mbirth/LuckyCoinkydink
1
0
Fork 0
Code Issues Pull Requests Activity

Fix entryproperties value setting

Browse Source
This commit is contained in:
Garvin Hicking 2007-08-08 08:53:26 +00:00
parent 78cedc04f8
commit a78b5338f0
2 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
docs/NEWS
View File

@ -211,6 +211,13 @@ Version 1.2 ()
* Allow to call permalinks that end with a "/" the same as if not
ending with a "/" (garvinhicking)
Version 1.1.4 (August 8th, 2007)
------------------------------------------------------------------------
* Fix being able to set entryproperties values via POST-Request (and
being able to bypass password-protection of an entry, when the
Entryproperties plugin is installed). Thanks to Erich Schubert
Version 1.1.3 (June 17th, 2007)
------------------------------------------------------------------------

22
plugins/serendipity_event_entryproperties/serendipity_event_entryproperties.php
View File

@ -618,20 +618,11 @@ class serendipity_event_entryproperties extends serendipity_event
// is in the process of being created. This must be done for the extended properties
// to be applied in the preview.
if (is_array($serendipity['POST']['properties']) && count($serendipity['POST']['properties']) > 0){
$parr = array();
$supported_properties = serendipity_event_entryproperties::getSupportedProperties();
foreach($supported_properties AS $prop_key) {
if (isset($serendipity['POST']['properties'][$prop_key]))
$eventData[0]['properties']['ep_' . $prop_key] = $serendipity['POST']['properties'][$prop_key];
}
}
if (isset($serendipity['GET']['id']) && isset($eventData[0]['properties']['ep_entrypassword'])) {
if (isset($_SESSION['entrypassword_unlocked'][$serendipity['GET']['id']]) || $eventData[0]['properties']['ep_entrypassword'] == $serendipity['POST']['entrypassword']) {
if ($_SESSION['entrypassword_unlocked'][$serendipity['GET']['id']] == md5($eventData[0]['properties']['ep_entrypassword']) || $eventData[0]['properties']['ep_entrypassword'] == $serendipity['POST']['entrypassword']) {
// Do not show login form again, once we have first enabled it.
$_SESSION['entrypassword_unlocked'][$serendipity['GET']['id']] = true;
$_SESSION['entrypassword_unlocked'][$serendipity['GET']['id']] = md5($eventData[0]['properties']['ep_entrypassword']);
} else {
if (is_array($eventData)) {
$eventData['clean_page'] = true;
@ -642,6 +633,15 @@ class serendipity_event_entryproperties extends serendipity_event
}
}
if ($addData['preview'] && is_array($serendipity['POST']['properties']) && count($serendipity['POST']['properties']) > 0){
$parr = array();
$supported_properties = serendipity_event_entryproperties::getSupportedProperties();
foreach($supported_properties AS $prop_key) {
if (isset($serendipity['POST']['properties'][$prop_key]))
$eventData[0]['properties']['ep_' . $prop_key] = $serendipity['POST']['properties'][$prop_key];
}
}
break;
case 'entries_header':