From ab02fe9ee0a9ab7f1966811c55b680bd7935b064 Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Sat, 12 Feb 2005 13:59:08 +0000 Subject: [PATCH] fix for bug [ 1120676 ] Date&Linking Probs in InfoLog: caused by error in handling of array's when magic_quotes_gpc was on --- etemplate/inc/class.uietemplate.inc.php | 40 ++++++++++++++++++++----- 1 file changed, 32 insertions(+), 8 deletions(-) diff --git a/etemplate/inc/class.uietemplate.inc.php b/etemplate/inc/class.uietemplate.inc.php index 6d8e0d0a05..354f943ddd 100644 --- a/etemplate/inc/class.uietemplate.inc.php +++ b/etemplate/inc/class.uietemplate.inc.php @@ -31,8 +31,12 @@ */ class etemplate extends boetemplate { - var $debug; /** 1=calls to show and process_show, 2=content after process_show, - 3=calls to show_cell and process_show_cell, or template-name or cell-type */ + /** + * @var int/string='' integer debug-level or template-name or cell-type or '' = off + * 1=calls to show and process_show, 2=content after process_show, + * 3=calls to show_cell and process_show_cell + */ + var $debug; var $html; /** instance of html-class */ var $xslt = false; /** do we run in the xslt framework (true) or the regular eGW one (false) */ var $class_conf = array('nmh' => 'th','nmr0' => 'row_on','nmr1' => 'row_off'); @@ -63,7 +67,7 @@ * In other UI's than html this needs to call the methode, defined by menuaction or * open a browser-window for any other links. * - * @param $params string/array url or array with get-params incl. menuaction + * @param string/array $params url or array with get-params incl. menuaction */ function location($params='') { @@ -1103,6 +1107,24 @@ return $html; } + /** + * applies stripslashes recursivly on each element of an array + * + * @param array &$var + * @return array + */ + function array_stripslashes($var) + { + if (!is_array($var)) + { + return stripslashes($var); + } + foreach($var as $key => $val) + { + $var[$key] = is_array($val) ? $this->array_stripslashes($val) : stripslashes($val); + } + return $var; + } /** * makes necessary adjustments on $_POST after a eTemplate / form gots submitted @@ -1111,9 +1133,9 @@ * Process_show uses a list of input-fields/widgets generated by show. * * @internal - * @param $content array $_POST[$cname], on return the adjusted content - * @param $to_process array list of widgets/form-fields to process - * @param $cname string basename of our returnt content (same as in call to show) + * @param array $content $_POST[$cname], on return the adjusted content + * @param array $to_process list of widgets/form-fields to process + * @param string $cname basename of our returnt content (same as in call to show) * @return int number of validation errors (the adjusted content is returned by the var-param &$content !) */ function process_show(&$content,$to_process,$cname='') @@ -1128,6 +1150,10 @@ } $content_in = $cname ? array($cname => $content) : $content; $content = array(); + if (get_magic_quotes_gpc()) + { + $content_in = $this->array_stripslashes($content_in); + } $GLOBALS['phpgw_info']['etemplate']['validation_errors'] = array(); $this->canceled = $this->button_pressed = False; @@ -1143,8 +1169,6 @@ $attr = array(); } $value = $this->get_array($content_in,$form_name,True); - - if ($value && get_magic_quotes_gpc()) $value = stripslashes($value); if (isset($attr['blur']) && $attr['blur'] == $value) {