From bad3ae341daaa633074482889853b509ad5a69e1 Mon Sep 17 00:00:00 2001 From: Thomas Ingles Date: Sun, 28 Jan 2024 01:34:38 +0100 Subject: [PATCH] plxAdmin : maybe good strCheck's & trim's places + fr editArticle : obsolete sanitizePhpTags > cdataCheck editCategories description editUsers info str to cdata for fix remove " like : `tep` go to `tep` --- core/lang/fr/admin.php | 2 +- core/lib/class.plx.admin.php | 82 ++++++++++++++++++------------------ 2 files changed, 42 insertions(+), 42 deletions(-) diff --git a/core/lang/fr/admin.php b/core/lang/fr/admin.php index f7c485b12..5782ca947 100644 --- a/core/lang/fr/admin.php +++ b/core/lang/fr/admin.php @@ -120,7 +120,7 @@ const L_ARTICLE_MODERATE_BUTTON = 'Soumettre pour validation'; const L_ARTICLE_OFFLINE_BUTTON = 'Mettre hors ligne'; const L_ARTICLE_UPDATE_BUTTON = 'Enregistrer'; -const L_CATEGORY_ADD_BUTTON = "Ajouter"; +const L_CATEGORY_ADD_BUTTON = 'Ajouter'; const L_ARTICLE_META_DESCRIPTION = 'Contenu balise meta "description" (option)'; const L_ARTICLE_META_KEYWORDS = 'Contenu balise meta "keywords" (option)'; const L_ARTICLE_TITLE_HTMLTAG = 'Contenu balise title (option)'; diff --git a/core/lib/class.plx.admin.php b/core/lib/class.plx.admin.php index 1650d3519..d6b9f077f 100644 --- a/core/lib/class.plx.admin.php +++ b/core/lib/class.plx.admin.php @@ -498,9 +498,9 @@ public function editProfil($content) { if(!in_array($content['lang'], plxUtils::getLangs())) return plxMsg::Error(L_UNKNOWN_ERROR); - $this->aUsers[$_SESSION['user']]['name'] = trim($content['name']); - $this->aUsers[$_SESSION['user']]['infos'] = trim($content['content']); - $this->aUsers[$_SESSION['user']]['email'] = trim($content['email']); + $this->aUsers[$_SESSION['user']]['name'] = $content['name']; + $this->aUsers[$_SESSION['user']]['infos'] = $content['content']; + $this->aUsers[$_SESSION['user']]['email'] = $content['email']; $this->aUsers[$_SESSION['user']]['lang'] = $content['lang']; $_SESSION['admin_lang'] = $content['lang']; @@ -699,7 +699,7 @@ public function editUsers($content, $action=false) { $this->aUsers[$user_id]['delete'] = isset($this->aUsers[$user_id]['delete']) ? $this->aUsers[$user_id]['delete'] : 0; $this->aUsers[$user_id]['lang'] = isset($this->aUsers[$user_id]['lang']) ? $this->aUsers[$user_id]['lang'] : $this->aConf['default_lang']; - $this->aUsers[$user_id]['infos'] = isset($this->aUsers[$user_id]['infos']) ? $this->aUsers[$user_id]['infos'] : ''; + $this->aUsers[$user_id]['infos'] = isset($this->aUsers[$user_id]['infos']) ? trim($this->aUsers[$user_id]['infos']) : ''; $this->aUsers[$user_id]['password_token'] = isset($this->aUsers[$user_id]['_password_token']) ? $this->aUsers[$user_id]['_password_token'] : ''; $this->aUsers[$user_id]['password_token_expiry'] = isset($this->aUsers[$user_id]['_password_token_expiry']) ? $this->aUsers[$user_id]['_password_token_expiry'] : ''; @@ -746,9 +746,9 @@ public function editUsers($content, $action=false) { } ?> - - - + + + ]]> @@ -798,7 +798,7 @@ public function editUser($content) { return plxMsg::Error(L_UNKNOWN_ERROR); $this->aUsers[$content['id']]['email'] = $content['email']; - $this->aUsers[$content['id']]['infos'] = trim($content['content']); + $this->aUsers[$content['id']]['infos'] = $content['content']; $this->aUsers[$content['id']]['lang'] = $content['lang']; # Hook plugins @@ -863,7 +863,7 @@ public function editCategories($content, $action=false) { # Ajout d'une nouvelle catégorie à partir de la page article elseif(!empty($content['new_category'])) { # Test pour autoriser uniquement les caractères alphanumériques - $cat_name = $content['new_catname']; + $cat_name = trim($content['new_catname']); if(!preg_match(PATTERN_NAME, $cat_name)) { return plxMsg::Error(L_INVALID_VALUE . ' : ' . $cat_name); } @@ -900,7 +900,7 @@ public function editCategories($content, $action=false) { foreach($content['catNum'] as $cat_id) { # Test pour autoriser uniquement les caractères alphanumériques - $cat_name = $content[$cat_id.'_name']; + $cat_name = trim($content[$cat_id.'_name']); if(!preg_match(PATTERN_NAME, $cat_name)) { return plxMsg::Error(L_INVALID_VALUE . ' : ' . $cat_name); } @@ -917,14 +917,14 @@ public function editCategories($content, $action=false) { $this->aCats[$cat_id]['active'] = $content[$cat_id.'_active']; $this->aCats[$cat_id]['ordre'] = intval($content[$cat_id.'_ordre']); $this->aCats[$cat_id]['homepage'] = isset($this->aCats[$cat_id]['homepage']) ? $this->aCats[$cat_id]['homepage'] : 1; - $this->aCats[$cat_id]['description'] = isset($this->aCats[$cat_id]['description']) ? $this->aCats[$cat_id]['description'] : ''; $this->aCats[$cat_id]['template'] = isset($this->aCats[$cat_id]['template']) ? $this->aCats[$cat_id]['template'] : 'categorie.php'; - $this->aCats[$cat_id]['thumbnail'] = isset($this->aCats[$cat_id]['thumbnail']) ? $this->aCats[$cat_id]['thumbnail'] : ''; - $this->aCats[$cat_id]['thumbnail_title'] = isset($this->aCats[$cat_id]['thumbnail_title']) ? $this->aCats[$cat_id]['thumbnail_title'] : ''; - $this->aCats[$cat_id]['thumbnail_alt'] = isset($this->aCats[$cat_id]['thumbnail_alt']) ? $this->aCats[$cat_id]['thumbnail_alt'] : ''; - $this->aCats[$cat_id]['title_htmltag'] = isset($this->aCats[$cat_id]['title_htmltag']) ? $this->aCats[$cat_id]['title_htmltag'] : ''; - $this->aCats[$cat_id]['meta_description'] = isset($this->aCats[$cat_id]['meta_description']) ? $this->aCats[$cat_id]['meta_description'] : ''; - $this->aCats[$cat_id]['meta_keywords'] = isset($this->aCats[$cat_id]['meta_keywords']) ? $this->aCats[$cat_id]['meta_keywords'] : ''; + $this->aCats[$cat_id]['description'] = isset($this->aCats[$cat_id]['description']) ? trim($this->aCats[$cat_id]['description']) : ''; + $this->aCats[$cat_id]['thumbnail'] = isset($this->aCats[$cat_id]['thumbnail']) ? trim($this->aCats[$cat_id]['thumbnail']) : ''; + $this->aCats[$cat_id]['thumbnail_title'] = isset($this->aCats[$cat_id]['thumbnail_title']) ? trim($this->aCats[$cat_id]['thumbnail_title']) : ''; + $this->aCats[$cat_id]['thumbnail_alt'] = isset($this->aCats[$cat_id]['thumbnail_alt']) ? trim($this->aCats[$cat_id]['thumbnail_alt']) : ''; + $this->aCats[$cat_id]['title_htmltag'] = isset($this->aCats[$cat_id]['title_htmltag']) ? trim($this->aCats[$cat_id]['title_htmltag']) : ''; + $this->aCats[$cat_id]['meta_description'] = isset($this->aCats[$cat_id]['meta_description']) ? trim($this->aCats[$cat_id]['meta_description']) : ''; + $this->aCats[$cat_id]['meta_keywords'] = isset($this->aCats[$cat_id]['meta_keywords']) ? trim($this->aCats[$cat_id]['meta_keywords']) : ''; # Hook plugins eval($this->plxPlugins->callHook('plxAdminEditCategoriesUpdate')); @@ -970,13 +970,13 @@ public function editCategories($content, $action=false) { ?> - + ]]> - - + + plxPlugins->callHook('plxAdminEditCategoriesXml')); @@ -1007,14 +1007,14 @@ public function editCategories($content, $action=false) { public function editCategorie($content) { # Mise à jour du fichier categories.xml $this->aCats[$content['id']]['homepage'] = intval($content['homepage']); - $this->aCats[$content['id']]['description'] = trim($content['content']); + $this->aCats[$content['id']]['description'] = $content['content']; $this->aCats[$content['id']]['template'] = $content['template']; $this->aCats[$content['id']]['thumbnail'] = $content['thumbnail']; $this->aCats[$content['id']]['thumbnail_title'] = $content['thumbnail_title']; $this->aCats[$content['id']]['thumbnail_alt'] = $content['thumbnail_alt']; - $this->aCats[$content['id']]['title_htmltag'] = trim($content['title_htmltag']); - $this->aCats[$content['id']]['meta_description'] = trim($content['meta_description']); - $this->aCats[$content['id']]['meta_keywords'] = trim($content['meta_keywords']); + $this->aCats[$content['id']]['title_htmltag'] = $content['title_htmltag']; + $this->aCats[$content['id']]['meta_description'] = $content['meta_description']; + $this->aCats[$content['id']]['meta_keywords'] = $content['meta_keywords']; # Hook plugins eval($this->plxPlugins->callHook('plxAdminEditCategorie')); return $this->editCategories(null, true); @@ -1049,7 +1049,7 @@ public function editStatiques($content, $action=false) { # mise à jour de la liste des pages statiques elseif(!empty($content['update'])) { foreach($content['staticNum'] as $static_id) { - $stat_name = $content[$static_id.'_name']; + $stat_name = trim($content[$static_id.'_name']); if($stat_name!='') { $url = (!empty($content[$static_id.'_url'])) ? plxUtils::urlify($content[$static_id.'_url']) : ''; $stat_url = (!empty($url)) ? $url : plxUtils::urlify($stat_name); @@ -1066,10 +1066,10 @@ public function editStatiques($content, $action=false) { $this->aStats[$static_id]['active'] = $content[$static_id.'_active']; $this->aStats[$static_id]['menu'] = $content[$static_id.'_menu']; $this->aStats[$static_id]['ordre'] = intval($content[$static_id.'_ordre']); - $this->aStats[$static_id]['template'] = (isset($this->aStats[$static_id]['template'])?$this->aStats[$static_id]['template']:'static.php'); - $this->aStats[$static_id]['title_htmltag'] = (isset($this->aStats[$static_id]['title_htmltag'])?$this->aStats[$static_id]['title_htmltag']:''); - $this->aStats[$static_id]['meta_description'] = (isset($this->aStats[$static_id]['meta_description'])?$this->aStats[$static_id]['meta_description']:''); - $this->aStats[$static_id]['meta_keywords'] = (isset($this->aStats[$static_id]['meta_keywords'])?$this->aStats[$static_id]['meta_keywords']:''); + $this->aStats[$static_id]['template'] = isset($this->aStats[$static_id]['template']) ? $this->aStats[$static_id]['template'] : 'static.php'; + $this->aStats[$static_id]['title_htmltag'] = isset($this->aStats[$static_id]['title_htmltag']) ? trim($this->aStats[$static_id]['title_htmltag']) : ''; + $this->aStats[$static_id]['meta_description'] = isset($this->aStats[$static_id]['meta_description']) ? trim($this->aStats[$static_id]['meta_description']) : ''; + $this->aStats[$static_id]['meta_keywords'] = isset($this->aStats[$static_id]['meta_keywords']) ? trim($this->aStats[$static_id]['meta_keywords']) : ''; if(plxUtils::getValue($this->aStats[$static_id]['date_creation'])=='') { $this->aStats[$static_id]['date_creation'] = date('YmdHi'); $this->aStats[$static_id]['date_update'] = date('YmdHi'); @@ -1112,9 +1112,9 @@ public function editStatiques($content, $action=false) { - - - + + + - <?= plxUtils::strCheck(trim($content['title']), true) ?> + <?= plxUtils::strCheck(trim($content['title']), true, null) ?> - ]]> - ]]> + ]]> + ]]> - - - - - - + + + + + +