Changeset 591 in svn for trunk


Ignore:
Timestamp:
2009-04-16T10:43:35+02:00 (6 years ago)
Author:
Xuefer
Message:

added $enable_eval

Location:
trunk/admin
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/admin/config.php.example

    r526 r591  
    1616// do not define both with
    1717// $free_graph_width = 120;
     18
     19// only enable if you have password protection for admin page
     20// enabling this option will cause user to eval() whatever code they want
     21$enable_eval = false;
    1822
    1923// this function is detected by xcache.tpl.php, and enabled if function_exists
  • trunk/admin/edit.php

    r419 r591  
    1212
    1313if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    14     eval('$value = ' . $_POST['value']);
     14    if ($enable_eval) {
     15        eval('$value = ' . $_POST['value']);
     16    }
     17    else {
     18        $value = $_POST['value'];
     19    }
    1520    xcache_set($name, $value);
    1621    header("Location: xcache.php?type=" . XC_TYPE_VAR);
    1722    exit;
    1823}
    19 $value = var_export(xcache_get($name), true);
     24$value = xcache_get($name);
     25if ($enable_eval) {
     26    $value = var_export($value, true);
     27    $editable = true;
     28}
     29else {
     30    $editable = is_string($value);
     31}
    2032
    2133$xcache_version = XCACHE_VERSION;
  • trunk/admin/edit.tpl.php

    r371 r591  
    77    <fieldset>
    88        <legend><?php echo sprintf(_T("Editing Variable %s"), $h_name); ?></legend>
    9         <textarea name="value" style="width: 100%; height: 200px; overflow-y: auto"><?php echo $h_value; ?></textarea><br>
     9        <textarea name="value" style="width: 100%; height: 200px; overflow-y: auto" <?php echo $editable ? "" : "disabled=disabled"; ?>><?php echo $h_value; ?></textarea><br>
    1010        <input type="submit">
    1111    </fieldset>
Note: See TracChangeset for help on using the changeset viewer.