diff options
author | Fabio Varesano <fax8@13637.no-reply.drupal.org> | 2006-06-19 20:55:12 +0000 |
---|---|---|
committer | Fabio Varesano <fax8@13637.no-reply.drupal.org> | 2006-06-19 20:55:12 +0000 |
commit | 107e6f3bbc6963173e04b8350d4401ccb314e4fd (patch) | |
tree | 5d0868c8fca1c642f363e6c006c031541e3143e5 /plugins/video_multidownload | |
parent | bff6fafe62a4201c99bdba20144313276d654bca (diff) | |
download | video-107e6f3bbc6963173e04b8350d4401ccb314e4fd.tar.gz video-107e6f3bbc6963173e04b8350d4401ccb314e4fd.tar.bz2 |
Corrected some XSS vulnerabilities.
Thanks to Dries Buytaert for pointing them out.
Chænged '%d' to %d for Postgres SQL compatibility
Diffstat (limited to 'plugins/video_multidownload')
-rw-r--r-- | plugins/video_multidownload/video_multidownload.module | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/plugins/video_multidownload/video_multidownload.module b/plugins/video_multidownload/video_multidownload.module index 03027bf..ddbba8e 100644 --- a/plugins/video_multidownload/video_multidownload.module +++ b/plugins/video_multidownload/video_multidownload.module @@ -100,6 +100,28 @@ function video_multidownload_form_alter($form_id, &$form) { } +/** + * Implementation of hook_nodeapi() + */ +function video_upload_nodeapi(&$node, $op, $teaser) { + if($node->type == 'video') { + switch ($op) { + + case 'validate': + //Validate multi-file download values. + if (user_access('create multi-file downloads')) { //Make sure the user has permission. + //Checks to make sure either multi-downloads are disabled, or a valid folder is given, or use_play_folder is checked. + if ($node->disable_multidownload == 0 and !is_dir(getcwd() . '/' . $node->download_folder) and $node->use_play_folder == 0) { + form_set_error('disable_multidownload', t("Please disable multi-file downloads if you are not going to use the feature.")); + form_set_error('download_folder', t('Download directory does not exist. Make sure it has a trailing forward slash "/".')); + } + } + break; + } + } +} + + function video_multidownload_download() { if ($node = node_load(arg(1))) { @@ -227,7 +249,7 @@ function theme_video_multidownload_download($node) { $breadcrumb[] = l(t('View'), "node/$node->nid"); drupal_set_breadcrumb($breadcrumb); - drupal_set_title(t('Downloading').' '.$node->title); + drupal_set_title(t('Downloading').' '. theme('placeholder', $node->title)); return theme("page", $output); } |