[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] api class.msgbox.php, 1.1.1.1, 1.1.1.1.2.1 class.setu
From: |
Dan Kuykendall <address@hidden> |
Subject: |
[Phpgroupware-cvs] api class.msgbox.php, 1.1.1.1, 1.1.1.1.2.1 class.setup.php, 1.1.1.1, 1.1.1.1.2.1 core_functions.inc.php, 1.1.1.1, 1.1.1.1.2.1 |
Date: |
Thu, 23 Oct 2003 20:27:55 +0000 |
Update of /cvsroot/phpgroupware/api
In directory subversions:/tmp/cvs-serv11420/api
Modified Files:
Tag: proposal-branch
class.msgbox.php class.setup.php core_functions.inc.php
Log Message:
fixed default rights to block even admin from being able to execute random
functions from the api, using the op
Index: core_functions.inc.php
===================================================================
RCS file: /cvsroot/phpgroupware/api/core_functions.inc.php,v
retrieving revision 1.1.1.1
retrieving revision 1.1.1.1.2.1
diff -C2 -d -r1.1.1.1 -r1.1.1.1.2.1
*** core_functions.inc.php 23 Oct 2003 07:25:02 -0000 1.1.1.1
--- core_functions.inc.php 23 Oct 2003 20:27:53 -0000 1.1.1.1.2.1
***************
*** 33,36 ****
--- 33,84 ----
*/
+ function phpgw_error_trap ($errno, $errstr, $errfile = '', $errline =
'')
+ {
+ switch ($errno)
+ {
+ case E_COMPILE_ERROR:
+ case E_PARSE:
+ $type = 'fatal';
+ break;
+ case E_CORE_ERROR:
+ case E_COMPILE_ERROR:
+ case E_USER_ERROR:
+ case E_ERROR:
+ $type = 'error';
+ break;
+ case E_WARNING:
+ break;
+ case E_CORE_WARNING:
+ case E_USER_WARNING:
+ $type = 'warning';
+ break;
+ case E_NOTICE:
+ break;
+ case E_USER_NOTICE:
+ $type = 'notice';
+ break;
+ default:
+ $type = 'unknown';
+ }
+ if(isset($type))
+ {
+ if(is_object($GLOBALS['msgbox']))
+ {
+ $GLOBALS['msgbox']->add(strtoupper($type).':
['.$errno.'] '.$errstr,$errline,$errfile, $type);
+ }
+ else
+ {
+ echo "<b>".strtoupper($type)."</b>: [$errno]
$errstr<br />\n";
+ if($type == 'fatal')
+ {
+ echo "Error in line $errline of file
$errfile<br />\n";
+ exit(1);
+ }
+ }
+ }
+ }
+
+ set_error_handler('phpgw_error_trap');
+
function createobject($class, $inputs='##NOTSET##', $silent = False)
{
Index: class.setup.php
===================================================================
RCS file: /cvsroot/phpgroupware/api/class.setup.php,v
retrieving revision 1.1.1.1
retrieving revision 1.1.1.1.2.1
diff -C2 -d -r1.1.1.1 -r1.1.1.1.2.1
*** class.setup.php 23 Oct 2003 07:25:02 -0000 1.1.1.1
--- class.setup.php 23 Oct 2003 20:27:53 -0000 1.1.1.1.2.1
***************
*** 425,430 ****
--- 425,436 ----
$admin_id =
$accounts->create($admin_account_info);
+ $all_acl = createobject('api_acl',
array('account_id'=>0));
+ $all_acl->add('api',63,1);
+
$admin_acl = createobject('api_acl',
array('account_id'=>$admin_id));
$admin_acl->add('.',63);
+ $admin_acl->add('api.base',63);
+ $admin_acl->add('api.setup',63);
+ $admin_acl->add('api.admin',63);
$this->install_log['text'] = 'Admin account
'.$args['admin_lid'].' was created.';
Index: class.msgbox.php
===================================================================
RCS file: /cvsroot/phpgroupware/api/class.msgbox.php,v
retrieving revision 1.1.1.1
retrieving revision 1.1.1.1.2.1
diff -C2 -d -r1.1.1.1 -r1.1.1.1.2.1
*** class.msgbox.php 23 Oct 2003 07:25:01 -0000 1.1.1.1
--- class.msgbox.php 23 Oct 2003 20:27:53 -0000 1.1.1.1.2.1
***************
*** 46,49 ****
--- 46,50 ----
$this->data[] = $args;
*/
+ $text = htmlentities($text);
switch ($type)
{
***************
*** 55,63 ****
case 'debug':
case 'fataldebug':
! ob_start();
! htmlentities(print_r($debug_data));
! $ret_str = ob_get_contents();
! ob_end_clean();
! $this->data[] = array('text'=>$text,
'line'=>$line, 'file'=>$file, 'type'=>'debug', 'debug_data'=>$ret_str);
if($type == 'fataldebug')
{
--- 56,68 ----
case 'debug':
case 'fataldebug':
! if(is_array($debug_data) ||
is_object($debug_data))
! {
! ob_start();
! print_r($debug_data);
! $debug_data = ob_get_contents();
! ob_end_clean();
! }
! $debug_data = htmlentities($debug_data);
! $this->data[] = array('text'=>$text,
'line'=>$line, 'file'=>$file, 'type'=>'debug', 'debug_data'=>$debug_data);
if($type == 'fataldebug')
{
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] api class.msgbox.php, 1.1.1.1, 1.1.1.1.2.1 class.setup.php, 1.1.1.1, 1.1.1.1.2.1 core_functions.inc.php, 1.1.1.1, 1.1.1.1.2.1,
Dan Kuykendall <address@hidden> <=
- Prev by Date:
[Phpgroupware-cvs] property/inc class.soentity.inc.php, 1.4, 1.5 class.uientity.inc.php, 1.2, 1.3 class.soadmin_entity.inc.php, 1.6, 1.7 class.boentity.inc.php, 1.2, 1.3 class.bocommon.inc.php, 1.86, 1.87 class.uiadmin_entity.inc.php, 1.5, 1.6 class.boadmin_entity.inc.php, 1.3, 1.4 class.uitts.inc.php, 1.39, 1.40
- Next by Date:
[Phpgroupware-cvs] api/auth class.auth_sql.php,1.1.1.1,1.1.1.1.2.1
- Previous by thread:
[Phpgroupware-cvs] property/inc class.soentity.inc.php, 1.4, 1.5 class.uientity.inc.php, 1.2, 1.3 class.soadmin_entity.inc.php, 1.6, 1.7 class.boentity.inc.php, 1.2, 1.3 class.bocommon.inc.php, 1.86, 1.87 class.uiadmin_entity.inc.php, 1.5, 1.6 class.boadmin_entity.inc.php, 1.3, 1.4 class.uitts.inc.php, 1.39, 1.40
- Next by thread:
[Phpgroupware-cvs] api/auth class.auth_sql.php,1.1.1.1,1.1.1.1.2.1
- Index(es):