mirror of
https://git.code.sf.net/p/seeddms/code
synced 2025-06-01 06:27:15 +00:00
do not htmlspecialchars() keywords, check attributes before setting them
This commit is contained in:
parent
fc09a9408b
commit
5013fb154c
|
@ -314,10 +314,12 @@ function createFolder($id) { /* {{{ */
|
|||
$comment = $app->request()->post('comment');
|
||||
$attributes = $app->request()->post('attributes');
|
||||
$newattrs = array();
|
||||
foreach($attributes as $attrname=>$attrvalue) {
|
||||
$attrdef = $dms->getAttributeDefinitionByName($attrname);
|
||||
if($attrdef) {
|
||||
$newattrs[$attrdef->getID()] = $attrvalue;
|
||||
if($attributes) {
|
||||
foreach($attributes as $attrname=>$attrvalue) {
|
||||
$attrdef = $dms->getAttributeDefinitionByName($attrname);
|
||||
if($attrdef) {
|
||||
$newattrs[$attrdef->getID()] = $attrvalue;
|
||||
}
|
||||
}
|
||||
}
|
||||
if($folder = $parent->addSubFolder($name, $comment, $userobj, 0, $newattrs)) {
|
||||
|
@ -469,7 +471,7 @@ function getDocument($id) { /* {{{ */
|
|||
'version'=>$lc->getVersion(),
|
||||
'orig_filename'=>$lc->getOriginalFileName(),
|
||||
'size'=>$lc->getFileSize(),
|
||||
'keywords'=>htmlspecialchars($document->getKeywords()),
|
||||
'keywords'=>$document->getKeywords(),
|
||||
);
|
||||
$app->response()->header('Content-Type', 'application/json');
|
||||
echo json_encode(array('success'=>true, 'message'=>'', 'data'=>$data));
|
||||
|
|
Loading…
Reference in New Issue
Block a user