[Mapbender-commits] r2219 - in branches/2.4.5/http: javascripts php

svn_mapbender at osgeo.org svn_mapbender at osgeo.org
Mon Mar 10 11:06:30 EDT 2008 

Author: christoph
Date: 2008-03-10 11:06:30 -0400 (Mon, 10 Mar 2008)
New Revision: 2219

Modified:
   branches/2.4.5/http/javascripts/mod_featureInfoTunnel.php
   branches/2.4.5/http/javascripts/mod_getArea.php
   branches/2.4.5/http/php/mod_createUser.php
   branches/2.4.5/http/php/mod_evalArea.php
   branches/2.4.5/http/php/mod_loadWFSCapabilities.php
Log:
bug fixes due to security bug fix

Modified: branches/2.4.5/http/javascripts/mod_featureInfoTunnel.php
===================================================================
--- branches/2.4.5/http/javascripts/mod_featureInfoTunnel.php	2008-03-10 13:45:59 UTC (rev 2218)
+++ branches/2.4.5/http/javascripts/mod_featureInfoTunnel.php	2008-03-10 15:06:30 UTC (rev 2219)
@@ -17,7 +17,6 @@
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 
-require_once(dirname(__FILE__)."/../php/mb_validateSession.php");
 $sql = "SELECT e_src, e_target FROM gui_element WHERE e_id = 'featureInfoTunnel' AND fkey_gui_id = $1";
 $v = array($gui_id);
 $t = array('s');

Modified: branches/2.4.5/http/javascripts/mod_getArea.php
===================================================================
--- branches/2.4.5/http/javascripts/mod_getArea.php	2008-03-10 13:45:59 UTC (rev 2218)
+++ branches/2.4.5/http/javascripts/mod_getArea.php	2008-03-10 15:06:30 UTC (rev 2219)
@@ -43,7 +43,7 @@
 function mod_getArea_go(){
 	if(mod_measure_RX[mod_measure_RX.length -1] == mod_measure_RX[0] && mod_measure_RY[mod_measure_RY.length -1] == mod_measure_RY[0]){
 		var ind = getMapObjIndexByName(mod_getArea_target);
-		var url = "../php/mod_evalArea.php?x=";
+		var url = "../php/mod_evalArea.php?<?php echo $urlParameters;?>&x=";
 		for(var i=0; i<mod_measure_RX.length;i++){
 			if(i>0){ url += ",";}
 			url += mod_measure_RX[i];

Modified: branches/2.4.5/http/php/mod_createUser.php
===================================================================
--- branches/2.4.5/http/php/mod_createUser.php	2008-03-10 13:45:59 UTC (rev 2218)
+++ branches/2.4.5/http/php/mod_createUser.php	2008-03-10 15:06:30 UTC (rev 2219)
@@ -20,7 +20,6 @@
 
 import_request_variables("PG");
 require_once(dirname(__FILE__)."/../../conf/mapbender.conf");
-require_once(dirname(__FILE__)."/../php/mb_validateSession.php");
 if(PORTAL != true){
 	echo "This module is disabled. Please check your mapbender.conf.";
 	die;	

Modified: branches/2.4.5/http/php/mod_evalArea.php
===================================================================
--- branches/2.4.5/http/php/mod_evalArea.php	2008-03-10 13:45:59 UTC (rev 2218)
+++ branches/2.4.5/http/php/mod_evalArea.php	2008-03-10 15:06:30 UTC (rev 2219)
@@ -17,11 +17,10 @@
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 import_request_variables("PG");
-include '../include/dyn_css.php';
-require_once(dirname(__FILE__)."/../../conf/mapbender.conf");
+require_once(dirname(__FILE__)."/../php/mb_validateSession.php");
 require_once(dirname(__FILE__)."/../classes/class_administration.php");
 require_once(dirname(__FILE__)."/../classes/class_mb_exception.php");
-require_once(dirname(__FILE__)."/../php/mb_validateSession.php");
+include '../include/dyn_css.php';
 ?>
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 <html>
@@ -33,11 +32,6 @@
 echo '<meta http-equiv="Content-Type" content="text/html; charset='.CHARSET.'">';	
 ?>
 <title>Resultset</title>
-<?php
-$con = db_connect($DBSERVER,$OWNER,$PW);
-db_select_db(DB,$con);
-
-?>
 <style type="text/css">
 	<!--
 

Modified: branches/2.4.5/http/php/mod_loadWFSCapabilities.php
===================================================================
--- branches/2.4.5/http/php/mod_loadWFSCapabilities.php	2008-03-10 13:45:59 UTC (rev 2218)
+++ branches/2.4.5/http/php/mod_loadWFSCapabilities.php	2008-03-10 15:06:30 UTC (rev 2219)
@@ -17,13 +17,10 @@
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 
+import_request_variables("PG");
 include(dirname(__FILE__)."/../php/mb_validatePermission.php");
 
-$con = db_connect(DBSERVER,OWNER,PW);
-db_select_db(DB,$con);
-import_request_variables("PG");
 ?>
-
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 
 <html>
@@ -78,7 +75,7 @@
       }
       else{
          var gui_id=document.form1.guiList.options[listIndex].value;
-			document.form1.action='../php/mod_loadwfs.php';
+			document.form1.action='../php/mod_loadwfs.php?<?php echo $urlParameters;?>';
 			document.form1.submit();
       }
    }

More information about the Mapbender_commits mailing list