From fff1980dd0a7cfd88dfbf2d8f1acb1f4b53a929a Mon Sep 17 00:00:00 2001 From: Julia Longtin Date: Thu, 7 Feb 2013 23:26:40 +0000 Subject: [PATCH] Change some doublequotes to singlequotes, use $GLOBALS instead of $srcdir, use xlt instead of htmlspecialchars + xl, and use formData instead of directly using $_REQUEST, to remove a warning. --- interface/super/manage_site_files.php | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/interface/super/manage_site_files.php b/interface/super/manage_site_files.php index 7a5975556..071b8ee60 100644 --- a/interface/super/manage_site_files.php +++ b/interface/super/manage_site_files.php @@ -13,23 +13,26 @@ $sanitize_all_escapes = true; $fake_register_globals = false; -require_once("../globals.php"); -require_once("$srcdir/acl.inc"); +require_once('../globals.php'); +require_once($GLOBALS['srcdir'].'/acl.inc'); +require_once($GLOBALS['srcdir'].'/htmlspecialchars.inc.php'); +/* for formData() */ +require_once($GLOBALS['srcdir'].'/formdata.inc.php'); if (!acl_check('admin', 'super')) die(htmlspecialchars(xl('Not authorized'))); // Prepare array of names of editable files, relative to the site directory. $my_files = array( - "clickoptions.txt", - "config.php", - "faxcover.txt", - "faxtitle.eps", - "referral_template.html", - "statement.inc.php", - "letter_templates/custom_pdf.php", + 'clickoptions.txt', + 'config.php', + 'faxcover.txt', + 'faxtitle.eps', + 'referral_template.html', + 'statement.inc.php', + 'letter_templates/custom_pdf.php', ); // Append LBF plugin filenames to the array. -$lres = sqlStatement("SELECT * FROM list_options " . +$lres = sqlStatement('SELECT * FROM list_options ' . "WHERE list_id = 'lbfnames' ORDER BY seq, title"); while ($lrow = sqlFetchArray($lres)) { $option_id = $lrow['option_id']; // should start with LBF @@ -37,7 +40,7 @@ while ($lrow = sqlFetchArray($lres)) { $my_files[] = "LBF/$option_id.plugin.php"; } -$form_filename = $_REQUEST['form_filename']; +$form_filename = formData('form_filename'); // Sanity check to prevent evildoing. if (!in_array($form_filename, $my_files)) $form_filename = ''; $filepath = "$OE_SITE_DIR/$form_filename"; @@ -80,7 +83,7 @@ if (!empty($_POST['bn_save'])) { -<?php echo htmlspecialchars(xl('File management')); ?> +<?php echo xlt('File management'); ?>