[BUG&PATCH] in editpics.php [BUG&PATCH] in editpics.php
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

[BUG&PATCH] in editpics.php

Started by king2, March 31, 2004, 06:01:52 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

king2

March 31, 2004, 06:01:52 PM
editpics.php uses $PHP_SELF variable, but this variable (at least on my system) not contains GET parameters. So, in upload approval mode pressing on next or prev HREFs or selecting pictures per page value causes switching to usermode with no album selected.

To avoid this, change lines:

Code Select

$next_target = $PHP_SELF . '?album=' . $album_id . '&start=' . ($start + $count) . '&count=' . $count;
$prev_target = $PHP_SELF . '?album=' . $album_id . '&start=' . max(0, $start - $count) . '&count=' . $count;

to
Code Select

$s_upload = UPLOAD_APPROVAL_MODE ? '&mode=upload_approval' : '';
$next_target = $PHP_SELF . '?album=' . $album_id . '&start=' . ($start + $count) . '&count=' . $count . $s_upload;
$prev_target = $PHP_SELF . '?album=' . $album_id . '&start=' . max(0, $start - $count) . '&count=' . $count . $s_upload;

and change
Code Select
<select onChange="if(this.options[this.selectedIndex].value) window.location.href='$PHP_SELF?album=$album_id&start=$start&count='+this.options[this.selectedIndex].value;"  name="count" class="listbox">

to
Code Select

<select onChange="if(this.options[this.selectedIndex].value) window.location.href='$PHP_SELF?album=$album_id$s_upload&start=$start&count='+this.options[this.selectedIndex].value;"  name="count" class="listbox">


This will solve the problem (tested :))
king2
Print
Go Up Pages1
User actions