Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: & to & - Set 1  (Read 4728 times)

0 Members and 1 Guest are viewing this topic.

kaptainkory

  • Tester
  • Coppermine regular visitor
  • *
  • Offline Offline
  • Posts: 51
& to & - Set 1
« on: August 05, 2005, 09:38:10 pm »

In the big scheme of things, maybe not such a big deal, but here is a long list of places where I think "&" should be "&".  CVS from about 3 days ago.  This actually just takes care of some of the files in the main CPG directory.  If it would be helpful, I'll tackle the files in "/include" next.



In banning.php, FIND (line 249):

Code: [Select]
$calendar_link_new = 'calendar.php?action=banning&month='.ltrim(strftime('%m'),'0').'&year='.strftime('%Y');
REPLACE WITH:
Code: [Select]
$calendar_link_new = 'calendar.php?action=banning&month='.ltrim(strftime('%m'),'0').'&year='.strftime('%Y');

In bridgemgr.php, FIND (line 642):

Code: [Select]
                $minibrowser = '<a href="javascript:;" onclick="MM_openBrWindow(\'minibrowser.php?startfolder='.rawurlencode($prefill).'&parentform='.rawurlencode($step).'&formelementname='.rawurlencode($key).'\',\''.uniqid(rand()) .'\',\'scrollbars=yes,toolbar=no,status=no,locationbar=no,resizable=yes,width=600,height=400\')"><img src="images/folder.gif" width="16" height="16" border="0" alt="" title="'.$lang_bridgemgr_php['browse'].'" /></a>';
REPLACE WITH:

Code: [Select]
                $minibrowser = '<a href="javascript:;" onclick="MM_openBrWindow(\'minibrowser.php?startfolder='.rawurlencode($prefill).'&amp;parentform='.rawurlencode($step).'&amp;formelementname='.rawurlencode($key).'\',\''.uniqid(rand()) .'\',\'scrollbars=yes,toolbar=no,status=no,locationbar=no,resizable=yes,width=600,height=400\')"><img src="images/folder.gif" width="16" height="16" border="0" alt="" title="'.$lang_bridgemgr_php['browse'].'" /></a>';

In catmgr.php, FIND (line 95):

Code: [Select]
                        <select onChange="if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?op=setparent&cid=$curr_cat&parent='+this.options[this.selectedIndex].value;"  name="parent" class="listbox">
REPLACE WITH:

Code: [Select]
                        <select onChange="if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?op=setparent&amp;cid=$curr_cat&amp;parent='+this.options[this.selectedIndex].value;"  name="parent" class="listbox">
FIND (line 202):

Code: [Select]
            echo '                <td class="tableb" width="4%"><a href="' . $_SERVER['PHP_SELF'] . '?op=move&cid1=' . $category['cid'] . '&pos1=' . ($category['pos']-1) . '&cid2=' . $category['prev'] . '&pos2=' . ($category['pos']) . '">' . '<img src="images/up.gif"  border="0" alt="" />' . '</a></td>' . "\n";
REPLACE WITH:

Code: [Select]
            echo '                <td class="tableb" width="4%"><a href="' . $_SERVER['PHP_SELF'] . '?op=move&amp;cid1=' . $category['cid'] . '&amp;pos1=' . ($category['pos']-1) . '&amp;cid2=' . $category['prev'] . '&amp;pos2=' . ($category['pos']) . '">' . '<img src="images/up.gif"  border="0" alt="" />' . '</a></td>' . "\n";
FIND (line 208):

Code: [Select]
            echo '                <td class="tableb" width="4%"><a href="' . $_SERVER['PHP_SELF'] . '?op=move&cid1=' . $category['cid'] . '&pos1=' . ($category['pos'] + 1) . '&cid2=' . $category['next'] . '&pos2=' . ($category['pos']) . '">' . '<img src="images/down.gif"  border="0" alt="" />' . '</a></td>' . "\n";
REPLACE WITH:

Code: [Select]
            echo '                <td class="tableb" width="4%"><a href="' . $_SERVER['PHP_SELF'] . '?op=move&amp;cid1=' . $category['cid'] . '&amp;pos1=' . ($category['pos'] + 1) . '&amp;cid2=' . $category['next'] . '&amp;pos2=' . ($category['pos']) . '">' . '<img src="images/down.gif"  border="0" alt="" />' . '</a></td>' . "\n";

FIND (line 214):

Code: [Select]
            echo '                <td class="tableb" width="4%"><a href="' . $_SERVER['PHP_SELF'] . '?op=deletecat&cid=' . $category['cid'] . '" onClick="return confirmDel(\'' . addslashes(str_replace('&nbsp;', '', $category['name'])) . '\')">' . '<img src="images/delete.gif"  border="0" alt="" />' . '</a></td>' . "\n";
REPLACE WITH:

Code: [Select]
            echo '                <td class="tableb" width="4%"><a href="' . $_SERVER['PHP_SELF'] . '?op=deletecat&amp;cid=' . $category['cid'] . '" onClick="return confirmDel(\'' . addslashes(str_replace('&nbsp;', '', $category['name'])) . '\')">' . '<img src="images/delete.gif"  border="0" alt="" />' . '</a></td>' . "\n";
FIND (line 219):

Code: [Select]
        echo '                <td class="tableb" width="4%">' . '<a href="' . $_SERVER['PHP_SELF'] . '?op=editcat&cid=' . $category['cid'] . '">' . '<img src="images/edit.gif" border="0" alt="" />' . '</a></td>' . "\n";
REPLACE WITH:

Code: [Select]
        echo '                <td class="tableb" width="4%">' . '<a href="' . $_SERVER['PHP_SELF'] . '?op=editcat&amp;cid=' . $category['cid'] . '">' . '<img src="images/edit.gif" border="0" alt="" />' . '</a></td>' . "\n";
FIND (376):

Code: [Select]
$help = '&nbsp;'.cpg_display_help('f=index.htm&as=cat_cp&ae=albmgr&top=1', '600', '400');
REPLACE WITH:

Code: [Select]
$help = '&nbsp;'.cpg_display_help('f=index.htm&amp;as=cat_cp&amp;ae=albmgr&amp;top=1', '600', '400');
FIND (431):

Code: [Select]
if ($CONFIG['show_bbcode_help']) {$description_help .= '&nbsp;'. cpg_display_help('f=index.html&base=64&h='.urlencode(base64_encode(serialize($lang_bbcode_help_title))).'&t='.urlencode(base64_encode(serialize($lang_bbcode_help))),470,245);}
REPLACE WITH:

Code: [Select]
if ($CONFIG['show_bbcode_help']) {$description_help .= '&nbsp;'. cpg_display_help('f=index.html&amp;base=64&amp;h='.urlencode(base64_encode(serialize($lang_bbcode_help_title))).'&amp;t='.urlencode(base64_encode(serialize($lang_bbcode_help))),470,245);}
In db_ecard.php, FIND (line 176):

Code: [Select]
  $tabOutput .= '<a href="'.$urlWithoutStart.'start='.($page-1)*$countTo.'&count='.$countTo.'">';
REPLACE WITH:

Code: [Select]
  $tabOutput .= '<a href="'.$urlWithoutStart.'start='.($page-1)*$countTo.'&amp;count='.$countTo.'">';
FIND (line 193):

Code: [Select]
$help = '&nbsp;'.cpg_display_help('f=index.htm&as=ecard_log&ae=ecard_log_end&top=1', '830', '400');
REPLACE WITH:

Code: [Select]
$help = '&nbsp;'.cpg_display_help('f=index.htm&amp;as=ecard_log&amp;ae=ecard_log_end&amp;top=1', '830', '400');
In ecard.php, FIND (line 146):

Code: [Select]
        msg_box($lang_cpg_die[INFORMATION], $lang_ecard_php['send_success'], $lang_continue, "displayimage.php?album=$album&pos=$pos");
REPLACE WITH:

Code: [Select]
        msg_box($lang_cpg_die[INFORMATION], $lang_ecard_php['send_success'], $lang_continue, "displayimage.php?album=$album&amp;pos=$pos");
FIND (line 211):

Code: [Select]
if ($CONFIG['show_bbcode_help']) {$captionLabel = '&nbsp;'. cpg_display_help('f=index.html&base=64&h='.urlencode(base64_encode(serialize($lang_bbcode_help_title))).'&t='.urlencode(base64_encode(serialize($lang_bbcode_help))),470,245);}
REPLACE WITH:

Code: [Select]
if ($CONFIG['show_bbcode_help']) {$captionLabel = '&nbsp;'. cpg_display_help('f=index.html&amp;base=64&amp;h='.urlencode(base64_encode(serialize($lang_bbcode_help_title))).'&amp;t='.urlencode(base64_encode(serialize($lang_bbcode_help))),470,245);}
FIND (line 224):

Code: [Select]
                        <form method="post" name="post" action="{$_SERVER['PHP_SELF']}?album=$album&pid=$pid&pos=$pos">
REPLACE WITH:

Code: [Select]
<form method="post" name="post" action="{$_SERVER['PHP_SELF']}?album=$album&amp;pid=$pid&amp;pos=$pos">
In editpics.php, FIND (line 224):

Code: [Select]
        $thumb_link = 'displayimage.php?&pos='.(-$CURRENT_PIC['pid']);
REPLACE WITH:

Code: [Select]
        $thumb_link = 'displayimage.php?&amp;pos='.(-$CURRENT_PIC['pid']);
FIND (line 435):

Code: [Select]
$next_target = $_SERVER['PHP_SELF'].'?album='.$album_id.'&start='.($start+$count).'&count='.$count.((UPLOAD_APPROVAL_MODE==1)?"&mode=upload_approval":"");
$prev_target = $_SERVER['PHP_SELF'].'?album='.$album_id.'&start='.max(0,$start-$count).'&count='.$count.((UPLOAD_APPROVAL_MODE==1)?"&mode=upload_approval":"");

REPLACE WITH:

Code: [Select]
$next_target = $_SERVER['PHP_SELF'].'?album='.$album_id.'&amp;start='.($start+$count).'&amp;count='.$count.((UPLOAD_APPROVAL_MODE==1)?"&amp;mode=upload_approval":"");
$prev_target = $_SERVER['PHP_SELF'].'?album='.$album_id.'&amp;start='.max(0,$start-$count).'&amp;count='.$count.((UPLOAD_APPROVAL_MODE==1)?"&amp;mode=upload_approval":"");

FIND (line 477):

Code: [Select]
        $form_target = $_SERVER['PHP_SELF'].'?mode=upload_approval&start='.$start.'&count='.$count;
REPLACE WITH:

Code: [Select]
        $form_target = $_SERVER['PHP_SELF'].'?mode=upload_approval&amp;start='.$start.'&amp;count='.$count;
FIND (line 491):

Code: [Select]
        $form_target = $_SERVER['PHP_SELF'].'?album='.$album_id.'&start='.$start.'&count='.$count;
REPLACE WITH:

Code: [Select]
        $form_target = $_SERVER['PHP_SELF'].'?album='.$album_id.'&amp;start='.$start.'&amp;count='.$count;
FIND (line 493):

Code: [Select]
        $help = '&nbsp;'.cpg_display_help('f=index.htm&as=edit_pics&ae=edit_pics_end&top=1', '800', '500');
REPLACE WITH:

Code: [Select]
        $help = '&nbsp;'.cpg_display_help('f=index.htm&amp;as=edit_pics&amp;ae=edit_pics_end&amp;top=1', '800', '500');
FIND (line 537):

Code: [Select]
$mode= (UPLOAD_APPROVAL_MODE==1) ? "&mode=upload_approval":"";
REPLACE WITH:

Code: [Select]
$mode= (UPLOAD_APPROVAL_MODE==1) ? "&amp;mode=upload_approval":"";
FIND (547):

Code: [Select]
                        <select onChange="if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?album=$album_id$mode&start=$start&count='+this.options[this.selectedIndex].value;"  name="count" class="listbox">
REPLACE WITH:

Code: [Select]
                        <select onChange="if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?album=$album_id$mode&amp;start=$start&amp;count='+this.options[this.selectedIndex].value;"  name="count" class="listbox">
In groupmgr.php, FIND (line 92):

Code: [Select]
            $explain_greyedout = '&nbsp;'.cpg_display_help('f=index.htm&base=64&h='.urlencode(base64_encode(serialize($lang_groupmgr_php['explain_greyed_out_title']))).'&t='.urlencode(base64_encode(serialize(sprintf($lang_groupmgr_php['explain_guests_greyed_out_text'],'<i>'.$group['group_name'].'</i>')))), '450', '300');
REPLACE WITH:

Code: [Select]
            $explain_greyedout = '&nbsp;'.cpg_display_help('f=index.htm&amp;base=64&amp;h='.urlencode(base64_encode(serialize($lang_groupmgr_php['explain_greyed_out_title']))).'&amp;t='.urlencode(base64_encode(serialize(sprintf($lang_groupmgr_php['explain_guests_greyed_out_text'],'<i>'.$group['group_name'].'</i>')))), '450', '300');
FIND (line 95):

Code: [Select]
            $explain_greyedout = '&nbsp;'.cpg_display_help('f=index.htm&base=64&h='.urlencode(base64_encode(serialize($lang_groupmgr_php['explain_greyed_out_title']))).'&t='.urlencode(base64_encode(serialize(sprintf($lang_groupmgr_php['explain_banned_greyed_out_text'],'<i>'.$group['group_name'].'</i>')))), '450', '300');
REPLACE WITH:

Code: [Select]
            $explain_greyedout = '&nbsp;'.cpg_display_help('f=index.htm&amp;base=64&amp;h='.urlencode(base64_encode(serialize($lang_groupmgr_php['explain_greyed_out_title']))).'&amp;t='.urlencode(base64_encode(serialize(sprintf($lang_groupmgr_php['explain_banned_greyed_out_text'],'<i>'.$group['group_name'].'</i>')))), '450', '300');
FIND (line 116):

Code: [Select]
                <br /><a href="usermgr.php?op=group_alb_access&gid={$group['group_id']}" class="admin_menu">{$lang_groupmgr_php['group_assigned_album']}</a>
REPLACE WITH:

Code: [Select]
                <br /><a href="usermgr.php?op=group_alb_access&amp;gid={$group['group_id']}" class="admin_menu">{$lang_groupmgr_php['group_assigned_album']}</a>
FIND (line 332):

Code: [Select]
$help_group = '&nbsp;'.cpg_display_help('f=index.htm&as=group_cp&ae=group_cp_end&top=1', '700', '500');
$help_permissions = '&nbsp;'.cpg_display_help('f=index.htm&as=group_cp_permissions&ae=group_cp_permissions_end&top=1', '500', '200');
$help_personal = '&nbsp;'.cpg_display_help('f=index.htm&as=group_cp_personal&ae=group_cp_personal_end&top=1', '500', '200');
$help_upload_method = '&nbsp;'.cpg_display_help('f=index.htm&as=group_cp_upload_method&ae=group_cp_upload_method_end&top=1', '700', '400');

REPLACE WITH:

Code: [Select]
$help_group = '&nbsp;'.cpg_display_help('f=index.htm&amp;as=group_cp&amp;ae=group_cp_end&amp;top=1', '700', '500');
$help_permissions = '&nbsp;'.cpg_display_help('f=index.htm&amp;as=group_cp_permissions&amp;ae=group_cp_permissions_end&amp;top=1', '500', '200');
$help_personal = '&nbsp;'.cpg_display_help('f=index.htm&amp;as=group_cp_personal&amp;ae=group_cp_personal_end&amp;top=1', '500', '200');
$help_upload_method = '&nbsp;'.cpg_display_help('f=index.htm&amp;as=group_cp_upload_method&amp;ae=group_cp_upload_method_end&amp;top=1', '700', '400');

In install.php, FIND (line 27):

Code: [Select]
         <a href=\"http://sourceforge.net/project/showfiles.php?group_id=89658&package_id=95984\">coppermine ports</a>
REPLACE WITH:

Code: [Select]
         <a href=\"http://sourceforge.net/project/showfiles.php?group_id=89658&amp;package_id=95984\">coppermine ports</a>
FIND (line 389):

Code: [Select]
   <img src="install.php?test_gd1=1&reload=<?php echo uniqid(''?>" alt="" width="1" height="1" border="0" alt="" />
   <img src="install.php?test_gd2=1&reload=<?php echo uniqid(''?>" alt="" width="1" height="1" border="0" alt="" />

REPLACE WITH:

Code: [Select]
   <img src="install.php?test_gd1=1&amp;reload=<?php echo uniqid(''?>" alt="" width="1" height="1" border="0" alt="" />
   <img src="install.php?test_gd2=1&amp;reload=<?php echo uniqid(''?>" alt="" width="1" height="1" border="0" alt="" />

In keywordmgr.php, FIND (line 66):

Code: [Select]
         $word .= '<td class="tableb"><a href="keywordmgr.php?page=delete&remov='.$single_word.'" onclick="return confirm(\''.sprintf($lang_keywordmgr_php['confirm_delete'], '&quot;'.$single_word.'&quot;').'\')">';
REPLACE WITH:

Code: [Select]
         $word .= '<td class="tableb"><a href="keywordmgr.php?page=delete&amp;remov='.$single_word.'" onclick="return confirm(\''.sprintf($lang_keywordmgr_php['confirm_delete'], '&quot;'.$single_word.'&quot;').'\')">';
FIND (line 70):

Code: [Select]
         <td class="tableb"><a href="thumbnails.php?album=search&search=$single_word" target="_blank">
REPLACE WITH:

Code: [Select]
         <td class="tableb"><a href="thumbnails.php?album=search&amp;search=$single_word" target="_blank">
In minibrowser.php, FIND (line 205):

Code: [Select]
        print '<a href="'.$_SERVER['PHP_SELF'].'?folder='.rawurlencode($uplink).'&parentform='.rawurlencode($parentform).'&formelementname='.rawurlencode($formelementname).'&no_popup='.$_REQUEST['no_popup'].'&limitfolder='.$_REQUEST['limitfolder'].'&hidefolders='.$_REQUEST['hidefolders'].'&linktarget='.$_REQUEST['linktarget'].'">'.$newline;
REPLACE WITH:

Code: [Select]
        print '<a href="'.$_SERVER['PHP_SELF'].'?folder='.rawurlencode($uplink).'&amp;parentform='.rawurlencode($parentform).'&amp;formelementname='.rawurlencode($formelementname).'&amp;no_popup='.$_REQUEST['no_popup'].'&amp;limitfolder='.$_REQUEST['limitfolder'].'&amp;hidefolders='.$_REQUEST['hidefolders'].'&amp;linktarget='.$_REQUEST['linktarget'].'">'.$newline;
FIND (line 225):

Code: [Select]
            print '<a href="'.$_SERVER['PHP_SELF'].'?folder='.rawurlencode('/'.ltrim($folder, '/').$key.'/').'&parentform='.rawurlencode($parentform).'&formelementname='.rawurlencode($formelementname).'&no_popup='.$_REQUEST['no_popup'].'&limitfolder='.$_REQUEST['limitfolder'].'&hidefolders='.$_REQUEST['hidefolders'].'&linktarget='.$_REQUEST['linktarget'].'">'.$newline;
REPLACE WITH:

Code: [Select]
            print '<a href="'.$_SERVER['PHP_SELF'].'?folder='.rawurlencode('/'.ltrim($folder, '/').$key.'/').'&amp;parentform='.rawurlencode($parentform).'&amp;formelementname='.rawurlencode($formelementname).'&amp;no_popup='.$_REQUEST['no_popup'].'&amp;limitfolder='.$_REQUEST['limitfolder'].'&amp;hidefolders='.$_REQUEST['hidefolders'].'&amp;linktarget='.$_REQUEST['linktarget'].'">'.$newline;
In modifyalb.php, FIND (line 37):

Code: [Select]
$help_can_upload = '&nbsp;'.cpg_display_help('f=index.htm&as=album_prop_visitor_start&ae=album_prop_visitor_end&top=1', '400', '200');
$help_album_keywords = '&nbsp;'.cpg_display_help('f=index.htm&as=album_prop_keyword_start&ae=album_prop_keyword_end&top=1', '400', '200');
$help_album_password = '&nbsp;'.cpg_display_help('f=index.htm&as=album_prop_password_start&ae=album_prop_password_end&top=1', '500', '250');

REPLACE WITH:

Code: [Select]
$help_can_upload = '&nbsp;'.cpg_display_help('f=index.htm&amp;as=album_prop_visitor_start&amp;ae=album_prop_visitor_end&amp;top=1', '400', '200');
$help_album_keywords = '&nbsp;'.cpg_display_help('f=index.htm&amp;as=album_prop_keyword_start&amp;ae=album_prop_keyword_end&amp;top=1', '400', '200');
$help_album_password = '&nbsp;'.cpg_display_help('f=index.htm&amp;as=album_prop_password_start&amp;ae=album_prop_password_end&amp;top=1', '500', '250');

FIND (line 42):

Code: [Select]
if ($CONFIG['show_bbcode_help']) {$captionLabel .= '&nbsp;'. cpg_display_help('f=index.html&base=64&h='.urlencode(base64_encode(serialize($lang_bbcode_help_title))).'&t='.urlencode(base64_encode(serialize($lang_bbcode_help))),470,245);}
REPLACE WITH:

Code: [Select]
if ($CONFIG['show_bbcode_help']) {$captionLabel .= '&nbsp;'. cpg_display_help('f=index.html&amp;base=64&amp;h='.urlencode(base64_encode(serialize($lang_bbcode_help_title))).'&amp;t='.urlencode(base64_encode(serialize($lang_bbcode_help))),470,245);}
FIND (line 483):

Code: [Select]
$help = '&nbsp;'.cpg_display_help('f=index.htm&as=album_prop&ae=album_prop_end&top=1', '600', '400');
REPLACE WITH:

Code: [Select]
$help = '&nbsp;'.cpg_display_help('f=index.htm&amp;as=album_prop&amp;ae=album_prop_end&amp;top=1', '600', '400');
« Last Edit: August 07, 2005, 12:08:49 am by GauGau »
Logged

Tranz

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Gender: Female
  • Posts: 6149
Re: & to &amp; - Set 1
« Reply #1 on: August 06, 2005, 04:43:54 pm »

Thanks for your time on this. Is it possible to merge the three threads or is there a reason that they are separate?
Logged

kaptainkory

  • Tester
  • Coppermine regular visitor
  • *
  • Offline Offline
  • Posts: 51
Re: & to &amp; - Set 1
« Reply #2 on: August 06, 2005, 11:42:17 pm »

Post size was exceeded...20000 characters max or something like that.  HA!

Thanks.
Logged

kegobeer

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 4637
  • Beer - it does a body good!
    • The Kazebeer Family Website
Re: & to &amp; - Set 1
« Reply #3 on: August 06, 2005, 11:45:47 pm »

In the future if that happens, just reply to your post with more corrections.  There's nothing wrong with having 3 or 4 replies for the same subject matter.
Logged
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: & to &amp; - Set 1
« Reply #4 on: August 07, 2005, 12:08:27 am »

committed to cvs
Logged
Pages: [1]   Go Up
 

Page created in 0.025 seconds with 19 queries.