Index: branches/RC/core/units/general/helpers/mod_rewrite_helper.php
===================================================================
diff -u -r11843 -r11854
--- branches/RC/core/units/general/helpers/mod_rewrite_helper.php (.../mod_rewrite_helper.php) (revision 11843)
+++ branches/RC/core/units/general/helpers/mod_rewrite_helper.php (.../mod_rewrite_helper.php) (revision 11854)
@@ -555,56 +555,6 @@
return $vars;
}
- /*if ( $module_prefix = $this->ProcessModuleItem($url_parts, $vars) ) {
- $passed[] = $module_prefix;
- return $vars;
- }*/
-
- /*// match module
- $next_template = $this->HTTPQuery->Get('next_template');
- if ($url_part || $next_template)
- {
- if ($next_template)
- {
- $next_template_parts = explode('/', $next_template);
- $module_folder = array_shift($next_template_parts);
- }
- else
- {
- $module_folder = $url_part;
- }
-
- foreach ($this->Application->ModuleInfo as $module_name => $module_data)
- {
- if ( trim($module_data['TemplatePath'], '/') == $module_folder )
- {
- $module_prefix = $module_data['Var'];
- break;
- }
- }
- }*/
-
- /*if ( $this->ProcessPage($url_parts, $vars) ) {
- if (count($passed) == 1) {// passed contains only 1 value which is 'm'
- // this may be search results page, so we need to find out the module, especially for old in-portal
- foreach ($this->Application->ModuleInfo as $module_name => $module_data) {
- if (!$module_data['TemplatePath']) continue;
- if ( preg_match('/^' . preg_quote($module_data['TemplatePath'], '/') . '/i', $vars['t']) )
- {
- $module_prefix = $module_data['Var'];
- break;
- }
- }
- $passed[] = $module_prefix;
- }
- return $vars;
- }
-
- if ( $module_prefix = $this->ProcessModuleItem($url_parts, $vars, false) ) {
- $passed[] = $module_prefix;
- return $vars;
- }*/
-
if (!$found) {
$not_found = $this->Application->ConfigValue('ErrorTemplate');
$vars['t'] = $not_found ? $not_found : 'error_notfound';
Index: branches/RC/core/units/general/custom_fields.php
===================================================================
diff -u -r11178 -r11854
--- branches/RC/core/units/general/custom_fields.php (.../custom_fields.php) (revision 11178)
+++ branches/RC/core/units/general/custom_fields.php (.../custom_fields.php) (revision 11854)
@@ -12,12 +12,12 @@
*
* @param string $values_list
* @param string $separator
- * @param bool $parse_sqls
+ * @param bool $parse
* @return Array
*/
- function GetValuesHash($values_list, $separator = VALUE_LIST_SEPARATOR, $parse_sqls = true)
+ function GetValuesHash($values_list, $separator = VALUE_LIST_SEPARATOR, $parse = true)
{
- $values_list = trim($this->ParseConfigSQL($values_list, $separator, $parse_sqls), $separator);
+ $values_list = trim($this->ParseConfigSQL($values_list, $separator, $parse), $separator);
if (!$values_list) {
// no options, then return empty array
@@ -36,15 +36,29 @@
return Array ();
}
- foreach ($optionValuesTmp as $optionValue) {
- list ($key, $val) = explode('=', $optionValue);
- $val = (substr($val,0,1) == '+') ? substr($val, 1) : $this->Application->Phrase($val);
+ if ($parse) {
+ // normal way
+ foreach ($optionValuesTmp as $optionValue) {
+ list ($key, $val) = explode('=', $optionValue);
- if (substr($key, 0, 3) == 'SQL') {
- $val = base64_decode( str_replace('_', '=', $val) );
+ $val = substr($val, 0, 1) == '+' ? substr($val, 1) : $this->Application->Phrase($val);
+
+ $optionValues[$key] = $val;
}
- $optionValues[$key] = $val;
}
+ else {
+ // during custom field editing
+ foreach ($optionValuesTmp as $optionValue) {
+ list ($key, $val) = explode('=', $optionValue);
+
+ if (substr($key, 0, 3) == 'SQL') {
+ $val = base64_decode( str_replace('_', '=', substr($val, 1)) );
+ }
+
+ $optionValues[$key] = $val;
+ }
+ }
+
return $optionValues;
}
Index: branches/RC/core/units/custom_fields/custom_fields_event_handler.php
===================================================================
diff -u -r11724 -r11854
--- branches/RC/core/units/custom_fields/custom_fields_event_handler.php (.../custom_fields_event_handler.php) (revision 11724)
+++ branches/RC/core/units/custom_fields/custom_fields_event_handler.php (.../custom_fields_event_handler.php) (revision 11854)
@@ -276,7 +276,12 @@
}
foreach ($records as $record) {
- $ret[] = $record['OptionKey'] . '=+' . $record['OptionTitle'];
+ if (substr($record['OptionKey'], 0, 3) == 'SQL') {
+ $ret[] = $record['OptionTitle'];
+ }
+ else {
+ $ret[] = $record['OptionKey'] . '=' . $record['OptionTitle'];
+ }
}
$object->SetDBField('ValueList', implode(VALUE_LIST_SEPARATOR, $ret));
Index: branches/RC/core/admin_templates/custom_fields/custom_fields_edit.tpl
===================================================================
diff -u -r11685 -r11854
--- branches/RC/core/admin_templates/custom_fields/custom_fields_edit.tpl (.../custom_fields_edit.tpl) (revision 11685)
+++ branches/RC/core/admin_templates/custom_fields/custom_fields_edit.tpl (.../custom_fields_edit.tpl) (revision 11854)
@@ -91,6 +91,8 @@
+
+
Index: branches/RC/core/admin_templates/js/form_controls.js
===================================================================
diff -u -r11283 -r11854
--- branches/RC/core/admin_templates/js/form_controls.js (.../form_controls.js) (revision 11283)
+++ branches/RC/core/admin_templates/js/form_controls.js (.../form_controls.js) (revision 11854)
@@ -116,7 +116,7 @@
$ret = $ret.replace('#' + $field_name + '#', this.formatValue($field_name, $value));
}
- return $ret;
+ return this.htmlspecialchars($ret);
}
MultiInputControl.prototype._getRecordIndex = function ($selected_index) {