| Revision | bc660848dbab0078f1419bd6d208add3f5ac5e68 (tree) |
|---|---|
| Time | 2006-11-04 09:21:31 |
| Author | kmorimatsu <kmorimatsu@1ca2...> |
| Commiter | kmorimatsu |
セキュリティーアップデート(Security update)
git-svn-id: https://svn.sourceforge.jp/svnroot/nucleus-jp/plugin@471 1ca29b6e-896d-4ea0-84a5-967f57386b96
trunk/NP_SkinSwitcher/skinswitcher/index.php (diff)| @@ -1,4 +1,5 @@ | ||
| 1 | 1 | <?php |
| 2 | +/* NP_SkinSwitcher ver 0.7.2 */ | |
| 2 | 3 | |
| 3 | 4 | $strRel = '../../../'; |
| 4 | 5 | include($strRel . 'config.php'); |
| @@ -57,7 +58,7 @@ class NpSkinSwitcher_ADMIN{ | ||
| 57 | 58 | ?> |
| 58 | 59 | <form method="post" action="<?php echo $this->url ?>index.php"> |
| 59 | 60 | <input type="hidden" name="action" value="update" /> |
| 60 | - <input type="hidden" name="blogid" value="<?php echo $blogid ?>" /> | |
| 61 | + <input type="hidden" name="blogid" value="<?php echo (int)$blogid ?>" /> | |
| 61 | 62 | <?php |
| 62 | 63 | echo '<table>'."\n"; |
| 63 | 64 | echo '<thead><tr><th>'._SKIN_NAME.'</th><th>'._SKIN_TYPE.'</th><th>'._SKIN_DESC.'</th></tr></thead>'."\n"; |
| @@ -71,7 +72,10 @@ class NpSkinSwitcher_ADMIN{ | ||
| 71 | 72 | if($blogid && in_array($ob->sdnumber,$global_sdnums)) continue; |
| 72 | 73 | $chtxt = (in_array($ob->sdnumber,$sdnums))? ' checked="checked"': ''; |
| 73 | 74 | $extxt = ($ob->sdnumber==$defskinid)? '<b> ('._EBLOG_DEFSKIN.')</b>': ''; |
| 74 | - echo '<tr'." onmouseover='focusRow(this);' onmouseout='blurRow(this);'".'><td><input type="checkbox" id="batch'.$i.'" name="sdnum['.$i.']" value="'.$ob->sdnumber.'"'.$chtxt.' /><label for="batch'.$i.'">'.$ob->sdname.$extxt.'</label></td><td>'.$ob->sdtype.'</td><td>'.$ob->sddesc.'</td></tr>'."\n"; | |
| 75 | + echo '<tr'." onmouseover='focusRow(this);' onmouseout='blurRow(this);'".'>'. | |
| 76 | + '<td><input type="checkbox" id="batch'.$i.'" name="sdnum['.$i.']" value="'.(int)$ob->sdnumber.'"'.$chtxt.' />'. | |
| 77 | + '<label for="batch'.$i.'">'.htmlspecialchars($ob->sdname).$extxt.'</label></td>'. | |
| 78 | + '<td>'.htmlspecialchars($ob->sdtype).'</td><td>'.htmlspecialchars($ob->sddesc).'</td></tr>'."\n"; | |
| 75 | 79 | $i++; |
| 76 | 80 | } |
| 77 | 81 | echo '<tr><td colspan="3"> |
| @@ -94,7 +98,7 @@ class NpSkinSwitcher_ADMIN{ | ||
| 94 | 98 | } else { |
| 95 | 99 | $query = 'SELECT bnumber, bname, tadmin, burl, bshortname' |
| 96 | 100 | . ' FROM ' . sql_table('blog') . ', ' . sql_table('team') |
| 97 | - . ' WHERE tblog=bnumber and tmember=' . $member->getID() . ' and tadmin=1' | |
| 101 | + . ' WHERE tblog=bnumber and tmember=' . (int)$member->getID() . ' and tadmin=1' | |
| 98 | 102 | . ' ORDER BY bname'; |
| 99 | 103 | } |
| 100 | 104 | $res = sql_query($query); |
| @@ -103,7 +107,10 @@ class NpSkinSwitcher_ADMIN{ | ||
| 103 | 107 | echo '<table>'."\n"; |
| 104 | 108 | echo '<tr><th>'._EBLOG_NAME.'</th><th>'._EBLOG_DESC.'</th><th>'._LISTS_ACTIONS.'</th></tr>'."\n"; |
| 105 | 109 | while($ob = mysql_fetch_object($res)){ |
| 106 | - echo '<tr'." onmouseover='focusRow(this);' onmouseout='blurRow(this);'".'><td>' . $ob->bname . '</td><td>'.$ob->bdesc.'</td><td><a href="'.$this->url.'index.php?action=blogoverview&blogid='.$ob->bnumber.'">'._PLUG_SKINSWITCHER_BLOGLINK.'</a></td></tr>'; | |
| 110 | + echo '<tr'." onmouseover='focusRow(this);' onmouseout='blurRow(this);'".'>'. | |
| 111 | + '<td>' . htmlspecialchars($ob->bname) . '</td>'. | |
| 112 | + '<td>'.htmlspecialchars($ob->bdesc).'</td>'. | |
| 113 | + '<td><a href="'.$this->url.'index.php?action=blogoverview&blogid='.(int)$ob->bnumber.'">'._PLUG_SKINSWITCHER_BLOGLINK.'</a></td></tr>'; | |
| 107 | 114 | } |
| 108 | 115 | echo '</table>'."\n"; |
| 109 | 116 |
| @@ -147,7 +154,7 @@ class NpSkinSwitcher_ADMIN{ | ||
| 147 | 154 | $blogid = intRequestVar('blogid'); |
| 148 | 155 | $sdnums = @join(',',requestVar('sdnum')); |
| 149 | 156 | |
| 150 | - $dq = 'DELETE FROM '.sql_table('plug_skinswitcher').' WHERE sblogid='.$blogid; | |
| 157 | + $dq = 'DELETE FROM '.sql_table('plug_skinswitcher').' WHERE sblogid='.(int)$blogid; | |
| 151 | 158 | $dres = sql_query($dq); |
| 152 | 159 | |
| 153 | 160 | if($sdnums){ |
| @@ -155,12 +162,12 @@ class NpSkinSwitcher_ADMIN{ | ||
| 155 | 162 | INSERT INTO |
| 156 | 163 | ".sql_table('plug_skinswitcher')." |
| 157 | 164 | SET |
| 158 | - sblogid = ".$blogid.", | |
| 159 | - disskinid = '".$sdnums."' | |
| 165 | + sblogid = ".(int)$blogid.", | |
| 166 | + disskinid = '".addslashes($sdnums)."' | |
| 160 | 167 | "; |
| 161 | 168 | $res = @mysql_query($iq); |
| 162 | 169 | if (!$res) { |
| 163 | - $_SESSION['msg'] = $iq.'Could not save data: ' . mysql_error() . $query; | |
| 170 | + $_SESSION['msg'] = $iq.'Could not save data: ' . htmlspecialchars( mysql_error().$query ); | |
| 164 | 171 | }else{ |
| 165 | 172 | $_SESSION['msg'] = 'Saved.'; |
| 166 | 173 | } |
Fork