summaryrefslogtreecommitdiff
path: root/code/admin/ajax.php
diff options
context:
space:
mode:
authorLudovic Pouzenc <lpouzenc@gmail.com>2013-10-30 14:04:56 +0100
committerLudovic Pouzenc <lpouzenc@gmail.com>2013-10-30 14:04:56 +0100
commitacbb8dff1439b0d05709a93fff356e7f6b829da6 (patch)
treeb07773037c6751a3720fdf9f383b13df3ac30259 /code/admin/ajax.php
parent97bd9842f44bb25832f5dd8288372f2199cf3b7b (diff)
downloadeditablesite-acbb8dff1439b0d05709a93fff356e7f6b829da6.tar.gz
editablesite-acbb8dff1439b0d05709a93fff356e7f6b829da6.tar.bz2
editablesite-acbb8dff1439b0d05709a93fff356e7f6b829da6.zip
INI et Unicode. Avancée sur fonctions AJAX et trados.
Diffstat (limited to 'code/admin/ajax.php')
-rw-r--r--code/admin/ajax.php9
1 files changed, 5 insertions, 4 deletions
diff --git a/code/admin/ajax.php b/code/admin/ajax.php
index 0893843..fd6dab5 100644
--- a/code/admin/ajax.php
+++ b/code/admin/ajax.php
@@ -15,11 +15,12 @@
}
function save_page_props($path) {
- //TODO : Should validate props here also...
$props=load_page_props($path);
foreach ( array('page_title', 'page_description', 'page_keywords') as $k ) {
- if ( array_key_exists($k,$_GET) ) $props[$k]=$_GET[$k];
+ if ( array_key_exists($k,$_GET) ) {
+ $props[$k]= sanitize($_GET, $k, RE_TEXT_LINE_CLEANER, '');
+ }
}
$ini_path="content/$path/props.ini";
@@ -31,8 +32,8 @@
}
// URL params clean-up
- $action=sanitize($_GET, 'action', '/[^a-z_]+/', 'none'); /* Could be : load_page_props, load_media_props... */
- $path=sanitize($_GET, 'path', '/[^a-z0-9\/]+/', ''); // Never put \. in this regex
+ $action=sanitize($_GET, 'action', RE_IDENTIFIER_CLEANER, 'none'); /* Could be : load_page_props, load_media_props... */
+ $path = sanitize($_GET, 'path', RE_RELPATH_CLEANER, '');
switch($action) {
case 'load_page_props':
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-22 18:00:15 +0000