From 2d2fd172e1548dd24e1719accd0b856cff6a31a0 Mon Sep 17 00:00:00 2001
From: Falko Timme <ft@falkotimme.com>
Date: Fri, 18 Oct 2013 12:20:13 -0400
Subject: [PATCH] - Added funtion to convert currency formatted numbers back to floating numbers. - Improved getSearchSQL() function so that users can use their native date format so search for dates in lists.

---
 interface/web/admin/language_edit.php |    9 +++++----
 1 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/interface/web/admin/language_edit.php b/interface/web/admin/language_edit.php
index ce9f30c..ffba65d 100644
--- a/interface/web/admin/language_edit.php
+++ b/interface/web/admin/language_edit.php
@@ -35,6 +35,7 @@
 
 //* This is only allowed for administrators
 if(!$app->auth->is_admin()) die('only allowed for administrators.');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
 
 $app->uses('tpl');
 
@@ -56,9 +57,9 @@
 	$file_content = "<?php\n";
 	foreach($_POST['records'] as $key => $val) {
 		$val = stripslashes($val);
-		$val = str_replace("'",'',$val);
-		$val = str_replace('"','',$val);
-		$file_content .= '$wb['."'$key'".'] = '."'$val';\n";
+		$val = str_replace('"','\"',$val);
+		$val = str_replace('$','',$val);
+		$file_content .= '$wb['."'$key'".'] = "'.$val.'";'."\n";
 		$msg = 'File saved.';
 	}
 	$file_content .= "?>\n";
@@ -84,7 +85,7 @@
 $keyword_list = array();
 if(isset($wb) && is_array($wb)) {
 	foreach($wb as $key => $val) {
-		$keyword_list[] = array('key' => $key, 'val' => $val);
+		$keyword_list[] = array('key' => $key, 'val' => htmlentities($val,ENT_COMPAT | ENT_HTML401,'UTF-8'));
 	}
 
 	$app->tpl->setLoop('records', $keyword_list);

--
Gitblit v1.9.1