Changeset 19767


Ignore:
Timestamp:
2010/12/25 19:02:43 (10 years ago)
Author:
Seasoft
Message:

#838(PHPソース内でのパラメータ「USER_DIR」の利用不徹底)
#494(プラグイン機能)

  • 怪しい処理にコメントを追加
Location:
branches/version-2_5-dev
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • branches/version-2_5-dev/data/Smarty/templates/admin/design/header.tpl

    r19722 r19767  
    3434  <dic id="design-header-preview"> 
    3535    <!--{if $browser_type == 1 }--> 
    36       <div style="zoom:0.8"><!--{include file="`$smarty.const.HTML_PATH`user_data/include/preview/header.tpl"}--></div> 
     36      <div style="zoom:0.8"><!--{include file="`$smarty.const.USER_PATH`include/preview/header.tpl"}--></div> 
    3737    <!--{ else }--> 
    3838      <span class="attention"><strong>プレビューはIEでのみ表示されます。</strong></span> 
     
    6565  <div id="design-footer-preview"> 
    6666    <!--{if $browser_type == 1 }--> 
    67       <div style="zoom:0.8"><!--{include file="`$smarty.const.HTML_PATH`/user_data/include/preview/footer.tpl"}--></div> 
     67      <div style="zoom:0.8"><!--{include file="`$smarty.const.USER_PATH`/include/preview/footer.tpl"}--></div> 
    6868    <!--{ else }--> 
    6969      <span class="attention"><strong>プレビューはIEでのみ表示されます。</strong></span> 
  • branches/version-2_5-dev/data/class/SC_Plugin.php

    r19670 r19767  
    1616 
    1717    function __construct(){ 
    18         if(!defined(PLUGIN_PATH)){ 
    19             define("PLUGIN_PATH",HTML_PATH."/user_data/plugins/"); 
     18        if (!defined(PLUGIN_PATH)) { 
     19            define('PLUGIN_PATH', USER_PATH . 'plugins/'); 
    2020        } 
    2121        $this->init(); 
     
    5757    function disablePlugin(){ 
    5858        $objQuery = new SC_Query(); 
    59         $name = preg_replace("/.php/", "", __FILE__); 
     59        $name = preg_replace("/.php/", "", __FILE__); // XXX 正規表現エスケープ漏れでは? 
    6060        $objQuery->update("dtb_plugin", array('enable'=>'0'), "plugin_name = ?", array($name)); 
    6161    } 
     
    6363    function enablePlugin(){ 
    6464        $objQuery = new SC_Query(); 
    65         $name = preg_replace("/.php/", "", __FILE__); 
     65        $name = preg_replace("/.php/", "", __FILE__); // XXX 正規表現エスケープ漏れでは? 
    6666        $objQuery->update("dtb_plugin", array('enable'=>'0'), "plugin_name = ?", array($name)); 
    6767    } 
  • branches/version-2_5-dev/data/class/pages/products/LC_Page_Products_Detail.php

    r19713 r19767  
    198198 
    199199                        $this->objDisplay->redirect($this->getLocation( 
    200                             URL_DIR . 'user_data/gmopg_oneclick_confirm.php', array(), true)); 
     200                            URL_DIR . USER_DIR . 'gmopg_oneclick_confirm.php', array(), true)); 
    201201                        exit; 
    202202                    } 
  • branches/version-2_5-dev/html/install/index.php

    r19760 r19767  
    383383    $arrWriteFile = array( 
    384384        DATA_PATH . "install.php", 
    385         HTML_PATH . "user_data", 
     385        USER_PATH, 
    386386        HTML_PATH . "upload", 
    387387        DATA_PATH . "cache/", 
     
    505505    $objPage->tpl_mode = 'step0_1'; 
    506506    // ファイルコピー 
    507     $objPage->copy_mess = SC_Utils_Ex::sfCopyDir("./user_data/", HTML_PATH . "user_data/", $objPage->copy_mess); 
     507    $objPage->copy_mess = SC_Utils_Ex::sfCopyDir("./user_data/", USER_PATH, $objPage->copy_mess); 
    508508    $objPage->copy_mess = SC_Utils_Ex::sfCopyDir("./save_image/", HTML_PATH . "upload/save_image/", $objPage->copy_mess); 
    509509    return $objPage; 
Note: See TracChangeset for help on using the changeset viewer.