Changeset 591 for trunk


Ignore:
Timestamp:
2009-04-16T10:43:35+02:00 (5 years ago)
Author:
moo
Message:

added $enable_eval

Location:
trunk/admin
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/admin/config.php.example

    r526 r591  
    1616// do not define both with 
    1717// $free_graph_width = 120; 
     18 
     19// only enable if you have password protection for admin page 
     20// enabling this option will cause user to eval() whatever code they want 
     21$enable_eval = false; 
    1822 
    1923// this function is detected by xcache.tpl.php, and enabled if function_exists 
  • trunk/admin/edit.php

    r419 r591  
    1212 
    1313if ($_SERVER['REQUEST_METHOD'] == 'POST') { 
    14     eval('$value = ' . $_POST['value']); 
     14    if ($enable_eval) { 
     15        eval('$value = ' . $_POST['value']); 
     16    } 
     17    else { 
     18        $value = $_POST['value']; 
     19    } 
    1520    xcache_set($name, $value); 
    1621    header("Location: xcache.php?type=" . XC_TYPE_VAR); 
    1722    exit; 
    1823} 
    19 $value = var_export(xcache_get($name), true); 
     24$value = xcache_get($name); 
     25if ($enable_eval) { 
     26    $value = var_export($value, true); 
     27    $editable = true; 
     28} 
     29else { 
     30    $editable = is_string($value); 
     31} 
    2032 
    2133$xcache_version = XCACHE_VERSION; 
  • trunk/admin/edit.tpl.php

    r371 r591  
    77    <fieldset> 
    88        <legend><?php echo sprintf(_T("Editing Variable %s"), $h_name); ?></legend> 
    9         <textarea name="value" style="width: 100%; height: 200px; overflow-y: auto"><?php echo $h_value; ?></textarea><br> 
     9        <textarea name="value" style="width: 100%; height: 200px; overflow-y: auto" <?php echo $editable ? "" : "disabled=disabled"; ?>><?php echo $h_value; ?></textarea><br> 
    1010        <input type="submit"> 
    1111    </fieldset> 
Note: See TracChangeset for help on using the changeset viewer.