mbirth/LuckyCoinkydink
Archived
1
0
Fork 0
Code Issues Pull Requests Activity

added token to support the preview link in backend entries

Browse Source
This commit is contained in:
Ian
2012-01-16 09:10:00 +01:00
parent 068837dce4
commit 4822b3e7b8
2 changed files with 13 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
docs/NEWS
View File

@@ -4,17 +4,19 @@
Version 1.7 () Version 1.7 ()
------------------------------------------------------------------------ ------------------------------------------------------------------------
* Allow Smarty to fetch .tpl files from all directories so that * fixed draft & future entries preview link in backend
s9y plugin can use the fetch() call for their .tpl files no
matter which (symlinked) directory the plugin resides in. * Allow Smarty to fetch .tpl files from all directories so that
The Smarty security policy to us only serves as a restriction s9y plugin can use the fetch() call for their .tpl files no
within .tpl files to not allow arbitrary PHP modifier/function calls. matter which (symlinked) directory the plugin resides in.
If in the future Smarty supports enforcing trustedDir checks on The Smarty security policy to us only serves as a restriction
{include} calls seperately to smarty->fetch() calls, we'll also within .tpl files to not allow arbitrary PHP modifier/function calls.
add that to .tpl files. If in the future Smarty supports enforcing trustedDir checks on
(garvinhicking) {include} calls seperately to smarty->fetch() calls, we'll also
add that to .tpl files.
(garvinhicking)
* Patch by Markus Brükner: Properly handle files that have no * Patch by Markus Brükner: Properly handle files that have no
extension in media database extension in media database
* Made Spartacus recognize github.com mirror (garvinhicking) * Made Spartacus recognize github.com mirror (garvinhicking)

2
include/admin/entries.inc.php
View File

@@ -284,7 +284,7 @@ function serendipity_drawList() {
</td> </td>
<td align="right"> <td align="right">
<?php if (serendipity_db_bool($entry['isdraft']) || (!$serendipity['showFutureEntries'] && $entry['timestamp'] >= serendipity_serverOffsetHour())) { ?> <?php if (serendipity_db_bool($entry['isdraft']) || (!$serendipity['showFutureEntries'] && $entry['timestamp'] >= serendipity_serverOffsetHour())) { ?>
<a target="_blank" href="<?php echo $entry['preview_link']; ?>" title="<?php echo PREVIEW . ' #' . $entry['id']; ?>" class="serendipityIconLink"><img src="<?php echo serendipity_getTemplateFile('admin/img/zoom.png'); ?>" alt="<?php echo PREVIEW; ?>" /><?php echo PREVIEW ?></a> <a target="_blank" href="<?php echo $entry['preview_link']; ?>&amp;<?php echo serendipity_setFormToken('url'); ?>" title="<?php echo PREVIEW . ' #' . $entry['id']; ?>" class="serendipityIconLink"><img src="<?php echo serendipity_getTemplateFile('admin/img/zoom.png'); ?>" alt="<?php echo PREVIEW; ?>" /><?php echo PREVIEW ?></a>
<?php } else { ?> <?php } else { ?>
<a target="_blank" href="<?php echo $entry['link']; ?>" title="<?php echo VIEW . ' #' . $entry['id']; ?>" class="serendipityIconLink"><img src="<?php echo serendipity_getTemplateFile('admin/img/zoom.png'); ?>" alt="<?php echo VIEW; ?>" /><?php echo VIEW ?></a> <a target="_blank" href="<?php echo $entry['link']; ?>" title="<?php echo VIEW . ' #' . $entry['id']; ?>" class="serendipityIconLink"><img src="<?php echo serendipity_getTemplateFile('admin/img/zoom.png'); ?>" alt="<?php echo VIEW; ?>" /><?php echo VIEW ?></a>
<?php } ?> <?php } ?>