- security fix (profile)

- les langues a la hache
- fix some copy/paste errors

git-svn-id: http://piwigo.org/svn/trunk@2268 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
rvelices
2008-03-08 12:38:09 +00:00
parent a048738d8b
commit bf1f7c4aec
20 changed files with 90 additions and 189 deletions
+6 -7
View File
@@ -47,8 +47,7 @@ if (isset($_GET['group_id']) and is_numeric($_GET['group_id']))
}
else
{
echo l10n('group_id URL parameter is missing');
exit();
die('group_id URL parameter is missing');
}
// +-----------------------------------------------------------------------+
@@ -93,19 +92,19 @@ SELECT id
// an error (in SQL statement), so we need to know which categories are
// accesible
$authorized_ids = array();
$query = '
SELECT cat_id
FROM '.GROUP_ACCESS_TABLE.'
WHERE group_id = '.$page['group'].'
;';
$result = pwg_query($query);
while ($row = mysql_fetch_array($result))
{
array_push($authorized_ids, $row['cat_id']);
}
$inserts = array();
$to_autorize_ids = array_diff($private_uppercats, $authorized_ids);
foreach ($to_autorize_ids as $to_autorize_id)
@@ -144,14 +143,14 @@ $template->assign_vars(
'L_CAT_OPTIONS_TRUE'=>l10n('authorized'),
'L_CAT_OPTIONS_FALSE'=>l10n('forbidden'),
'L_CAT_OPTIONS_INFO'=>l10n('permuser_info'),
'F_ACTION' =>
PHPWG_ROOT_PATH.
'admin.php?page=group_perm&group_id='.
$page['group']
)
);
// only private categories are listed
$query_true = '
SELECT id,name,uppercats,global_rank