From e372dd6925058eddf34e5b2b5ca59a5707befb37 Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Fri, 11 Oct 2013 02:58:52 -0400
Subject: [PATCH] Implemented:  - javascript hooks prepared (onAfterContentLoad is first available hook)  - new abstract class for GET and POST requests  - new js.d directory that is included into main template

---
 interface/web/admin/language_edit.php |    9 +++++----
 1 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/interface/web/admin/language_edit.php b/interface/web/admin/language_edit.php
index ce9f30c..208f1ac 100644
--- a/interface/web/admin/language_edit.php
+++ b/interface/web/admin/language_edit.php
@@ -35,6 +35,7 @@
 
 //* This is only allowed for administrators
 if(!$app->auth->is_admin()) die('only allowed for administrators.');
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
 
 $app->uses('tpl');
 
@@ -56,9 +57,9 @@
 	$file_content = "<?php\n";
 	foreach($_POST['records'] as $key => $val) {
 		$val = stripslashes($val);
-		$val = str_replace("'",'',$val);
-		$val = str_replace('"','',$val);
-		$file_content .= '$wb['."'$key'".'] = '."'$val';\n";
+		$val = str_replace('"','\"',$val);
+		$val = str_replace('$','',$val);
+		$file_content .= '$wb['."'$key'".'] = "'.$val.'";'."\n";
 		$msg = 'File saved.';
 	}
 	$file_content .= "?>\n";
@@ -84,7 +85,7 @@
 $keyword_list = array();
 if(isset($wb) && is_array($wb)) {
 	foreach($wb as $key => $val) {
-		$keyword_list[] = array('key' => $key, 'val' => $val);
+		$keyword_list[] = array('key' => $key, 'val' => htmlentities($val));
 	}
 
 	$app->tpl->setLoop('records', $keyword_list);

--
Gitblit v1.9.1