no more .php3 files (3)
This commit is contained in:
@@ -1201,7 +1201,7 @@ function PMA_displayTableBody(&$dt_result, &$is_display, $map, $analyzed_sql) {
|
||||
if ($GLOBALS['cfgRelation']['mimework'] && $GLOBALS['cfg']['BrowseMIME']) {
|
||||
|
||||
if (isset($GLOBALS['mime_map'][$meta->name]['mimetype']) && isset($GLOBALS['mime_map'][$meta->name]['transformation']) && !empty($GLOBALS['mime_map'][$meta->name]['transformation'])) {
|
||||
$include_file = PMA_sanitizeTransformationFile($GLOBALS['mime_map'][$meta->name]['transformation']);
|
||||
$include_file = $GLOBALS['mime_map'][$meta->name]['transformation'];
|
||||
|
||||
if (file_exists('./libraries/transformations/' . $include_file)) {
|
||||
$transformfunction_name = str_replace('.inc.php', '', $GLOBALS['mime_map'][$meta->name]['transformation']);
|
||||
|
@@ -527,7 +527,7 @@ for ($i = 0 ; $i <= $num_fields; $i++) {
|
||||
if (is_array($available_mime['transformation'])) {
|
||||
foreach ($available_mime['transformation'] AS $mimekey => $transform) {
|
||||
$checked = (isset($row) && isset($row['Field']) && isset($mime_map[$row['Field']]['transformation']) && (preg_match('@' . preg_quote($available_mime['transformation_file'][$mimekey]) . '3?@i', $mime_map[$row['Field']]['transformation'])) ? 'selected ' : '');
|
||||
$tooltip = 'strTransformation_' . strtolower(preg_replace('@(\.inc\.php3?)$@', '', $available_mime['transformation_file'][$mimekey]));
|
||||
$tooltip = 'strTransformation_' . strtolower(str_replace('.inc.php', '', $available_mime['transformation_file'][$mimekey]));
|
||||
$tooltip = isset($$tooltip) ? $$tooltip : sprintf(str_replace('<br />', ' ', $strMIME_nodescription), 'PMA_transformation_' . $tooltip . '()');
|
||||
$content_cells[$i][$ci] .= '<option value="' . $available_mime['transformation_file'][$mimekey] . '" ' . $checked . ' title="' . htmlspecialchars($tooltip) . '">' . htmlspecialchars($transform) . '</option>' . "\n";
|
||||
}
|
||||
|
@@ -246,34 +246,4 @@ function PMA_setMIME($db, $table, $key, $mimetype, $transformation,
|
||||
return false;
|
||||
}
|
||||
} // end of 'PMA_setMIME()' function
|
||||
|
||||
/**
|
||||
* Returns the real filename of a configured transformation
|
||||
*
|
||||
* in fact: it just replaces old php3 with php extension
|
||||
*
|
||||
* garvin: for security, never allow to break out from transformations directory
|
||||
*
|
||||
* @uses PMA_securePath()
|
||||
* @uses preg_replace()
|
||||
* @uses strlen()
|
||||
* @uses file_exists()
|
||||
* @access public
|
||||
* @param string $filename the current filename
|
||||
* @return string the new filename
|
||||
*/
|
||||
function PMA_sanitizeTransformationFile(&$filename)
|
||||
{
|
||||
$include_file = PMA_securePath($filename);
|
||||
|
||||
// This value can also contain a 'php3' value, in which case we map this filename to our new 'php' variant
|
||||
$testfile = preg_replace('@\.inc\.php3$@', '.inc.php', $include_file);
|
||||
if ($include_file{strlen($include_file)-1} == '3'
|
||||
&& file_exists('./libraries/transformations/' . $testfile)) {
|
||||
$include_file = $testfile;
|
||||
$filename = $testfile; // Corrects the referenced variable for further actions on the filename;
|
||||
}
|
||||
|
||||
return $include_file;
|
||||
} // end of 'PMA_sanitizeTransformationFile()' function
|
||||
?>
|
||||
|
Reference in New Issue
Block a user