mbirth/LuckyCoinkydink
Archived
1
0
Fork 0
Code Issues Pull Requests Activity

* Add ability to plugins to check uploaded media files for invalid

Browse Source 
file extensions. Added more escaping to user- and groupnames
      for untrusted author environments, thanks to Hanno Boeck.
      (garvinhicking)
This commit is contained in:
Garvin Hicking
2008-02-01 14:10:14 +00:00
parent 2aff6710c8
commit d34bbd7181
13 changed files with 41 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/admin/overview.inc.php
View File

@ -11,7 +11,7 @@ $user = serendipity_fetchAuthor($serendipity['authorid']);
$bookmarklet = "javascript:bm=document.selection?document.selection.createRange().text:document.getSelection();void(newwin=open('" . $serendipity['baseURL'] . "serendipity_admin.php?serendipity[adminModule]=entries&serendipity[adminAction]=new&serendipity[title]='+ escape(document.title) + '&serendipity[body]=' + escape(bm) +'&serendipity[url]=' + escape(location.href), 'new_log_entry','resizable=yes, scrollbars=yes, width=800, height=600, location=yes,status=yes')); newwin.focus();";
$output = array(
'welcome' => WELCOME_BACK . ' ' . $user[0]['realname'],
'welcome' => WELCOME_BACK . ' ' . htmlspecialchars($user[0]['realname']),
'show_links' => true,
'links_title' => FURTHER_LINKS,
'bookmarklet' => $bookmarklet,