diff options
Diffstat (limited to 'modules/gallery/helpers')
| -rw-r--r-- | modules/gallery/helpers/gallery_menu.php | 4 | ||||
| -rw-r--r-- | modules/gallery/helpers/p.php | 33 |
2 files changed, 35 insertions, 2 deletions
diff --git a/modules/gallery/helpers/gallery_menu.php b/modules/gallery/helpers/gallery_menu.php index 0f0e676d..09c2d91a 100644 --- a/modules/gallery/helpers/gallery_menu.php +++ b/modules/gallery/helpers/gallery_menu.php @@ -28,8 +28,8 @@ class gallery_menu_Core { $item = $theme->item(); - $can_edit = access::can("edit", $item) || $is_admin; - $can_add = access::can("add", $item) || $is_admin; + $can_edit = $item && access::can("edit", $item) || $is_admin; + $can_add = $item && (access::can("add", $item) || $is_admin); if ($item && $can_edit || $can_add) { $menu->append($options_menu = Menu::factory("submenu") diff --git a/modules/gallery/helpers/p.php b/modules/gallery/helpers/p.php new file mode 100644 index 00000000..69032840 --- /dev/null +++ b/modules/gallery/helpers/p.php @@ -0,0 +1,33 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class p_Core { + static function attr($dirty_html) { + // return $dirty_html; + return htmlentities($dirty_html, ENT_QUOTES); + // return str_replace('"', '"', $dirty_html); + // return str_replace('"', '"', Purify::instance()->purify($dirty_html)); + } + + function clean($dirty_html) { + // return $dirty_html; + return htmlentities($dirty_html, ENT_QUOTES); + // return Purify::instance()->purify($dirty_html); + } +} |