From: hickert Date: Mon, 15 Jan 2007 12:03:21 +0000 (+0000) Subject: Don't allow switching to hidden plugin by using plug=x attribute X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=2835d7267d670cd989a1cf753770cea823b8b67e;p=gosa.git Don't allow switching to hidden plugin by using plug=x attribute git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@5567 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/html/main.php b/html/main.php index efd6806d6..1796905bd 100644 --- a/html/main.php +++ b/html/main.php @@ -173,8 +173,22 @@ if (isset($_SESSION['plugin_dir'])){ } else { $old_plugin_dir= ""; } + +/* reload navigation if language changed*/ +if($reload_navigation){ + $plist->menu="";; +} +$plist->gen_headlines(); +$plist->gen_menu(); + + if (isset($_GET['plug'])){ $plug= validate($_GET['plug']); + + if(!in_array_ics($plug,$plist->allowed_plug_ids)){ + $plug = key($plist->allowed_plug_ids); + } + $plugin_dir= $plist->get_path($plug); $_SESSION['plugin_dir']= $plugin_dir; if ($plugin_dir == ""){ @@ -286,12 +300,6 @@ $smarty->assign ("go_corner", get_template_path('images/go_corner.png')); $smarty->assign ("go_left", get_template_path('images/go_left.png')); $smarty->assign ("go_help", get_template_path('images/help.png')); -/* reload navigation if language changed*/ -if($reload_navigation){ - $plist->menu="";; -} -$plist->gen_headlines(); -$plist->gen_menu(); $smarty->assign ("menu", $plist->menu); $smarty->assign ("plug", "$plug"); diff --git a/include/class_pluglist.inc b/include/class_pluglist.inc index 631c2cf15..89d55749e 100644 --- a/include/class_pluglist.inc +++ b/include/class_pluglist.inc @@ -29,6 +29,7 @@ class pluglist { var $ui= NULL; var $current= ""; var $headlines = array(); + var $allowed_plug_ids =array(); function pluglist($config, $ui) { @@ -132,7 +133,7 @@ class pluglist { } if ($this->check_access($info['ACL'])){ - + $this->allowed_plug_ids[$index]=$index; $entries= $entries."

". "