2012-07-02 Juan Manuel Ramon <juanmanuel.ramon@artica.es>

* include/javascript/jquery.pandora.js: Changed size of modal windows to avoid scroll. * include/functions_ui.php include/functions.php: Changes in autorefresh. When user is not logged then don't autorefresh (except public url of visual console) index.php: Restrict get_parameter to post when password in renewed in login. operation/visual_console/public_console.php: Fixed jquery path in this view. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@6727 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2012-07-02 11:11:21 +00:00 · 2012-07-02 11:11:21 +00:00 · a614700114
parent 47e5d5efa8
commit a614700114
6 changed files with 34 additions and 9 deletions
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@ -1,3 +1,18 @@
+2012-07-02 Juan Manuel Ramon <juanmanuel.ramon@artica.es>
+
+	* include/javascript/jquery.pandora.js: Changed size of modal 
+	windows to avoid scroll.
+
+	* include/functions_ui.php
+	 include/functions.php: Changes in autorefresh. When user is not 
+	 logged then don't autorefresh (except public url of visual console)
+	 
+	 index.php: Restrict get_parameter to post when password in renewed
+	 in login.
+	 
+	 operation/visual_console/public_console.php: Fixed jquery path in
+	 this view.
+
 2012-06-28 Miguel de Dios <miguel.dedios@artica.es>
 	
 	* include/functions_config.php: added lost lines for the text sizes
--- a/pandora_console/include/functions.php
+++ b/pandora_console/include/functions.php
@ -25,6 +25,11 @@ require_once ('functions_html.php');
 require_once ('functions_ui.php');
 require_once('functions_io.php');

+/**
+ * Check referer to avoid external attacks
+ *
+ * @return bool true if all is ok, false if referer is not equal to current web page
+ */
 function check_refererer() {
 	global $config;
 	
--- a/pandora_console/include/functions_ui.php
+++ b/pandora_console/include/functions_ui.php
@ -1055,14 +1055,16 @@ function ui_require_jquery_file ($name, $path = 'include/javascript/') {
 */
 function ui_process_page_head ($string, $bitfield) {
 	global $config;
+	global $vc_public_view;

 	if (isset ($config['ignore_callback']) && $config['ignore_callback'] == true) {
 		return;
 	}
 	
 	$output = '';
-	
-	if ($config["refr"] > 0) {
+
+	// If user is logged or displayed view is the public view of visual console
+	if ($config["refr"] > 0 && (isset($config['id_user']) || $vc_public_view == 1)) {
 		$query = ui_get_url_refresh (false);
 		
 		$output .= '<meta http-equiv="refresh" content="'.$config["refr"].'; URL=' . $query . '" />';
@ -1238,7 +1240,7 @@ function ui_process_page_head ($string, $bitfield) {
 			$output .= "\n".'/* ]]> */</script>';
 		}
 		else {
-			$output .= '<script type="text/javascript" src="'.$filename.'"></script>'."\n\t";
+			$output .= '<script type="text/javascript" src="' . $config['homeurl'] . '/' . $filename.'"></script>'."\n\t";
 		}
 	}
 	
--- a/pandora_console/include/javascript/jquery.pandora.js
+++ b/pandora_console/include/javascript/jquery.pandora.js
@ -150,8 +150,8 @@ $(document).ready (function () {
 				resizable: true,
 				draggable: true,
 				modal: true,
-				height: 140,
-				width: 300,
+				height: 180,
+				width: 400,
 				overlay: {
 							opacity: 0.5,
 							background: "black"
--- a/pandora_console/index.php
+++ b/pandora_console/index.php
@ -132,13 +132,13 @@ $sec = safe_url_extraclean ($sec);
 $process_login = false;

 // Update user password
-$change_pass = get_parameter('renew_password', 0);
+$change_pass = get_parameter_post('renew_password', 0);
 	
 if ($change_pass == 1) {
 	
-	$password_new = (string) get_parameter ('new_password', '');
-	$password_confirm = (string) get_parameter ('confirm_new_password', '');
-	$id = (string) get_parameter ('login', '');
+	$password_new = (string) get_parameter_post ('new_password', '');
+	$password_confirm = (string) get_parameter_post ('confirm_new_password', '');
+	$id = (string) get_parameter_post ('login', '');

 	$changed_pass = login_update_password_check ($password_new, $password_confirm, $id);
 }
--- a/pandora_console/operation/visual_console/public_console.php
+++ b/pandora_console/operation/visual_console/public_console.php
@ -26,10 +26,13 @@ echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www
 echo '<html xmlns="http://www.w3.org/1999/xhtml">'."\n";
 echo '<head>';

+global $vc_public_view;
+$vc_public_view = true;
 // This starts the page head. In the call back function,
 // things from $page['head'] array will be processed into the head
 ob_start ('ui_process_page_head');

+
 require ('include/functions_visual_map.php');

 // Auto Refresh page (can now be disabled anywhere in the script)