browse source 
Чуток марафета для неуязвимости выбора шаблона. Сверка выбора шаблона с прописанными в конфиге. git-svn-id: https://torrentpier2.googlecode.com/svn/trunk@510 a8ac35ab-4ca4-ca47-4c2d-a49a94f06293
This commit is contained in:
fly.dvorkin 2013-07-01 07:16:41 +00:00
commit ed978bda9b
3 changed files with 29 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

4
upload/config.php
View file

@ -56,8 +56,8 @@ $domain_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : $do
// Increase number of revision after update
$bb_cfg['tp_version'] = '2.5 pre-stable';
$bb_cfg['tp_release_date'] = '29-06-2013';
$bb_cfg['tp_release_state'] = 'R509';
$bb_cfg['tp_release_date'] = '01-07-2013';
$bb_cfg['tp_release_state'] = 'R510';
// Database
$charset = 'utf8';

8
upload/includes/functions.php
View file

@ -1553,6 +1553,14 @@ function setup_style ()
$tpl_dir_name = defined('IN_ADMIN') ? 'default' : basename((IS_GUEST || empty($userdata['tpl_name'])) ? $bb_cfg['tpl_name'] : $userdata['tpl_name']);
$stylesheet = defined('IN_ADMIN') ? 'main.css' : basename($bb_cfg['stylesheet']);
if (!IS_GUEST && !empty($userdata['tpl_name']))
{
foreach ($bb_cfg['templates'] as $folder => $name)
{
if ($userdata['tpl_name'] == $folder) $tpl_dir_name = basename($userdata['tpl_name']);
}
}
$template = new Template(TEMPLATES_DIR . $tpl_dir_name);
$css_dir = basename(TEMPLATES_DIR) ."/$tpl_dir_name/css/";

30
upload/includes/ucp/usercp_register.php
View file

@ -721,19 +721,27 @@ foreach ($profile_fields as $field => $can_edit)
}
break;
/**
* Выбор шаблона (edit, reg)
*/
case 'tpl_name':
$templates = isset($_POST['tpl_name']) ? (string) $_POST['tpl_name'] : $pr_data['tpl_name'];
$templates = htmlCHR($templates);
if ($submit && $templates != $pr_data['tpl_name'])
/**
* Выбор шаблона (edit, reg)
*/
case 'tpl_name':
$templates = isset($_POST['tpl_name']) ? (string) $_POST['tpl_name'] : $pr_data['tpl_name'];
$templates = htmlCHR($templates);
if ($submit && $templates != $pr_data['tpl_name'])
{
$pr_data['tpl_name'] = $bb_cfg['tpl_name'];
$db_data['tpl_name'] = (string) $bb_cfg['tpl_name'];
foreach ($bb_cfg['templates'] as $folder => $name)
{
$pr_data['tpl_name'] = $templates;
$db_data['tpl_name'] = (string) $templates;
if ($templates == $folder)
{
$pr_data['tpl_name'] = $templates;
$db_data['tpl_name'] = (string) $templates;
}
}
$tp_data['TEMPLATES_SELECT'] = templates_select($pr_data['tpl_name'], 'tpl_name');
break;
}
$tp_data['TEMPLATES_SELECT'] = templates_select($pr_data['tpl_name'], 'tpl_name');
break;
/**
* default