diff --git a/conlib/db_mysqli.inc b/conlib/db_mysqli.inc index f183533..5cfd720 100644 --- a/conlib/db_mysqli.inc +++ b/conlib/db_mysqli.inc @@ -424,10 +424,13 @@ class DB_Sql extends DB_Sql_Abstract { * @see DB_Sql_Abstract::escape() */ public function escape($sString) { + if(is_null($sString)) { + $sString = ''; + } $sResult = ''; if (is_resource($this->Link_ID) || $this->connect()) { $sResult = mysqli_real_escape_string($this->Link_ID, $sString); - }; + } return $sResult; } diff --git a/conlite/classes/cApi/class.upload.php b/conlite/classes/cApi/class.upload.php index 308781b..c9dbfba 100644 --- a/conlite/classes/cApi/class.upload.php +++ b/conlite/classes/cApi/class.upload.php @@ -36,7 +36,7 @@ class cApiUploadCollection extends ItemCollection { public function sync($dir, $file) { global $client; - if (strstr(strtolower($_ENV["OS"]), 'windows') === FALSE) { + if (!empty($_ENV["OS"]) && strstr(strtolower($_ENV["OS"]), 'windows') === FALSE) { #Unix style OS distinguish between lower and uppercase file names, i.e. test.gif is not the same as Test.gif $this->select("dirname = BINARY '$dir' AND filename = BINARY '$file' AND idclient = '$client'"); } else { diff --git a/conlite/classes/cHTML5/class.chtml.php b/conlite/classes/cHTML5/class.chtml.php index 26a6c38..1448d46 100644 --- a/conlite/classes/cHTML5/class.chtml.php +++ b/conlite/classes/cHTML5/class.chtml.php @@ -17,13 +17,14 @@ * @link http://www.conlite.org ConLite.org */ + // security check defined('CON_FRAMEWORK') or die('Illegal call'); - +/* if (!class_exists("HTML_Common2")) { cInclude("pear", "HTML/Common2.php"); } - +*/ /* Global ID counter */ $cHTMLIDCount = 0; @@ -32,7 +33,7 @@ $cHTMLIDCount = 0; * * @author Ortwin Pinke */ -class cHTML extends HTML_Common2 { +class cHTML extends cHTML5Common { /** * Storage of the open SGML tag template diff --git a/conlite/classes/cHTML5/class.chtml5.common.php b/conlite/classes/cHTML5/class.chtml5.common.php new file mode 100644 index 0000000..6a58c10 --- /dev/null +++ b/conlite/classes/cHTML5/class.chtml5.common.php @@ -0,0 +1,583 @@ + + * @copyright (c) 2022, conlite.org + * @license http://www.gnu.de/documents/gpl.en.html GPL v3 (english version) + * @license http://www.gnu.de/documents/gpl.de.html GPL v3 (deutsche Version) + * @link http://www.conlite.org ConLite.org + */ + +/* + * HTML_Common2: port of HTML_Common package to PHP5 + * + * PHP version 5 + * + * LICENSE: + * + * Copyright (c) 2004-2012, Alexey Borzov + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * The names of the authors may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY + * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * @category HTML + * @package HTML_Common2 + * @author Alexey Borzov + * @license http://opensource.org/licenses/bsd-license.php New BSD License + * @version SVN: $Id$ + * @link http://pear.php.net/package/HTML_Common2 + */ + +/* + * Base class for HTML classes + * + * Implements methods for working with HTML attributes, parsing and generating + * attribute strings. Port of HTML_Common class for PHP4 originally written by + * Adam Daniel with contributions from numerous other developers. + * + * @category HTML + * @package HTML_Common2 + * @author Alexey Borzov + * @license http://opensource.org/licenses/bsd-license.php New BSD License + * @version Release: 2.1.0 + * @link http://pear.php.net/package/HTML_Common2 + */ +abstract class cHTML5Common implements ArrayAccess +{ + /** + * Associative array of attributes + * @var array + */ + protected $attributes = array(); + + /** + * Changes to attributes in this list will be announced via onAttributeChange() + * method rather than performed by HTML_Common2 class itself + * @var array + * @see onAttributeChange() + */ + protected $watchedAttributes = array(); + + /** + * Indentation level of the element + * @var int + */ + private $_indentLevel = 0; + + /** + * Comment associated with the element + * @var string + */ + private $_comment = null; + + /** + * Global options for all elements generated by subclasses of HTML_Common2 + * + * Preset options are + * - 'charset': charset parameter used in htmlspecialchars() calls, + * defaults to 'ISO-8859-1' + * - 'indent': string used to indent HTML elements, defaults to "\11" + * - 'linebreak': string used to indicate linebreak, defaults to "\12" + * + * @var array + */ + private static $_options = array( + 'charset' => 'ISO-8859-1', + 'indent' => "\11", + 'linebreak' => "\12" + ); + + /** + * Sets global option(s) + * + * @param string|array $nameOrOptions Option name or array ('option name' => 'option value') + * @param mixed $value Option value, if first argument is not an array + */ + public static function setOption($nameOrOptions, $value = null) + { + if (is_array($nameOrOptions)) { + foreach ($nameOrOptions as $k => $v) { + self::setOption($k, $v); + } + } else { + $linebreaks = array('win' => "\15\12", 'unix' => "\12", 'mac' => "\15"); + if ('linebreak' == $nameOrOptions && isset($linebreaks[$value])) { + $value = $linebreaks[$value]; + } + self::$_options[$nameOrOptions] = $value; + } + } + + /** + * Returns global option(s) + * + * @param string $name Option name + * + * @return mixed Option value, null if option does not exist, + * array of all options if $name is not given + */ + public static function getOption($name = null) + { + if (null === $name) { + return self::$_options; + } else { + return isset(self::$_options[$name])? self::$_options[$name]: null; + } + } + + /** + * Parses the HTML attributes given as string + * + * @param string $attrString HTML attribute string + * + * @return array An associative array of attributes + */ + protected static function parseAttributes($attrString) + { + $attributes = array(); + if (preg_match_all( + "/(([A-Za-z_:]|[^\\x00-\\x7F])([A-Za-z0-9_:.-]|[^\\x00-\\x7F])*)" . + "([ \\n\\t\\r]+)?(=([ \\n\\t\\r]+)?(\"[^\"]*\"|'[^']*'|[^ \\n\\t\\r]*))?/", + $attrString, + $regs + )) { + for ($i = 0; $i < count($regs[1]); $i++) { + $name = trim($regs[1][$i]); + $check = trim($regs[0][$i]); + $value = trim($regs[7][$i]); + if ($name == $check) { + $attributes[strtolower($name)] = strtolower($name); + } else { + if (!empty($value) && ($value[0] == '\'' || $value[0] == '"')) { + $value = substr($value, 1, -1); + } + $attributes[strtolower($name)] = $value; + } + } + } + return $attributes; + } + + /** + * Creates a valid attribute array from either a string or an array + * + * @param string|array $attributes Array of attributes or HTML attribute string + * + * @return array An associative array of attributes + */ + protected static function prepareAttributes($attributes) + { + $prepared = array(); + if (is_string($attributes)) { + return self::parseAttributes($attributes); + + } elseif (is_array($attributes)) { + foreach ($attributes as $key => $value) { + if (is_int($key)) { + $key = strtolower($value); + $prepared[$key] = $key; + } else { + $prepared[strtolower($key)] = (string)$value; + } + } + } + return $prepared; + } + + /** + * Removes an attribute from an attribute array + * + * @param array &$attributes Attribute array + * @param string $name Name of attribute to remove + */ + protected static function removeAttributeArray(array &$attributes, $name) + { + unset($attributes[strtolower($name)]); + } + + /** + * Creates HTML attribute string from array + * + * @param array $attributes Attribute array + * + * @return string Attribute string + */ + protected static function getAttributesString(array $attributes) + { + $str = ''; + $charset = self::getOption('charset'); + foreach ($attributes as $key => $value) { + $str .= ' ' . $key . '="' . htmlspecialchars($value, ENT_QUOTES, $charset) . '"'; + } + return $str; + } + + /** + * Class constructor, sets default attributes + * + * @param array|string $attributes Array of attribute 'name' => 'value' pairs + * or HTML attribute string + */ + public function __construct($attributes = null) + { + $this->mergeAttributes($attributes); + } + + /** + * Sets the value of the attribute + * + * @param string $name Attribute name + * @param string $value Attribute value (will be set to $name if omitted) + * + * @return HTML_Common2 + */ + public function setAttribute($name, $value = null) + { + $name = strtolower($name); + if (is_null($value)) { + $value = $name; + } + if (in_array($name, $this->watchedAttributes)) { + $this->onAttributeChange($name, $value); + } else { + $this->attributes[$name] = (string)$value; + } + return $this; + } + + /** + * Returns the value of an attribute + * + * @param string $name Attribute name + * + * @return string|null Attribute value, null if attribute does not exist + */ + public function getAttribute($name) + { + $name = strtolower($name); + return isset($this->attributes[$name])? $this->attributes[$name]: ''; + } + + /** + * Sets the attributes + * + * @param string|array $attributes Array of attribute 'name' => 'value' pairs + * or HTML attribute string + * + * @return HTML_Common2 + */ + public function setAttributes($attributes) + { + $attributes = self::prepareAttributes($attributes); + $watched = array(); + foreach ($this->watchedAttributes as $watchedKey) { + if (isset($attributes[$watchedKey])) { + $this->setAttribute($watchedKey, $attributes[$watchedKey]); + unset($attributes[$watchedKey]); + } else { + $this->removeAttribute($watchedKey); + } + if (isset($this->attributes[$watchedKey])) { + $watched[$watchedKey] = $this->attributes[$watchedKey]; + } + } + $this->attributes = array_merge($watched, $attributes); + return $this; + } + + /** + * Returns the attribute array or string + * + * @param bool $asString Whether to return attributes as string + * + * @return array|string + */ + public function getAttributes($asString = false) + { + if ($asString) { + return self::getAttributesString($this->attributes); + } else { + return $this->attributes; + } + } + + /** + * Merges the existing attributes with the new ones + * + * @param array|string $attributes Array of attribute 'name' => 'value' pairs + * or HTML attribute string + * + * @return HTML_Common2 + */ + public function mergeAttributes($attributes) + { + $attributes = self::prepareAttributes($attributes); + foreach ($this->watchedAttributes as $watchedKey) { + if (isset($attributes[$watchedKey])) { + $this->onAttributeChange($watchedKey, $attributes[$watchedKey]); + unset($attributes[$watchedKey]); + } + } + $this->attributes = array_merge($this->attributes, $attributes); + return $this; + } + + /** + * Removes an attribute + * + * @param string $attribute Name of attribute to remove + * + * @return HTML_Common2 + */ + public function removeAttribute($attribute) + { + if (in_array(strtolower($attribute), $this->watchedAttributes)) { + $this->onAttributeChange(strtolower($attribute), null); + } else { + self::removeAttributeArray($this->attributes, $attribute); + } + return $this; + } + + /** + * Sets the indentation level + * + * @param int $level Indentation level + * + * @return HTML_Common2 + */ + public function setIndentLevel($level) + { + $level = intval($level); + if (0 <= $level) { + $this->_indentLevel = $level; + } + return $this; + } + + /** + * Gets the indentation level + * + * @return int + */ + public function getIndentLevel() + { + return $this->_indentLevel; + } + + /** + * Returns the string to indent the element + * + * @return string + */ + protected function getIndent() + { + return str_repeat(self::getOption('indent'), $this->getIndentLevel()); + } + + /** + * Sets the comment for the element + * + * @param string $comment String to output as HTML comment + * + * @return HTML_Common2 + */ + public function setComment($comment) + { + $this->_comment = $comment; + return $this; + } + + /** + * Returns the comment associated with the element + * + * @return string + */ + public function getComment() + { + return $this->_comment; + } + + /** + * Checks whether the element has given CSS class + * + * @param string $class CSS Class name + * + * @return bool + */ + public function hasClass($class) + { + $regex = '/(^|\s)' . preg_quote($class, '/') . '(\s|$)/'; + return (bool)preg_match($regex, $this->getAttribute('class')); + } + + /** + * Adds the given CSS class(es) to the element + * + * @param string|array $class Class name, multiple class names separated by + * whitespace, array of class names + * + * @return HTML_Common2 + */ + public function addClass($class) + { + if (!is_array($class)) { + $class = preg_split('/\s+/', $class, null, PREG_SPLIT_NO_EMPTY); + } + $curClass = preg_split( + '/\s+/', $this->getAttribute('class'), null, PREG_SPLIT_NO_EMPTY + ); + foreach ($class as $c) { + if (!in_array($c, $curClass)) { + $curClass[] = $c; + } + } + $this->setAttribute('class', implode(' ', $curClass)); + + return $this; + } + + /** + * Removes the given CSS class(es) from the element + * + * @param string|array $class Class name, multiple class names separated by + * whitespace, array of class names + * + * @return HTML_Common2 + */ + public function removeClass($class) + { + if (!is_array($class)) { + $class = preg_split('/\s+/', $class, null, PREG_SPLIT_NO_EMPTY); + } + $curClass = array_diff( + preg_split( + '/\s+/', $this->getAttribute('class'), null, PREG_SPLIT_NO_EMPTY + ), + $class + ); + if (0 == count($curClass)) { + $this->removeAttribute('class'); + } else { + $this->setAttribute('class', implode(' ', $curClass)); + } + return $this; + } + + /** + * Returns the HTML representation of the element + * + * This magic method allows using the instances of HTML_Common2 in string + * contexts + * + * @return string + */ + abstract public function __toString(); + + /** + * Called if trying to change an attribute with name in $watchedAttributes + * + * This method is called for each attribute whose name is in the + * $watchedAttributes array and which is being changed by setAttribute(), + * setAttributes() or mergeAttributes() or removed via removeAttribute(). + * Note that the operation for the attribute is not carried on after calling + * this method, it is the responsibility of this method to change or remove + * (or not) the attribute. + * + * @param string $name Attribute name + * @param string $value Attribute value, null if attribute is being removed + */ + protected function onAttributeChange($name, $value = null) + { + } + + /** + * Whether or not an offset (HTML attribute) exists + * + * @param string $offset An offset to check for. + * + * @return boolean Returns true on success or false on failure. + * @link http://php.net/manual/en/arrayaccess.offsetexists.php + */ + public function offsetExists(mixed $offset): bool + { + return isset($this->attributes[strtolower($offset)]); + } + + /** + * Returns the value at specified offset (i.e. attribute name) + * + * @param string $offset The offset to retrieve. + * + * @return string|null + * @link http://php.net/manual/en/arrayaccess.offsetget.php + * @see getAttribute() + */ + #[\ReturnTypeWillChange] + public function offsetGet($offset) + { + return $this->getAttribute($offset); + } + + /** + * Assigns a value to the specified offset (i.e. attribute name) + * + * @param string $offset The offset to assign the value to + * @param string $value The value to set + * + * @return void + * @link http://php.net/manual/en/arrayaccess.offsetset.php + * @see setAttribute() + */ + #[\ReturnTypeWillChange] + public function offsetSet($offset, $value) + { + if (null !== $offset) { + $this->setAttribute($offset, $value); + } else { + // handles $foo[] = 'disabled'; + $this->setAttribute($value); + } + } + + /** + * Unsets an offset (i.e. removes an attribute) + * + * @param string $offset The offset to unset + * + * @return void + * @link http://php.net/manual/en/arrayaccess.offsetunset.php + * @see removeAttribute + */ + #[\ReturnTypeWillChange] + public function offsetUnset($offset) + { + $this->removeAttribute($offset); + } +} \ No newline at end of file diff --git a/conlite/classes/class.genericdb.php b/conlite/classes/class.genericdb.php index 5225cff..ee774fd 100644 --- a/conlite/classes/class.genericdb.php +++ b/conlite/classes/class.genericdb.php @@ -1712,8 +1712,13 @@ abstract class Item extends cItemBaseAbstract { * @return mixed Filtered data */ public function _inFilter($mData) { - if (is_numeric($mData) || is_array($mData)) + if (is_numeric($mData) || is_array($mData)) { return $mData; + } + + if(is_null($mData)) { + $mData = ''; + } foreach ($this->_arrInFilters as $_function) { if (function_exists($_function)) { diff --git a/conlite/classes/class.htmlelements.php b/conlite/classes/class.htmlelements.php index 7828136..4c9830a 100644 --- a/conlite/classes/class.htmlelements.php +++ b/conlite/classes/class.htmlelements.php @@ -672,7 +672,7 @@ class cHTMLSelectElement extends cHTMLFormElement { */ function setDefault($lvalue) { $bSet = false; - + $lvalue = cString::nullToString($lvalue); if (is_array($this->_options)) { foreach ($this->_options as $key => $value) { if (strcmp($value->getAttribute("value"), $lvalue) == 0) { diff --git a/conlite/classes/class.string.php b/conlite/classes/class.string.php index 3f371a1..32b8ec2 100644 --- a/conlite/classes/class.string.php +++ b/conlite/classes/class.string.php @@ -715,4 +715,19 @@ class cString extends cStringMultiByteWrapper { return $string; } + + /** + * Convert null string to empty string + * + * @param string $string + * @return string + */ + public static function nullToString($string) { + //var_dump($string); + if(empty($string) || is_null($string)) { + $string = ''; + } + //var_dump($string); + return $string; + } } \ No newline at end of file diff --git a/conlite/classes/class.ui.php b/conlite/classes/class.ui.php index b8a84c9..0125de3 100644 --- a/conlite/classes/class.ui.php +++ b/conlite/classes/class.ui.php @@ -1027,10 +1027,10 @@ class cScrollList { var $listStart; /** - * sortable flag - * @var string + * sortable array + * @var array */ - var $sortable; + protected $_aSortable; /** * sortlink @@ -1080,7 +1080,7 @@ class cScrollList { $this->resultsPerPage = 0; $this->listStart = 1; - $this->sortable = false; + $this->_aSortable = []; $this->objTable = new cHTMLTable(); if ($defaultstyle == true) { @@ -1126,7 +1126,7 @@ class cScrollList { * @param $sortable boolean true or false */ function setSortable($key, $sortable) { - $this->sortable[$key] = $sortable; + $this->_aSortable[$key] = $sortable; } /** @@ -1330,8 +1330,8 @@ class cScrollList { /* Render header */ foreach ($this->header as $key => $value) { - if (is_array($this->sortable)) { - if (array_key_exists($key, $this->sortable) && $this->sortable[$key] == true) { + if (is_array($this->_aSortable)) { + if (array_key_exists($key, $this->_aSortable) && $this->_aSortable[$key] == true) { $this->sortlink->setContent($value); $this->sortlink->setCustom("sortby", $key); diff --git a/conlite/includes/api/functions.frontend.list.php b/conlite/includes/api/functions.frontend.list.php index 220078e..3b70740 100644 --- a/conlite/includes/api/functions.frontend.list.php +++ b/conlite/includes/api/functions.frontend.list.php @@ -89,12 +89,12 @@ class FrontendList * @param $endwrap Wrap for the list end * @param $itemwrap Wrap for a single item */ - function FrontendList ($startwrap, $endwrap, $itemwrap) + function __construct($startwrap, $endwrap, $itemwrap) { $this->resultsPerPage = 0; $this->listStart = 1; - $this->itemwrap = $itemwrap; + $this->itemwrap = (is_null($itemwrap))?'':$itemwrap; $this->startwrap = $startwrap; $this->endwrap = $endwrap; } diff --git a/conlite/includes/functions.general.php b/conlite/includes/functions.general.php index 31b5906..ff3ccce 100644 --- a/conlite/includes/functions.general.php +++ b/conlite/includes/functions.general.php @@ -1732,6 +1732,9 @@ function sendPostRequest($host, $path, $data, $referer = "", $port = 80) { } function is_dbfs($file) { + if(is_null($file)) { + $file = ''; + } if (substr($file, 0, 5) == "dbfs:") { return true; } diff --git a/conlite/includes/functions.upl.php b/conlite/includes/functions.upl.php index df022f3..5badbd4 100644 --- a/conlite/includes/functions.upl.php +++ b/conlite/includes/functions.upl.php @@ -46,9 +46,13 @@ if (!defined('CON_FRAMEWORK')) { * string is shorter there will be no tooltipp * @return string - string, which contains short path name and tooltipp if neccessary */ -function generateDisplayFilePath($sDisplayPath, $iLimit) { - $sDisplayPath = (string) trim($sDisplayPath); - $iLimit = (int) $iLimit; +function generateDisplayFilePath($mDisplayPath, $mLimit) { + if(is_null($mDisplayPath)) { + $sDisplayPath = ''; + } else { + $sDisplayPath = (string) trim($mDisplayPath); + } + $iLimit = intval($mLimit); if (strlen($sDisplayPath) > $iLimit) { $sDisplayPathShort = capiStrTrimHard($sDisplayPath, $iLimit); @@ -58,18 +62,18 @@ function generateDisplayFilePath($sDisplayPath, $iLimit) { $aPathFragments = explode('/', $sDisplayPath); foreach ($aPathFragments as $sFragment) { - if ($sFragment != '') { - if (strlen($sFragment) > ($iLimit - 5)) { - $sFragment = capiStrTrimHard($sFragment, $iLimit); - } + if (empty($sFragment)) { + continue; + } - if ($iCharcount + strlen($sFragment) + 1 > $iLimit) { - $sTooltippString .= '
' . $sFragment . '/'; - $iCharcount = strlen($sFragment); - } else { - $iCharcount = $iCharcount + 1 + strlen($sFragment); - $sTooltippString .= $sFragment . '/'; - } + if (strlen($sFragment) > ($iLimit - 5)) { + $sFragment = capiStrTrimHard($sFragment, $iLimit); + } else if ($iCharcount + strlen($sFragment) + 1 > $iLimit) { + $sTooltippString .= '
' . $sFragment . '/'; + $iCharcount = strlen($sFragment); + } else { + $iCharcount = $iCharcount + 1 + strlen($sFragment); + $sTooltippString .= $sFragment . '/'; } } @@ -111,8 +115,7 @@ function uplDirectoryListRecursive($currentdir, $startdir = NULL, $files = array foreach ($sorted_files as $file) { if ($file != ".." && $file != ".") { - if ((filetype(getcwd() . "/" . $file) == "dir") && - (opendir(getcwd() . "/" . $file) !== false)) { + if ((filetype(getcwd() . "/" . $file) == "dir") && (opendir(getcwd() . "/" . $file) !== false)) { $a_file['name'] = $file; $a_file['depth'] = $depth; $a_file['pathstring'] = $pathstring . $file . '/'; diff --git a/conlite/includes/include.lay_edit_form.php b/conlite/includes/include.lay_edit_form.php index 6e5e35f..208ce06 100644 --- a/conlite/includes/include.lay_edit_form.php +++ b/conlite/includes/include.lay_edit_form.php @@ -107,7 +107,11 @@ if (!$layout->virgin) { } $types = array_unique($types); - $layout->setProperty("layout", "used-types", implode($types, ";")); + if (version_compare(PHP_VERSION, '8.0.0', '>=')) { + $layout->setProperty("layout", "used-types", implode(";", $types)); + } else { + $layout->setProperty("layout", "used-types", implode($types, ";")); + } $msg = ""; diff --git a/conlite/includes/include.lay_overview.php b/conlite/includes/include.lay_overview.php index 46cda1e..457fff2 100644 --- a/conlite/includes/include.lay_overview.php +++ b/conlite/includes/include.lay_overview.php @@ -49,7 +49,7 @@ while ($layout = $oLayouts->next()) { } $name = $layout->get('name'); - $descr = $layout->get('description'); + $descr = cString::nullToString($layout->get('description')); $idlay = $layout->get('idlay'); if (strlen($descr) > 64) { @@ -102,7 +102,7 @@ while ($layout = $oLayouts->next()) { $tpl->set('d', 'TODO', $todo->render()); - if (stripslashes($_REQUEST['idlay']) == $idlay) { + if (filter_var($_REQUEST['idlay'], FILTER_SANITIZE_NUMBER_INT) == $idlay) { $tpl->set('d', 'ID', 'marked'); } else { $tpl->set('d', 'ID', ''); diff --git a/conlite/includes/include.upl_dirs_overview.php b/conlite/includes/include.upl_dirs_overview.php index d9535ee..99f52bb 100644 --- a/conlite/includes/include.upl_dirs_overview.php +++ b/conlite/includes/include.upl_dirs_overview.php @@ -73,6 +73,10 @@ if (!isset($path) && $sess->is_registered("upl_last_path")) { $path = $upl_last_path; } +if(is_null($path)) { + $path = ''; +} + $appendparameters = $_REQUEST["appendparameters"]; if (!isset($action)) diff --git a/conlite/includes/include.upl_files_overview.php b/conlite/includes/include.upl_files_overview.php index f21dd57..0758835 100644 --- a/conlite/includes/include.upl_files_overview.php +++ b/conlite/includes/include.upl_files_overview.php @@ -347,7 +347,7 @@ class UploadList extends FrontendList { case "xbm": case "wbmp": $sCacheThumbnail = uplGetThumbnail($data, 150); - $sCacheName = substr($sCacheThumbnail, strrpos($sCacheThumbnail, "/") + 1, strlen($sCacheThumbnail) - (strrchr($sCacheThumbnail, '/') + 1)); + $sCacheName = substr($sCacheThumbnail, strrpos($sCacheThumbnail, "/") + 1, strlen($sCacheThumbnail) - (strlen(strrchr($sCacheThumbnail, '/')) + 1)); $sFullPath = $cfgClient[$client]['path']['frontend'] . 'cache/' . $sCacheName; if (file_exists($sFullPath)) { $aDimensions = getimagesize($sFullPath); @@ -430,17 +430,21 @@ class UploadList extends FrontendList { * @param type $sErrorMessage * @return type */ -function uplRender($path, $sortby, $sortmode, $startpage = 1, $thumbnailmode, $sErrorMessage) { +function uplRender($path, $sortby, $sortmode, $startpage, $thumbnailmode, $sErrorMessage) { global $cfg, $client, $cfgClient, $area, $frame, $sess, $browserparameters, $appendparameters, $perm, $auth, $sReloadScript, $notification, $bDirectoryIsWritable; - if ($sortby == "") { + if(empty($sortby)) { $sortby = 3; $sortmode = "ASC"; } - if ($startpage == "") { + if(empty($startpage)) { $startpage = 1; } + + if(is_null($path)) { + $path = ''; + } $thisfile = $sess->url("main.php?idarea=$area&frame=$frame&path=$path&thumbnailmode=$thumbnailmode&appendparameters=$appendparameters"); $scrollthisfile = $thisfile . "&sortmode=$sortmode&sortby=$sortby&appendparameters=$appendparameters"; diff --git a/data/config/production/config.autoloader.php b/data/config/production/config.autoloader.php index 3948e17..c144032 100644 --- a/data/config/production/config.autoloader.php +++ b/data/config/production/config.autoloader.php @@ -174,6 +174,7 @@ return array( 'cHTML5Button' => 'conlite/classes/cHTML5/class.chtml5.button.php', 'cHTML5Meta' => 'conlite/classes/cHTML5/class.chtml5.meta.php', 'cHTML' => 'conlite/classes/cHTML5/class.chtml.php', + 'cHTML5Common' => 'conlite/classes/cHTML5/class.chtml5.common.php', 'cHTML5List' => 'conlite/classes/cHTML5/class.chtml5.list.php', 'XML_doc' => 'conlite/classes/class.xml.php', 'Contenido_FrontendNavigation_Breadcrumb' => 'conlite/classes/Contenido_FrontendNavigation/Contenido_FrontendNavigation_Breadcrumb.class.php',