Rev 7 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 7 | Rev 8 | ||
---|---|---|---|
Line 39... | Line 39... | ||
39 | $version = ''; |
39 | $version = ''; |
40 | $menuevisible = ''; |
40 | $menuevisible = ''; |
41 | $license = ''; |
41 | $license = ''; |
42 | $deaktiviere_zugangspruefung = 0; |
42 | $deaktiviere_zugangspruefung = 0; |
43 | 43 | ||
44 | if (file_exists('modules/'.$row['modul'].'/var.inc.php')) |
44 | if (file_exists('modules/'.wb_dir_escape($row['modul']).'/var.inc.php')) |
45 | include 'modules/'.$row['modul'].'/var.inc.php'; |
45 | include 'modules/'.wb_dir_escape($row['modul']).'/var.inc.php'; |
46 | 46 | ||
47 | $modulueberschrift_a = $modulueberschrift; |
47 | $modulueberschrift_a = $modulueberschrift; |
48 | 48 | ||
49 | if (($ib_user_type >= $modulrechte) && ((file_exists('modules/'.$row['modul'].'/seite_edit.inc.php')) || (file_exists('modules/'.$row['modul'].'/seite_view.inc.php')))) |
49 | if (($ib_user_type >= $modulrechte) && ((file_exists('modules/'.wb_dir_escape($row['modul']).'/seite_edit.inc.php')) || (file_exists('modules/'.wb_dir_escape($row['modul']).'/seite_view.inc.php')))) |
50 | { |
50 | { |
51 | $que = generate_search_query($row['table'], 0, $suchbegriff); |
51 | $que = generate_search_query($row['table'], 0, $suchbegriff); |
52 | $res2 = db_query($que); |
52 | $res2 = db_query($que); |
53 | 53 | ||
54 | while ($row2 = db_fetch($res2)) |
54 | while ($row2 = db_fetch($res2)) |
Line 65... | Line 65... | ||
65 | else |
65 | else |
66 | $titel = '<i>Keine Modulbetitelung</i>'; |
66 | $titel = '<i>Keine Modulbetitelung</i>'; |
67 | 67 | ||
68 | $etwas_gefunden = true; |
68 | $etwas_gefunden = true; |
69 | 69 | ||
70 | if (file_exists('modules/'.$row['modul'].'/images/menu/32.png')) |
70 | if (file_exists('modules/'.wb_dir_escape($row['modul']).'/images/menu/32.png')) |
71 | $g = 'modules/'.$row['modul'].'/images/menu/32.png'; |
71 | $g = 'modules/'.wb_dir_escape($row['modul']).'/images/menu/32.png'; |
72 | else if (file_exists('modules/'.$row['modul'].'/images/menu/32.gif')) |
72 | else if (file_exists('modules/'.wb_dir_escape($row['modul']).'/images/menu/32.gif')) |
73 | $g = 'modules/'.$row['modul'].'/images/menu/32.gif'; |
73 | $g = 'modules/'.wb_dir_escape($row['modul']).'/images/menu/32.gif'; |
74 | else |
74 | else |
75 | $g = 'design/spacer.gif'; |
75 | $g = 'design/spacer.gif'; |
76 | 76 | ||
77 | if (file_exists('modules/'.$row['modul'].'/images/menu/16.png')) |
77 | if (file_exists('modules/'.wb_dir_escape($row['modul']).'/images/menu/16.png')) |
78 | $k = 'modules/'.$row['modul'].'/images/menu/16.png'; |
78 | $k = 'modules/'.wb_dir_escape($row['modul']).'/images/menu/16.png'; |
79 | else if (file_exists('modules/'.$row['modul'].'/images/menu/16.gif')) |
79 | else if (file_exists('modules/'.wb_dir_escape($row['modul']).'/images/menu/16.gif')) |
80 | $k = 'modules/'.$row['modul'].'/images/menu/16.gif'; |
80 | $k = 'modules/'.wb_dir_escape($row['modul']).'/images/menu/16.gif'; |
81 | else |
81 | else |
82 | { |
82 | { |
83 | if (file_exists('modules/'.$modul.'/item.gif')) |
83 | if (file_exists('modules/'.wb_dir_escape($modul).'/item.gif')) |
84 | $k = 'modules/'.$modul.'/item.gif'; |
84 | $k = 'modules/'.wb_dir_escape($modul).'/item.gif'; |
85 | else if (file_exists('modules/'.$modul.'/item.png')) |
85 | else if (file_exists('modules/'.wb_dir_escape($modul).'/item.png')) |
86 | $k = 'modules/'.$modul.'/item.png'; |
86 | $k = 'modules/'.wb_dir_escape($modul).'/item.png'; |
87 | else |
87 | else |
88 | $k = 'design/spacer.gif'; |
88 | $k = 'design/spacer.gif'; |
89 | } |
89 | } |
90 | 90 | ||
91 | $a = ''; |
91 | $a = ''; |
Line 104... | Line 104... | ||
104 | $version = ''; |
104 | $version = ''; |
105 | $menuevisible = ''; |
105 | $menuevisible = ''; |
106 | $license = ''; |
106 | $license = ''; |
107 | $deaktiviere_zugangspruefung = 0; |
107 | $deaktiviere_zugangspruefung = 0; |
108 | 108 | ||
109 | if (file_exists('modules/'.$row4['kategorie'].'/var.inc.php')) |
109 | if (file_exists('modules/'.wb_dir_escape($row4['kategorie']).'/var.inc.php')) |
110 | include 'modules/'.$row4['kategorie'].'/var.inc.php'; |
110 | include 'modules/'.wb_dir_escape($row4['kategorie']).'/var.inc.php'; |
111 | 111 | ||
112 | $modulueberschrift_b = $modulueberschrift; |
112 | $modulueberschrift_b = $modulueberschrift; |
113 | 113 | ||
114 | if (file_exists('modules/'.$row4['kategorie'].'/seite_inhalt.inc.php')) |
114 | if (file_exists('modules/'.wb_dir_escape($row4['kategorie']).'/seite_inhalt.inc.php')) |
115 | $a = '<a href="javascript:oop2(\''.$_SERVER['PHP_SELF'].'?seite=inhalt&modul='.$row4['kategorie'].'#ordner'.$row2['id'].'\', \''.$modulueberschrift_a.'\', \''.$g.'\');" class="menu">Öffnen</a>'; |
115 | $a = '<a href="javascript:oop2(\''.$_SERVER['PHP_SELF'].'?seite=inhalt&modul='.urlencode($row4['kategorie']).'#ordner'.$row2['id'].'\', \''.$modulueberschrift_a.'\', \''.$g.'\');" class="menu">Öffnen</a>'; |
116 | 116 | ||
117 | if (file_exists('modules/'.$row4['kategorie'].'/seite_inhalt.inc.php')) |
117 | if (file_exists('modules/'.wb_dir_escape($row4['kategorie']).'/seite_inhalt.inc.php')) |
118 | $c = '<a href="'.oop_link_to_modul($row4['kategorie']).'" class="menu">'.$modulueberschrift_b.'</a> ('.$modulueberschrift_a.')'; |
118 | $c = '<a href="'.oop_link_to_modul($row4['kategorie']).'" class="menu">'.$modulueberschrift_b.'</a> ('.$modulueberschrift_a.')'; |
119 | else |
119 | else |
120 | $c = $modulueberschrift_b.' ('.$modulueberschrift_a.')'; |
120 | $c = $modulueberschrift_b.' ('.$modulueberschrift_a.')'; |
121 | } |
121 | } |
122 | else |
122 | else |
123 | { |
123 | { |
124 | if (file_exists('modules/'.$row['modul'].'/seite_view.inc.php')) |
124 | if (file_exists('modules/'.wb_dir_escape($row['modul']).'/seite_view.inc.php')) |
125 | $a = '<a href="javascript:oop2(\''.$_SERVER['PHP_SELF'].'?seite=view&modul='.$row['modul'].'&id='.$row2['id'].'\', \''.$modulueberschrift_a.'\', \''.$g.'\');" class="menu">Öffnen</a>'; |
125 | $a = '<a href="javascript:oop2(\''.$_SERVER['PHP_SELF'].'?seite=view&modul='.urlencode($row['modul']).'&id='.urlencode($row2['id']).'\', \''.$modulueberschrift_a.'\', \''.$g.'\');" class="menu">Öffnen</a>'; |
126 | 126 | ||
127 | if (file_exists('modules/'.$row['modul'].'/seite_edit.inc.php')) |
127 | if (file_exists('modules/'.wb_dir_escape($row['modul']).'/seite_edit.inc.php')) |
128 | $b = '<a href="javascript:oop2(\''.$_SERVER['PHP_SELF'].'?seite=edit&modul='.$row['modul'].'&aktion=edit&id='.$row2['id'].'\', \''.$modulueberschrift_a.'\', \''.$g.'\');" class="menu">Bearbeiten</a>'; |
128 | $b = '<a href="javascript:oop2(\''.$_SERVER['PHP_SELF'].'?seite=edit&modul='.urlencode($row['modul']).'&aktion=edit&id='.urlencode($row2['id']).'\', \''.$modulueberschrift_a.'\', \''.$g.'\');" class="menu">Bearbeiten</a>'; |
129 | 129 | ||
130 | if (file_exists('modules/'.$row['modul'].'/seite_inhalt.inc.php')) |
130 | if (file_exists('modules/'.wb_dir_escape($row['modul']).'/seite_inhalt.inc.php')) |
131 | $c = '<a href="'.oop_link_to_modul($row['modul']).'" class="menu">'.$modulueberschrift_a.'</a>'; |
131 | $c = '<a href="'.oop_link_to_modul($row['modul']).'" class="menu">'.$modulueberschrift_a.'</a>'; |
132 | else |
132 | else |
133 | $c = $modulueberschrift_a; |
133 | $c = $modulueberschrift_a; |
134 | } |
134 | } |
135 | 135 |