security update core+modules
This commit is contained in:
Bachir Soussi Chiadmi
@@ -121,7 +121,7 @@ class ctools_export_ui {
|
||||
|
||||
switch ($op) {
|
||||
case 'import':
|
||||
return user_access('use PHP for settings');
|
||||
return user_access('use ctools import');
|
||||
case 'revert':
|
||||
return ($item->export_type & EXPORT_IN_DATABASE) && ($item->export_type & EXPORT_IN_CODE);
|
||||
case 'delete':
|
||||
@@ -152,7 +152,7 @@ class ctools_export_ui {
|
||||
if (isset($input['op']) && $input['op'] == t('Reset')) {
|
||||
unset($_SESSION['ctools_export_ui'][$this->plugin['name']]);
|
||||
if (!$js) {
|
||||
return drupal_goto($_GET['q']);
|
||||
drupal_goto($_GET['q']);
|
||||
}
|
||||
// clear everything but form id, form build id and form token:
|
||||
$keys = array_keys($input);
|
||||
@@ -639,7 +639,7 @@ class ctools_export_ui {
|
||||
}
|
||||
|
||||
function add_page($js, $input, $step = NULL) {
|
||||
drupal_set_title($this->get_page_title('add'));
|
||||
drupal_set_title($this->get_page_title('add'), PASS_THROUGH);
|
||||
|
||||
// If a step not set, they are trying to create a new item. If a step
|
||||
// is set, they're in the process of creating an item.
|
||||
@@ -665,7 +665,7 @@ class ctools_export_ui {
|
||||
);
|
||||
|
||||
$output = $this->edit_execute_form($form_state);
|
||||
if (!empty($form_state['executed'])) {
|
||||
if (!empty($form_state['executed']) && empty($form_state['rebuild'])) {
|
||||
$this->redirect($form_state['op'], $form_state['item']);
|
||||
}
|
||||
|
||||
@@ -676,7 +676,7 @@ class ctools_export_ui {
|
||||
* Main entry point to edit an item.
|
||||
*/
|
||||
function edit_page($js, $input, $item, $step = NULL) {
|
||||
drupal_set_title($this->get_page_title('edit', $item));
|
||||
drupal_set_title($this->get_page_title('edit', $item), PASS_THROUGH);
|
||||
|
||||
// Check to see if there is a cached item to get if we're using the wizard.
|
||||
if (!empty($this->plugin['use wizard'])) {
|
||||
@@ -701,7 +701,7 @@ class ctools_export_ui {
|
||||
);
|
||||
|
||||
$output = $this->edit_execute_form($form_state);
|
||||
if (!empty($form_state['executed'])) {
|
||||
if (!empty($form_state['executed']) && empty($form_state['rebuild'])) {
|
||||
$this->redirect($form_state['op'], $form_state['item']);
|
||||
}
|
||||
|
||||
@@ -712,7 +712,7 @@ class ctools_export_ui {
|
||||
* Main entry point to clone an item.
|
||||
*/
|
||||
function clone_page($js, $input, $original, $step = NULL) {
|
||||
drupal_set_title($this->get_page_title('clone', $original));
|
||||
drupal_set_title($this->get_page_title('clone', $original), PASS_THROUGH);
|
||||
|
||||
// If a step not set, they are trying to create a new clone. If a step
|
||||
// is set, they're in the process of cloning an item.
|
||||
@@ -749,7 +749,7 @@ class ctools_export_ui {
|
||||
);
|
||||
|
||||
$output = $this->edit_execute_form($form_state);
|
||||
if (!empty($form_state['executed'])) {
|
||||
if (!empty($form_state['executed']) && empty($form_state['rebuild'])) {
|
||||
$this->redirect($form_state['op'], $form_state['item']);
|
||||
}
|
||||
|
||||
@@ -778,7 +778,7 @@ class ctools_export_ui {
|
||||
*/
|
||||
function edit_execute_form_standard(&$form_state) {
|
||||
$output = drupal_build_form('ctools_export_ui_edit_item_form', $form_state);
|
||||
if (!empty($form_state['executed'])) {
|
||||
if (!empty($form_state['executed']) && empty($form_state['rebuild'])) {
|
||||
$this->edit_save_form($form_state);
|
||||
}
|
||||
|
||||
@@ -1218,7 +1218,7 @@ class ctools_export_ui {
|
||||
* Page callback to display export information for an exportable item.
|
||||
*/
|
||||
function export_page($js, $input, $item) {
|
||||
drupal_set_title($this->get_page_title('export', $item));
|
||||
drupal_set_title($this->get_page_title('export', $item), PASS_THROUGH);
|
||||
return drupal_get_form('ctools_export_form', ctools_export_crud_export($this->plugin['schema'], $item), t('Export'));
|
||||
}
|
||||
|
||||
@@ -1226,7 +1226,7 @@ class ctools_export_ui {
|
||||
* Page callback to import information for an exportable item.
|
||||
*/
|
||||
function import_page($js, $input, $step = NULL) {
|
||||
drupal_set_title($this->get_page_title('import'));
|
||||
drupal_set_title($this->get_page_title('import'), PASS_THROUGH);
|
||||
// Import is basically a multi step wizard form, so let's go ahead and
|
||||
// use CTools' wizard.inc for it.
|
||||
|
||||
@@ -1339,7 +1339,7 @@ function _ctools_export_ui_add_form_files($form, &$form_state) {
|
||||
*
|
||||
* This simply loads the object defined in the plugin and hands it off.
|
||||
*/
|
||||
function ctools_export_ui_list_form($form, $form_state) {
|
||||
function ctools_export_ui_list_form($form, &$form_state) {
|
||||
$form_state['object']->list_form($form, $form_state);
|
||||
return $form;
|
||||
}
|
||||
@@ -1441,7 +1441,7 @@ function ctools_export_ui_delete_confirm_form($form, &$form_state) {
|
||||
|
||||
$export_key = $plugin['export']['key'];
|
||||
$question = str_replace('%title', check_plain($item->{$export_key}), $plugin['strings']['confirmation'][$form_state['op']]['question']);
|
||||
$path = empty($_REQUEST['cancel_path']) ? ctools_export_ui_plugin_base_path($plugin) : $_REQUEST['cancel_path'];
|
||||
$path = (!empty($_REQUEST['cancel_path']) && !url_is_external($_REQUEST['cancel_path'])) ? $_REQUEST['cancel_path'] : ctools_export_ui_plugin_base_path($plugin);
|
||||
|
||||
$form = confirm_form($form,
|
||||
$question,
|
||||
|
||||
Reference in New Issue
Block a user