[prev in list] [next in list] [prev in thread] [next in thread]
List: os-sim-commits
Subject: [Os-sim-commits] os-sim/www/backup index.php,1.15,1.16
From: "Tomas V.V.Cox" <tvvcox () users ! sourceforge ! net>
Date: 2007-01-24 9:40:02
Message-ID: E1H9ebr-0006OR-Qm () mail ! sourceforge ! net
[Download RAW message or body]
Update of /cvsroot/os-sim/os-sim/www/backup
In directory sc8-pr-cvs3.sourceforge.net:/tmp/cvs-serv25129/www/backup
Modified Files:
index.php
Log Message:
- Security enhacement (by Laurent Licour)
- Better error management
- Minor code formatting
Index: index.php
===================================================================
RCS file: /cvsroot/os-sim/os-sim/www/backup/index.php,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -d -r1.15 -r1.16
--- index.php 19 Jul 2006 08:38:40 -0000 1.15
+++ index.php 24 Jan 2007 09:39:59 -0000 1.16
@@ -1,5 +1,6 @@
<?php
-require_once ('classes/Session.inc');
+require_once 'classes/Session.inc';
+require_once 'classes/Security.inc';
Session::logcheck("MenuTools", "ToolsBackup");
require_once 'classes/Util.inc';
@@ -12,17 +13,16 @@
$isDisabled = Backup::running_restoredb();
-$perform = $_POST["perform"];
+$perform = POST("perform");
if (!$isDisabled) {
if ($perform == "insert") {
- $insert = $_POST["insert"];
- Backup::Insert($insert);
+ $insert = POST("insert");
+ Backup::Insert($insert);
} elseif ($perform == "delete") {
- $delete = $_POST["delete"];
- Backup::Delete($delete);
+ $delete = POST("delete");
+ Backup::Delete($delete);
}
- unset($_POST["perform"]);
}
$db = new ossim_db();
@@ -31,9 +31,13 @@
$insert = Array();
$delete = Array();
+if (!is_dir($backup_dir)) {
+ die(ossim_error(_("Could not access backup dir").": <b>$backup_dir</b>"));
+}
+
$dir = dir($backup_dir);
while ($file = $dir->read()) {
- if($file == "." || $file == "..") {
+ if ($file == "." || $file == "..") {
continue;
}
if (is_dir($backup_dir.$file)) {
@@ -87,27 +91,31 @@
</tr>
<tr>
<td>
- <select name="insert[]" size="10" multiple>
-<?php if (count($insert)) {
-for ($i=0; $i<count($insert); $i++) { ?>
- <option value=<?=$insert[$i]?>> <?=$insert[$i]?> </option>
-<?php }
+ <select name="insert[]" size="10" multiple>
+<?php
+if (is_array($insert)) {
+ for ($i=0; $i<count($insert); $i++) {
+?>
+ <option value="<?=$insert[$i]?>"> <?=$insert[$i]?> </option>
+<?php }
} else { ?>
- <option size="100" disabled> -- <?php echo gettext("NONE"); \
?> -- </option> + <option size="100" \
disabled> -- <?=_("NONE")?> -- </option> <?php } ?>
- </select>
+ </select>
</td>
<td></td>
<td>
- <select name="delete[]" size="10" multiple>
-<?php if (count($delete)) {
-for ($i=0; $i<count($delete); $i++) { ?>
- <option size="100" \
value=<?=$delete[$i]?>> <?=$delete[$i]?> </option> + <select \
name="delete[]" size="10" multiple> +<?php
+if (is_array($delete)) {
+ for ($i=0; $i<count($delete); $i++) {
+?>
+ <option size="100" \
value="<?=$delete[$i]?>"> <?=$delete[$i]?> </option> <?php }
} else { ?>
- <option size="100" disabled> -- <?php echo gettext("NONE"); \
?> -- </option> + <option size="100" \
disabled> -- <?=_("NONE")?> -- </option> <?php } ?>
- </select>
+ </select>
</td>
</tr>
<tr>
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Os-sim-commits mailing list
Os-sim-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/os-sim-commits
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic