Commit cc3aec0f authored by Carsten  Rose's avatar Carsten Rose

Bug #5595: New b:0 will be respected in download links.

parent d45a7960
......@@ -1072,7 +1072,7 @@ The following code will render a 'new person' button::
{{p:form&form=Person|s|N|t:new person AS link}}
For better reading, the format string might be wrapped in single or double quotes (this ist optional): ::
For better reading, the format string might be wrapped in single or double quotes (this is optional): ::
{{"p:form&form=Person|s|N|t:new person" AS link}}
......@@ -1275,7 +1275,7 @@ This is in general a good security improvement for directories with user supplie
File upload
-----------
By default the mime type of every uploaded file is checked against a whitelist of allowed mime types. The mime type of
By default the mime type of every uploaded file is checked against a white list of allowed mime types. The mime type of
a file can be (easily) faked by an attacker. This check is good to handle regular user file upload for specific file types. To
prevent attacks against uploading and executing malicous code this won't help.
......
......@@ -559,7 +559,7 @@ class Link {
// Download Link needs some extra work
if ($tokenGiven[TOKEN_DOWNLOAD]) {
$this->buildDownloadLate($vars);
$vars = $this->buildDownloadLate($vars);
}
// Final Checks
......@@ -1270,6 +1270,9 @@ EOF;
private function buildDownloadLate($vars) {
if ($vars[NAME_BOOTSTRAP_BUTTON] == '') {
$vars = $this->buildBootstrapButton($vars, '');
}
$bootstrapButton = $vars[NAME_BOOTSTRAP_BUTTON];
if ($vars[NAME_BOOTSTRAP_BUTTON] == '0') {
......@@ -1295,11 +1298,13 @@ EOF;
$vars[NAME_URL] = API_DIR . '/' . API_DOWNLOAD_PHP;
$vars[NAME_LINK_CLASS_DEFAULT] = NO_CLASS;
if ($vars[NAME_BOOTSTRAP_BUTTON] == '0') {
$vars[NAME_EXTRA_CONTENT_WRAP] = '<button type="button" ' . $attributes . $onClick . '>';
} else {
// if ($vars[NAME_BOOTSTRAP_BUTTON] == '0') {
// $vars[NAME_EXTRA_CONTENT_WRAP] = '<button type="button" ' . $attributes . $onClick . '>';
// } else {
$vars[NAME_EXTRA_CONTENT_WRAP] = '<span ' . $attributes . $onClick . '>';
}
$vars[NAME_BOOTSTRAP_BUTTON] = '0';
// }
return $vars;
......@@ -1558,11 +1563,14 @@ EOF;
$value = trim($value);
if (empty($value)) {
$vars[NAME_BOOTSTRAP_BUTTON] = 0;
if ($value === '0') {
return $vars;
}
if ($value === '') {
$value = 'default';
}
// Just in case the user forgot 'btn-' in front of btn-default, btn-primary, btn-su...
if (substr($value, 0, 4) != 'btn-') {
$value = 'btn-' . $value;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment