From 1e76d58f7e5a63e0bf20f777087bf49d833bd435 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Tue, 1 Dec 2020 18:29:58 +0100 Subject: [PATCH 1/5] =?UTF-8?q?Bug=20page=20priv=C3=A9e=20et=20d=C3=A9sact?= =?UTF-8?q?iv=C3=A9e=20+=20bug=20module=20de=20recherche=20groupes=20pages?= =?UTF-8?q?=20enfants?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/core.php | 27 +++++++++++++++++++-------- module/search/search.php | 4 ++-- 2 files changed, 21 insertions(+), 10 deletions(-) diff --git a/core/core.php b/core/core.php index 238e9bb2..f6dff366 100755 --- a/core/core.php +++ b/core/core.php @@ -2430,12 +2430,17 @@ class layout extends common { // Mise en page de l'item $itemsLeft .= '
  • '; - if ( $this->getData(['page',$parentPageId,'disable']) === true - AND $this->getUser('password') !== $this->getInput('ZWII_USER_PASSWORD') ) - - {$itemsLeft .= ''; + if ( ( $this->getData(['page',$parentPageId,'disable']) === true + AND $this->getUser('password') !== $this->getInput('ZWII_USER_PASSWORD') + ) OR ( + $this->getData(['page',$parentPageId,'disable']) === true + AND $this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD') + AND $this->getUser('group') < self::GROUP_MODERATOR + ) + ){ + $itemsLeft .= ''; } else { - $itemsLeft .= ''; + $itemsLeft .= ''; } switch ($this->getData(['page', $parentPageId, 'typeMenu'])) { @@ -2485,9 +2490,15 @@ class layout extends common { $targetBlank = $this->getData(['page', $childKey, 'targetBlank']) ? ' target="_blank"' : ''; // Mise en page du sous-item $itemsLeft .= '
  • '; - if ( $this->getData(['page',$childKey,'disable']) === true - AND $this->getUser('password') !== $this->getInput('ZWII_USER_PASSWORD') ) { - $itemsLeft .= ''; + if ( ( $this->getData(['page',$childKey,'disable']) === true + AND $this->getUser('password') !== $this->getInput('ZWII_USER_PASSWORD') + ) OR ( + $this->getData(['page',$childKey,'disable']) === true + AND $this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD') + AND $this->getUser('group') < self::GROUP_MODERATOR + ) + ){ + $itemsLeft .= ''; } else { $itemsLeft .= ''; } diff --git a/module/search/search.php b/module/search/search.php index b2a41f07..49fe78d6 100755 --- a/module/search/search.php +++ b/module/search/search.php @@ -126,8 +126,8 @@ class search extends common { foreach($childIds as $childId) { // Sous page if ($this->getData(['page', $childId, 'disable']) === false && - $this->getUser('group') >= $this->getData(['page', $parentId, 'group']) && - $this->getData(['page', $parentId, 'block']) !== 'bar') { + $this->getUser('group') >= $this->getData(['page', $childId, 'group']) && + $this->getData(['page', $childId, 'block']) !== 'bar') { $url = $childId; $titre = $this->getData(['page', $childId, 'title']); $contenu = ' ' . $titre . ' ' . $this->getData(['page', $childId, 'content']); From 1a881e20232bc223c4e61b8ff58023e01d76b631 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Tue, 1 Dec 2020 20:47:05 +0100 Subject: [PATCH 2/5] =?UTF-8?q?page=20d=C3=A9sactiv=C3=A9e=20->=20erreur?= =?UTF-8?q?=20404?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/core.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/core/core.php b/core/core.php index f6dff366..4bb5a593 100755 --- a/core/core.php +++ b/core/core.php @@ -40,7 +40,7 @@ class common { const ACCESS_TIMER = 1800; // Numéro de version - const ZWII_VERSION = '10.3.09'; + const ZWII_VERSION = '10.3.10'; const ZWII_UPDATE_CHANNEL = "v10"; public static $actions = []; @@ -1843,6 +1843,17 @@ class core extends common { $access = false; } } + // Empêcher l'accès aux page désactivée par URL directe + if ( ( $this->getData(['page', $this->getUrl(0),'disable']) === true + AND $this->getUser('password') !== $this->getInput('ZWII_USER_PASSWORD') + ) OR ( + $this->getData(['page', $this->getUrl(0),'disable']) === true + AND $this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD') + AND $this->getUser('group') < self::GROUP_MODERATOR + ) + ){ + $access = false; + } } /** From a5fd6a99e0c5196973cea9185c72931bd2612e1c Mon Sep 17 00:00:00 2001 From: fredtempez Date: Tue, 1 Dec 2020 21:05:22 +0100 Subject: [PATCH 3/5] bug module form v2.5 --- module/form/form.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/module/form/form.php b/module/form/form.php index 6c11b2df..955f40f0 100755 --- a/module/form/form.php +++ b/module/form/form.php @@ -32,7 +32,7 @@ class form extends common { public static $pagination; - const FORM_VERSION = '2.4'; + const FORM_VERSION = '2.5'; // Objets const TYPE_MAIL = 'mail'; @@ -87,7 +87,9 @@ class form extends common { ] ]); // Génération des données vides - $this->setData(['module', $this->getUrl(0), 'data', []]); + if ($this->getData(['module', $this->getUrl(0), 'data']) === null) { + $this->setData(['module', $this->getUrl(0), 'data', []]); + } // Génération des champs $inputs = []; foreach($this->getInput('formConfigPosition', null) as $index => $position) { From 3a6739fa4f142aa81a537e70d07eb2d291a7c4a1 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Tue, 1 Dec 2020 21:07:07 +0100 Subject: [PATCH 4/5] class captcha en double --- core/class/template.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/class/template.class.php b/core/class/template.class.php index d86fa96e..8a6637a8 100755 --- a/core/class/template.class.php +++ b/core/class/template.class.php @@ -64,7 +64,7 @@ class template { copy ('core/vendor/zwiico/png/'.$letters[$firstNumber] . '.png', 'site/tmp/' . $firstLetter . '.png'); copy ('core/vendor/zwiico/png/'.$letters[$secondNumber] . '.png', 'site/tmp/' . $secondLetter . '.png'); // Début du wrapper - $html = '
    '; + $html = '
    '; // Label $html .= self::label($attributes['id'], '' . template::ico('plus') . ' en chiffres ?', [ From 0de6e5a1cbb520506904e5de78f7759917ab4dd9 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Fri, 4 Dec 2020 13:02:02 +0100 Subject: [PATCH 5/5] changes + init.js --- CHANGES.md | 7 +++++++ core/vendor/tinymce/init.js | 3 --- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index f8714e67..5ee73923 100755 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,5 +1,12 @@ # Changelog +## Version 10.3.10 +Corrections : + - Conflit page inactive et droit d'un membre. + - Module de recherche, correction dans les pages enfants. +Modification : + - TinyMCE nettoyage init.js d'options non supportées. + ## Version 10.3.09 Corrections : - Configuration : persistance de l'ouverture des blocs. diff --git a/core/vendor/tinymce/init.js b/core/vendor/tinymce/init.js index 3358a75b..7ab9de82 100755 --- a/core/vendor/tinymce/init.js +++ b/core/vendor/tinymce/init.js @@ -97,9 +97,6 @@ tinymce.init({ images_dataimg_filter: function(img) { return img.hasAttribute('internal-blob'); },*/ - // Autorise tous les éléments - valid_elements :"*[*]", - valid_children : "*[*]", // Autorise l'ajout de script // extended_valid_elements: "script[language|type|src]", // Bloque le dimensionnement des médias (car automatiquement en fullsize avec fitvids pour le responsive)