gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-16 14:41:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

Browse Source
This commit is contained in:
Uwe Steinmann 2025-03-04 12:37:30 +01:00
commit 71d5154945
4 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG
View File

@ -323,6 +323,7 @@
- fixed setting group approvers from previous document version - fixed setting group approvers from previous document version
- very experimental support of memcached for accelerating some database - very experimental support of memcached for accelerating some database
operations (do not use in production) operations (do not use in production)
- prevent malicious manipulation of referer when setting language
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
Changes in version 5.1.38 Changes in version 5.1.38

3
op/op.SetLanguage.php
View File

@ -31,5 +31,4 @@ include("../inc/inc.Authentication.php");
$session->setLanguage($_GET['lang']); $session->setLanguage($_GET['lang']);
header("Location: http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$_GET['referer']); header("Location: http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].decryptData($settings->_encryptionKey, $_GET['referer']));
?>

2
views/bootstrap/class.Bootstrap.php
View File

@ -464,7 +464,7 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
echo "<li class=\"active\">"; echo "<li class=\"active\">";
else else
echo "<li>"; echo "<li>";
echo "<a href=\"".$this->params['settings']->_httpRoot."op/op.SetLanguage.php?lang=".$currLang."&referer=".$_SERVER["REQUEST_URI"]."\">"; echo "<a href=\"".$this->params['settings']->_httpRoot."op/op.SetLanguage.php?lang=".$currLang."&referer=".urlencode(encryptData($this->params['settings']->_encryptionKey, $_SERVER["REQUEST_URI"]))."\">";
echo getMLText($currLang)."</a></li>\n"; echo getMLText($currLang)."</a></li>\n";
} }
echo " </ul>\n"; echo " </ul>\n";

2
views/bootstrap4/class.Bootstrap4.php
View File

@ -472,7 +472,7 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
echo " <a class=\"dropdown-item active\""; echo " <a class=\"dropdown-item active\"";
else else
echo " <a class=\"dropdown-item\""; echo " <a class=\"dropdown-item\"";
echo " href=\"".$this->params['settings']->_httpRoot."op/op.SetLanguage.php?lang=".$currLang."&referer=".$_SERVER["REQUEST_URI"]."\">"; echo " href=\"".$this->params['settings']->_httpRoot."op/op.SetLanguage.php?lang=".$currLang."&referer=".urlencode(encryptData($this->params['settings']->_encryptionKey, $_SERVER["REQUEST_URI"]))."\">";
echo getMLText($currLang)."</a>\n"; echo getMLText($currLang)."</a>\n";
} }
echo " </div>\n"; echo " </div>\n";