Add Form Keys to Forms, patch by Chris Thomas, r=Wolf. Fix Preview Manager to have a max-size limit on images. Fix category manager to stop ignoring the app variable and showing all items.

2004-11-04 19:13:03 +00:00 · 2004-11-04 19:13:03 +00:00 · d36f674d20
--- a/webtools/update/developers/categorymanager.php
+++ b/webtools/update/developers/categorymanager.php
@ -27,13 +27,15 @@ if (!$function) {
 ?>
 <?php
 if ($_POST["submit"]=="Create Category") {
-  if ($_POST[cattype]=="other") {$_POST["cattype"]=$_POST["othertype"];}
-    $catname = $_POST["catname"];
-    $catdesc = $_POST["catdesc"];
-    $cattype = $_POST["cattype"];
-    $catapp = $_POST["catapp"];
-   	$sql = "INSERT INTO `t_categories` (`CatName`, `CatDesc`, `CatType`, `CatApp`) VALUES ('$catname', '$catdesc', '$cattype', '$catapp');";
+  if ($_POST[cattype]=="other") $_POST["cattype"]=$_POST["othertype"];
+  $catname = $_POST["catname"];
+  $catdesc = $_POST["catdesc"];
+  $cattype = $_POST["cattype"];
+  $catapp = $_POST["catapp"];
+  if (checkFormKey()) {
+    $sql = "INSERT INTO `t_categories` (`CatName`, `CatDesc`, `CatType`, `CatApp`) VALUES ('$catname', '$catdesc', '$cattype', '$catapp');";
    $result = mysql_query($sql) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+  }
 }
 ?>
 <h1>Manage Category List</h1>
@ -70,7 +72,7 @@ $typenames = array("E"=>"Extensions", "T"=>"Themes","P"=>"Plugins");

 <?php
 $i=0;
- $sql = "SELECT * FROM `t_categories` WHERE `CatType` LIKE '$type' ORDER BY `CatType`,`CatName`";
+ $sql = "SELECT * FROM `t_categories` WHERE `CatType` LIKE '$type' AND `CatApp`='$application' ORDER BY `CatType`,`CatName`";
 $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
   while ($row = mysql_fetch_array($sql_result)) {
    $categoryid = $row["CategoryID"];
@ -86,13 +88,13 @@ $typenames = array("E"=>"Extensions", "T"=>"Themes","P"=>"Plugins");
    echo"</tr>\n";
 }

-
 }
 ?>
 </table>
 <h2>New Category for <?php echo ucwords($application); ?><BR></h2>
 <div style="font-size: 10pt; font-weight: bold">
 <form name="addapplication" method="post" action="?function=&action=addnewcategory">
+<?writeFormKey();?>
 <input name="catapp" type="hidden" value="<?php echo strtolower($application); ?>">
 Name: <input name="catname" type="text" value="" size="30" maxlength="100"><BR>
 Description: <input name="catdesc" type="text" value="" size="50" maxlength="100"><BR>
@ -124,17 +126,20 @@ if ($_POST["submit"] == "Update") {
  $catname = $_POST["catname"];
  $catdesc = $_POST["catdesc"];
  $cattype = $_POST["cattype"];
+  if (checkFormKey()) {
    $sql = "UPDATE `t_categories` SET `CatName`='$catname', `CatDesc`='$catdesc', `CatType`='$cattype' WHERE `CategoryID`='$categoryid'";
    $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);

-  echo"Your update to $catname, has been submitted successfully...<br>";
+    echo"Your update to $catname, has been submitted successfully...<br>";
+  }

 } else if ($_POST["submit"] == "Delete Category") {
  echo"<h2>Processing Delete Request, please wait...</h2>\n";
  $categoryid = $_POST["categoryid"];
-  $sql = "DELETE FROM `t_categories` WHERE `CategoryID`='$categoryid'";
-  $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
-
+  if (checkFormKey()) {
+    $sql = "DELETE FROM `t_categories` WHERE `CategoryID`='$categoryid'";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+  }
  echo"You've successfully deleted the category '$catname'...<br>";
 }

@ -153,6 +158,7 @@ if (!$categoryid) { $categoryid = $_POST["categoryid"]; }
 <div class="editbox">
    <h3>Edit Category <?php echo"$catname for ".ucwords($catapp); ?>:</h3>
 <form name="editcategory" method="post" action="?function=editcategory">
+<?writeFormKey();?>
 <?php
  echo"Name:  <input name=\"catname\" type=\"text\" value=\"$catname\" size=\"30\" maxlength=\"100\"><br>\n";
  echo"Description:  <input name=\"catdesc\" type=\"text\" value=\"$catdesc\" size=\"50\" maxlength=\"100\"><br>\n";
@ -166,6 +172,7 @@ if (!$categoryid) { $categoryid = $_POST["categoryid"]; }
 <A HREF="?function=">&#171;&#171; Return to Category Manager</A>
 </div>
 <?php
+
 } else {}
 ?>

--- a/webtools/update/developers/faqmanager.php
+++ b/webtools/update/developers/faqmanager.php
@ -67,7 +67,7 @@ if (!$function) {

 <h2><a href="?function=addentry">New FAQ Entry</A></h2>
 <form name="addapplication" method="post" action="?function=addentry">
-
+<?writeFormKey();?>
  Title: <input name="title" type="text" size="30" maxlength="150" value="">
 <input name="submit" type="submit" value="Next &#187;&#187;"></SPAN>
 </form>
@ -85,23 +85,27 @@ if (!$function) {
    $text = $_POST["text"];
    $active = $_POST["active"];
    $id = $_POST["id"];
-    $sql = "UPDATE `t_faq` SET `title`='$title', `index`='$index', `alias`='$alias', `text`='$text', `active`='$active' WHERE `id`='$id'";
-    $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
-    if ($sql_result) {
-        echo"Your update to '$title', has been successful.<br>";
+    if (checkFormKey()) {
+      $sql = "UPDATE `t_faq` SET `title`='$title', `index`='$index', `alias`='$alias', `text`='$text', `active`='$active' WHERE `id`='$id'";
+      $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+      if ($sql_result) {
+          echo"Your update to '$title', has been successful.<br>";
+      }
    }

  } else if ($_POST["submit"] == "Delete Entry") {
    echo"<h2>Processing, please wait...</h2>\n";
    $id = $_POST["id"];
    $title = $_POST["title"];
-    $sql = "DELETE FROM `t_faq` WHERE `id`='$id'";
-    $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
-    if ($sql_result) {
-        echo"You've successfully deleted the FAQ Entry '$title'.";
-        include"$page_footer";
-        echo"</body>\n</html>\n"; 
-        exit;
+    if (checkFormKey()) {
+      $sql = "DELETE FROM `t_faq` WHERE `id`='$id'";
+      $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+      if ($sql_result) {
+          echo"You've successfully deleted the FAQ Entry '$title'.";
+          include"$page_footer";
+          echo"</body>\n</html>\n"; 
+          exit;
+      }
    }
 }

@ -113,6 +117,7 @@ if (!$function) {

 <h3>Edit FAQ Entry:</h3>
 <form name="editfaq" method="post" action="?function=edit">
+<?writeFormKey();?>
 <?php
  echo"<input name=\"id\" type=\"hidden\" value=\"".$row["id"]."\" />\n";
  echo"Title: <input name=\"title\" type=\"text\" size=\"40\" maxlength=\"150\" value=\"".$row["title"]."\"> ";
@ -164,16 +169,19 @@ if ($active=="YES") {
    $text = $_POST["text"];
    $active = $_POST["active"];
    $id = $_POST["id"];
-     $sql = "INSERT INTO `t_faq` (`title`,`index`,`alias`, `text`, `active`) VALUES ('$title','$index','$alias', '$text', '$active')";
-     $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
-     if ($sql_result) {
+    if (checkFormKey()) {
+      $sql = "INSERT INTO `t_faq` (`title`,`index`,`alias`, `text`, `active`) VALUES ('$title','$index','$alias', '$text', '$active')";
+      $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+      if ($sql_result) {
        echo"The entry '$title' has been successfully added.<br>\n";
-     }
+      }
+    }
  }
 ?>

 <h2>Add FAQ Entry:</h2>
 <form name="addfaq" method="post" action="?function=addentry">
+<?writeFormKey();?>
 <?php
 $title = $_POST["title"];

--- a/webtools/update/developers/login.php
+++ b/webtools/update/developers/login.php
@ -3,7 +3,8 @@ require"../core/config.php";
 require"core/sessionconfig.php";

 $password = md5($_POST[password]);
-$sql = "SELECT DISTINCT `UserID`, `UserEmail`,`UserName`,`UserMode`,`UserTrusted` FROM `t_userprofiles` WHERE `UserEmail` = '$_POST[email]' && `UserPass` = '$password' LIMIT 1";
+$email = $_POST["email"];
+$sql = "SELECT DISTINCT `UserID`, `UserEmail`,`UserName`,`UserMode`,`UserTrusted` FROM `t_userprofiles` WHERE `UserEmail` = '$email' && `UserPass` = '$password' LIMIT 1";
 $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
  $num = mysql_num_rows($sql_result);

--- a/webtools/update/developers/previews.php
+++ b/webtools/update/developers/previews.php
@ -191,6 +191,11 @@ if ($type=="2" or $type=="3") {

 //Destination Properties for the Display Image
 //Output Image Dimensions
+
+//Limit Max.
+if ($width > "690") {$width="690";}
+if ($width > "520") {$width="520";}
+
 $dest_width="$width"; // Destination Width /$tn_size_width
 $dest_height_fixed="$height"; // Destination Height / $tn_size_height (Fixed)
 $dest_height= ($src_height * $dest_width) / $src_width; // (Aspect Ratio Variable Height