Hi Thijs, I miss your upload ;-P Attached is a patch from upstream svn which should fix the described issue. Please check back. Kind regards Nico
-- Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Index: includes/functions_privacy.php
===================================================================
--- includes/functions_privacy.php (Revision 1723)
+++ includes/functions_privacy.php (Revision 1724)
@@ -581,15 +581,21 @@
$privacy_cache[$pkey] = $display;
return $display;
}
- if ($type=="SOUR") {
- if ($SHOW_SOURCES>=getUserAccessLevel($username)) {
- $privacy_cache[$pkey] = true;
- return true;
- }
- else {
- $privacy_cache[$pkey] = false;
- return false;
- }
+ if ($type=="SOUR") {
+ if ($SHOW_SOURCES>=getUserAccessLevel($username)) {
+ $disp = true;
+ $sourcerec = find_source_record($pid);
+ if (!empty($sourcerec)) {
+ $repoid = get_gedcom_value("REPO", 1, $sourcrec);
+ $disp = displayDetailsByID($repoid, "REPO");
+ }
+ $privacy_cache[$pkey] = $disp;
+ return $disp;
+ }
+ else {
+ $privacy_cache[$pkey] = false;
+ return false;
+ }
}
if ($type=="REPO") {
if ($SHOW_SOURCES>=getUserAccessLevel($username)) {
Index: includes/functions_print.php
===================================================================
--- includes/functions_print.php (Revision 1723)
+++ includes/functions_print.php (Revision 1724)
@@ -981,7 +981,7 @@
$vars = preg_split('/(^\?|\&(amp;)*)/', normalize_query_string($QUERY_STRING."&changelanguage=&NEWLANGUAGE="), -1, PREG_SPLIT_NO_EMPTY);
foreach ($vars as $var) {
$parts = preg_split("/=/", $var);
- print "\n\t\t<input type=\"hidden\" name=\"$parts[0]\" value=\"".urldecode($parts[1])."\" />";
+ print "\n\t\t<input type=\"hidden\" name=\"$parts[0]\" value=\"".htmlentities(urldecode($parts[1]))."\" />";
}
print "\n\t\t<input type=\"hidden\" name=\"changelanguage\" value=\"yes\" />\n\t\t<select name=\"NEWLANGUAGE\" class=\"header_select\" onchange=\"submit();\">";
print "\n\t\t\t<option value=\"\">".$pgv_lang["change_lang"]."</option>";
@@ -2434,8 +2434,8 @@
print " <span class=\"label\">".$factarray["LONG"].": </span>".$map_long;
}
if ($map_lati and $map_long) {
- $map_lati=trim(strtr($map_lati,"NSEW,°"," - -. ")); // S5,6789 ==> -5.6789
- $map_long=trim(strtr($map_long,"NSEW,°"," - -. ")); // E3.456° ==> 3.456
+ $map_lati=trim(strtr($map_lati,"NSEW,ᅵ"," - -. ")); // S5,6789 ==> -5.6789
+ $map_long=trim(strtr($map_long,"NSEW,ᅵ"," - -. ")); // E3.456ᅵ ==> 3.456
print " <a target=\"_BLANK\" href=\"http://www.mapquest.com/maps/map.adp?searchtype=address&formtype=latlong&latlongtype=decimal&latitude=".$map_lati."&longitude=".$map_long."\";><img src=\"images/mapq.gif\" border=\"0\" alt=\"Mapquest ©\" title=\"Mapquest ©\" /></a>";
print " <a target=\"_BLANK\" href=\"http://maps.google.com/maps?q=".$map_lati.",".$map_long."\";><img src=\"images/bubble.gif\" border=\"0\" alt=\"Google Maps ©\" title=\"Google Maps ©\" /></a>";
print " <a target=\"_BLANK\" href=\"http://www.multimap.com/map/browse.cgi?lat=".$map_lati."&lon=".$map_long."&scale=&icon=x\";><img src=\"images/multim.gif\" border=\"0\" alt=\"Multimap ©\" title=\"Multimap ©\" /></a>";
Index: includes/controllers/timeline_ctrl.php
===================================================================
--- includes/controllers/timeline_ctrl.php (Revision 1723)
+++ includes/controllers/timeline_ctrl.php (Revision 1724)
@@ -85,7 +85,7 @@
//-- make sure that arrays are indexed by numbers
$this->pids = array_values($this->pids);
}
- if (!empty($newpid)) $this->pids[] = $newpid;
+ if (!empty($newpid) && !in_array($newpid, $this->pids)) $this->pids[] = $newpid;
if (count($this->pids)==0) $this->pids[] = check_rootid("");
$remove = "";
if (!empty($_REQUEST['remove'])) $remove = $_REQUEST['remove'];
Index: changelog.txt
===================================================================
--- changelog.txt (Revision 1723)
+++ changelog.txt (Revision 1724)
@@ -8,6 +8,7 @@
# $Id$
=====================================================================
Version 4.1.2
+ - Added [ 1557511 ] Repository Privacy (yalnifj)
- Added index directory cleanup tool (yalnifj, neumont)
- Fixed [ 1792613 ] Text mangled when editing linked Note (canajun2eh)
- Fixed [ 1410203 ] E-Mail not displaying characters correctly (yalnifj)
Index: ancestry.php
===================================================================
--- ancestry.php (Revision 1723)
+++ ancestry.php (Revision 1724)
@@ -62,7 +62,7 @@
print_help_link("rootid_help", "qm");
print $pgv_lang["root_person"]?></td>
<td class="optionbox vmiddle">
- <input class="pedigree_form" type="text" name="rootid" id="rootid" size="3" value="<?php print $controller->rootid ?>" />
+ <input class="pedigree_form" type="text" name="rootid" id="rootid" size="3" value="<?php print htmlentities($controller->rootid) ?>" />
<?php print_findindi_link("rootid",""); ?>
</td>
@@ -71,7 +71,7 @@
<?php
print_help_link("box_width_help", "qm");
print $pgv_lang["box_width"]?></td>
- <td class="optionbox vmiddle"><input type="text" size="3" name="box_width" value="<?php print $box_width ?>" /> <b>%</b>
+ <td class="optionbox vmiddle"><input type="text" size="3" name="box_width" value="<?php print htmlentities($box_width) ?>" /> <b>%</b>
</td>
<!-- // NOTE: chart style -->
Index: timeline.php
===================================================================
--- timeline.php (Revision 1723)
+++ timeline.php (Revision 1724)
@@ -284,7 +284,7 @@
<a href="individual.php?pid=<?php print $pid; ?>"> <?php print PrintReady($indi->getName()); ?><br />
<?php $addname = $indi->getAddName(); if (strlen($addname) > 0) print PrintReady($addname); ?>
</a>
- <input type="hidden" name="pids[<?php print $p; ?>]" value="<?php print $pid; ?>" />
+ <input type="hidden" name="pids[<?php print $p; ?>]" value="<?php print htmlentities($pid); ?>" />
<?php if (!$controller->isPrintPreview()) {
print "<br />";
print_help_link("remove_person_help", "qm");
@@ -305,7 +305,7 @@
else {
print_privacy_error($CONTACT_EMAIL);
?>
- <input type="hidden" name="pids[<?php print $p; ?>]" value="<?php print $pid; ?>" />
+ <input type="hidden" name="pids[<?php print $p; ?>]" value="<?php print htmlentities($pid); ?>" />
<?php if (!$controller->isPrintPreview()) {
print "<br />";
print_help_link("remove_person_help", "qm");
pgpTIPXbOEYEP.pgp
Description: PGP signature
