-
+
@@ -224,7 +229,7 @@ EOF;
);
foreach($table as $id => $row) {
foreach($collapse as $link => $title)
- if(isset($table[$id][$link])) {
+ if(isset($table[$id][$link]) && isset($row[$title])) {
$type = @array_shift(preg_split('/_/', $link));
if($link != $title) unset($table[$id][$link]);
$table[$id][$title]=$this->link($row[$title], $type.'/'.$row[$link].'/');
@@ -621,10 +626,15 @@ class Sklad_UI {
}
function post_redirect_get($location, $message='', $error=false) {
- $location = $this->html->internal_url($location).'?message='.urlencode($message);
+ $url_args = $message != '' ? '?message='.urlencode($message) : '';
+ $location = $this->html->internal_url($location).$url_args;
header('Location: '.$location);
if($error) trigger_error($message);
- die("Location:
$location");
+ $location=htmlspecialchars($location);
+ die(
+ "
".
+ "Location:
$location"
+ );
}
function safe_include($dir,$name,$vars=array(),$ext='.inc.php') {