projects / WP-Plugins / glm-member-db.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 055ed1b)
Fixed bad lat/lon lists and images & files with bad characters.
authorChuck Scott <cscott@gaslightmedia.com>
Wed, 8 Jun 2016 14:51:04 +0000 (10:51 -0400)
committerChuck Scott <cscott@gaslightmedia.com>
Wed, 8 Jun 2016 14:51:04 +0000 (10:51 -0400)
classes/glmMemberImportFromConnections.php patch | blob | history
lib/GlmDataAbstract/DataAbstract.php patch | blob | history
models/admin/ajax/imageUpload.php patch | blob | history
views/admin/dashboardWidget/index.html patch | blob | history
views/admin/members/index.html patch | blob | history

diff --git a/classes/glmMemberImportFromConnections.php b/classes/glmMemberImportFromConnections.php
index 0708fa8..e7c9dd5 100644 (file)
--- a/classes/glmMemberImportFromConnections.php
+++ b/classes/glmMemberImportFromConnections.php
@@ -548,6 +548,7 @@ class GlmMemberImportFromConnections
 
             // Get the desired file name and add a timestamp to it to ensure that it's unique
             $fInfo = pathinfo($image);
+            $fInfo['filename'] = preg_replace('/([^a-zA-Z0-9-_\.]+)/','_', $fInfo['filename']);
             $newFilename = $fInfo['filename'].'_'.time().'.'.$fInfo['extension'];
 
             // Try to store the image using that file name in the 'original' directory
diff --git a/lib/GlmDataAbstract/DataAbstract.php b/lib/GlmDataAbstract/DataAbstract.php
index 072aeb4..866b3c1 100755 (executable)
--- a/lib/GlmDataAbstract/DataAbstract.php
+++ b/lib/GlmDataAbstract/DataAbstract.php
@@ -2437,6 +2437,10 @@ abstract class GlmDataAbstract
 
                 // Get the desired file name and add a timestamp to it to ensure that it's unique
                 $fInfo = pathinfo($_FILES[$as.'_new']['name']);
+
+                // Strip all but permitted characters from the file name.
+                $fInfo['filename'] = preg_replace('/([^a-zA-Z0-9-_\.]+)/','_', $fInfo['filename']);
+
                 $newFilename = $prefix.strtolower($fInfo['filename'].'_'.time().'.'.$fInfo['extension']);
 
                 // Get image temp file name - Not currently using, but should be using to check for resizing sanity
@@ -2648,6 +2652,11 @@ abstract class GlmDataAbstract
 
             // Get the desired file name and add a timestamp to it to ensure that it's unique
             $fInfo = pathinfo($_FILES[$as.'_new']['name']);
+
+            // Replace all but the permitted characters.
+            $fInfo['filename'] = preg_replace('/([^a-zA-Z0-9-_\.]+)/','_', $fInfo['filename']);
+
+
             $newFilename = $prefix.strtolower($fInfo['filename'].'_'.time().'.'.$fInfo['extension']);
 
             // Try to store the file using that file name
diff --git a/models/admin/ajax/imageUpload.php b/models/admin/ajax/imageUpload.php
index 35c6e25..e0d36f9 100644 (file)
--- a/models/admin/ajax/imageUpload.php
+++ b/models/admin/ajax/imageUpload.php
@@ -172,7 +172,7 @@ class GlmMembersAdmin_ajax_imageUpload extends GlmDataImages
     public function storeImage ($file, $refType = false, $refTable = false, $refDest = false, $caption = '')
     {
 
-        // If $file is just a URL to an image, the simulate the file array from a form submission
+        // If $file is just a URL to an image, then simulate the file array from a form submission
         if (!is_array($file)) {
             $file = array(
                 'tmp_name' => $file,
@@ -183,6 +183,9 @@ class GlmMembersAdmin_ajax_imageUpload extends GlmDataImages
         // Get the desired file name and add a timestamp to it to ensure that it's unique
         $fInfo = pathinfo($file['name']);
 
+        // Strip all characters from the file name other than the permitted characters.
+        $fInfo['filename'] = preg_replace('/([^a-zA-Z0-9-_\.]+)/','_', $fInfo['filename']);
+
         // Build new file name
         if ($refType != false) {
             $newFilename = $refTable.'_'.$refDest.'-'.strtolower($fInfo['filename'].'_'.time().'.'.$fInfo['extension']);
diff --git a/views/admin/dashboardWidget/index.html b/views/admin/dashboardWidget/index.html
index f888b5c..dea2e32 100644 (file)
--- a/views/admin/dashboardWidget/index.html
+++ b/views/admin/dashboardWidget/index.html
@@ -1,129 +1,128 @@
-    <table class="glm-admin-table">
     
 {if apply_filters('glm_members_permit_admin_widget_members', true)}    
   {if $membersList}
-        <tr><th>Number of {$terms.term_member_plur_cap} Listed: </th><td><a href="{$adminUrl}?page=glm-members-admin-menu-members&glm_action=list" class="glm-right">List Members</a><span class="glm-left">{$numbMembers}</span></td></tr>
-        <tr>
-            <td colspan="2">
-                <input  id="glmMembersSearch" type="text" id="autoTest" class="glm-right">
-                <span class="glm-left">{$terms.term_member_cap} Search:</span>
-                <script type="text/javascript">
-                    jQuery(document).ready(function($) {
-                        
-                        /*
-                         * Do autocomplete search for member
-                         * label: What will be searched
-                         * value: What will be displayed when selected
-                         * id: Member id added so we can go to the member while showing what was selected
-                         * Also note that autocomplete does not properly render HTML codes, so we 
-                         * "unescape" them for HTML in Smarty.
-                         */
-                        var availableTags = [
-                {foreach $membersList as $m}
-                            { label: "{$m.name|unescape:'html'}", value: "{$m.name|unescape:'html'}", id: '{$m.id}' },
-                {/foreach}
-                         ];
-                         $( "#glmMembersSearch" ).autocomplete({
-                             source: availableTags,
-                             html: true,
-                             select: function( event, ui ) {
-                                 var memberID = ui.item.id;
-                                 window.location.replace("{$adminUrl}?page=glm-members-admin-menu-member&glm_action=index&member=" + memberID );
-                             },
-                             response: function(event, ui) {
-                                 if (!ui.content.length) {
-                                     var noResult = { value:"",label:"No results found" };
-                                     ui.content.push(noResult);
+    <table class="wp-list-table glm-admin-table">
+        <tbody>
+            <tr>
+                <td>
+                    Number of {$terms.term_member_plur_cap} Listed:</b> {$numbMembers}
+                </td>
+                <td>
+                    <a href="{$adminUrl}?page=glm-members-admin-menu-members&glm_action=list" class="glm-right">List Members</a>
+                </td>
+            </tr>
+            <tr>
+                <td colspan="2">
+                    <input  id="glmMembersSearch" type="text" id="autoTest" class="glm-right">
+                    <span class="glm-left">{$terms.term_member_cap} Search:</span>
+                    <script type="text/javascript">
+                        jQuery(document).ready(function($) {
+                            
+                            /*
+                             * Do autocomplete search for member
+                             * label: What will be searched
+                             * value: What will be displayed when selected
+                             * id: Member id added so we can go to the member while showing what was selected
+                             * Also note that autocomplete does not properly render HTML codes, so we 
+                             * "unescape" them for HTML in Smarty.
+                             */
+                            var availableTags = [
+                    {foreach $membersList as $m}
+                                { label: "{$m.name|unescape:'html'}", value: "{$m.name|unescape:'html'}", id: '{$m.id}' },
+                    {/foreach}
+                             ];
+                             $( "#glmMembersSearch" ).autocomplete({
+                                 source: availableTags,
+                                 html: true,
+                                 select: function( event, ui ) {
+                                     var memberID = ui.item.id;
+                                     window.location.replace("{$adminUrl}?page=glm-members-admin-menu-member&glm_action=index&member=" + memberID );
+                                 },
+                                 response: function(event, ui) {
+                                     if (!ui.content.length) {
+                                         var noResult = { value:"",label:"No results found" };
+                                         ui.content.push(noResult);
+                                     }
                                  }
-                             }
-                         });
-                                         
-                    });
-                        
-                </script>
-            </td>
-        </tr>
+                             });
+                                             
+                        });
+                            
+                    </script>
+                </td>
+            </tr>
+        </tbody>
   {/if}
+    </table>
 {/if}
 
-{if apply_filters('glm_members_permit_admin_widget_warnings', true)}    
-  {if !$haveMemberTypes}
+{if apply_filters('glm_members_permit_admin_widget_warnings', true)}
+  {if !$haveMemberTypes || !$haveCategories || !$haveAmenities || !$haveCities || !$haveRegions || $numbMembers == 0}
+    <h4><span  class="glm-error">Pending {$terms.term_member_cap} Information</span></h4>
+    <table class="wp-list-table striped glm-admin-table">
+    {if !$haveMemberTypes}
         <tr>
             <th class="glm-error">No {$terms.term_member_cap} Types</th>
             <td><a href="{$adminUrl}?page=glm-members-admin-menu-configure&glm_action=memberTypes" class="glm-right">Add</a></td>
         </tr>
-  {/if}                
-  {if !$haveCategories}
+    {/if}                
+    {if !$haveCategories}
         <tr>
             <th><span class="glm-error">No {$terms.term_member_cap} Categories</span></th>
             <td><a href="{$adminUrl}?page=glm-members-admin-menu-configure&glm_action=categories" class="glm-right">Add</a></td>
         </tr>
-  {/if}                
-  {if !$haveAmenities}
+    {/if}                
+    {if !$haveAmenities}
         <tr>
             <th><span class="glm-error">No Amenities</span></th>
             <td><a href="{$adminUrl}?page=glm-members-admin-menu-configure&glm_action=amenities" class="glm-right">Add</a></td>
         </tr>
-  {/if}                
-  {if !$haveCities}
+    {/if}                
+    {if !$haveCities}
         <tr>
             <th><span class="glm-error">No Cities</span></th>
             <td><a href="{$adminUrl}?page=glm-members-admin-menu-configure&glm_action=cities" class="glm-right">Add</a></td>
         </tr>
-  {/if}                
-  {if !$haveRegions}
+    {/if}                
+    {if !$haveRegions}
         <tr>
             <th><span class="glm-error">No Regions</span></th>
             <td><a href="{$adminUrl}?page=glm-members-admin-menu-configure&glm_action=regions" class="glm-right">Add</a></td>
         </tr>
-  {/if}                
-  {if $numbMembers == 0}
+    {/if}                
+    {if $numbMembers == 0}
         <tr>
            <th> <span class="glm-error">No {$terms.term_member_plur_cap}</span></th>
             <td><a href="{$adminUrl}?page=glm-members-admin-menu-member&glm_action=index&member_id=" class="glm-right">Add a {$terms.term_member_cap}</a></td>
         </tr>
-  {/if}                
+    {/if}     
+    </table>
+  {/if}
   {if $haveBadLatLon}
-        <tr>
-            <td>
-                <h4><span  class="glm-error">Records with Bad Map Locations</span></h4>
-                
-                <table class="wp-list-table widefat fixed posts glm-admin-table"">
-                    <tbody>
-                {assign var="i" value="0"}
-                {foreach $badLatLonList as $p}
-                    {if $i++ is odd by 1} 
-                        <tr>
-                    {else}
-                        <tr class="alternate">
-                    {/if}
-                            <td>
-                                <a href="{$adminUrl}?page=glm-members-admin-menu-member&glm_action=memberInfo&member={$p.member_pointer}&memberInfo={$p.id}">{$p.member}:</a> {$p.reference_name}
-                            </td>
-                        </tr>
-                {/foreach}
-                    </tbody>
-                </table>
-            </td>
-        </tr>
+    <h4><span  class="glm-error">Records with Bad Map Locations</span></h4>
+    
+    <table class="wp-list-table striped glm-admin-table">
+        <tbody>
+    {foreach $badLatLonList as $p}
+            <tr>
+                <td>
+                    <a href="{$adminUrl}?page=glm-members-admin-menu-member&glm_action=memberInfo&member={$p.member_pointer}&memberInfo={$p.id}">{$p.member}:</a> {$p.reference_name}
+                </td>
+            </tr>
+    {/foreach}
+        </tbody>
+    </table>
   {/if}
 {/if}
-    </table>
 
 {if apply_filters('glm_members_permit_admin_widget_pending_info', true)}    
   {if $membersPending}
-    <hr>
     <h4><span  class="glm-error">Pending {$terms.term_member_cap} Information</span></h4>
     
-    <table class="wp-list-table widefat fixed posts glm-admin-table">
+    <table class="wp-list-table striped glm-admin-table">
         <tbody>
-    {assign var="i" value="0"}
     {foreach $pendingList as $p}
-        {if $i++ is odd by 1} 
             <tr>
-        {else}
-            <tr class="alternate">
-        {/if}
                 <td>
                     <span class="glm-admin-table-medium-text">
                         <a href="{$adminUrl}?page=glm-members-admin-menu-member&glm_action=memberInfo&member={$p.member_pointer}&memberInfo={$p.id}}">{$p.member}</a>:  
diff --git a/views/admin/members/index.html b/views/admin/members/index.html
index 0b8609d..cb3cf30 100644 (file)
--- a/views/admin/members/index.html
+++ b/views/admin/members/index.html
@@ -66,29 +66,18 @@
         <thead>
             <tr>
                 <th>{$terms.term_member_cap} Name</th>
-                <th>Created</th>
+                <th>Reference Name</th>
             </tr>
         </thead>
         <tbody>
-    {assign var="i" value="0"}
     {foreach $badLatLonList as $p}
-        {if $i++ is odd by 1} 
             <tr>
-        {else}
-            <tr class="alternate">
-        {/if}
                 <td>
                     <a href="{$thisUrl}?page=glm-members-admin-menu-member&glm_action=memberInfo&member={$p.member_pointer}&memberInfo={$p.id}">{$p.member}</a>
                 </td>
-                <td>
-                    {$p.modify_time.datetime}
-                </td>
                 <td>
                     {$p.reference_name}
                 </td>
-                <td>
-                    {$p.created.date}
-                </td>
             </tr>
     {/foreach}
         </tbody>