aboutsummaryrefslogtreecommitdiffstats
path: root/include/text.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/text.php')
-rw-r--r--include/text.php22
1 files changed, 20 insertions, 2 deletions
diff --git a/include/text.php b/include/text.php
index 437bb8b5f..22a1a78c4 100644
--- a/include/text.php
+++ b/include/text.php
@@ -2025,12 +2025,22 @@ function json_decode_plus($s) {
function design_tools() {
+
$channel = get_app()->get_channel();
+ $sys = false;
+
+ if(get_app()->is_sys && is_site_admin()) {
+ require_once('include/identity.php');
+ $channel = get_sys_channel();
+ $sys = true;
+ }
+
$who = $channel['channel_address'];
return replace_macros(get_markup_template('design_tools.tpl'), array(
'$title' => t('Design'),
'$who' => $who,
+ '$sys' => $sys,
'$blocks' => t('Blocks'),
'$menus' => t('Menus'),
'$layout' => t('Layouts'),
@@ -2050,7 +2060,7 @@ function normalise_openid($s) {
// used in ajax endless scroll request to find out all the args that the master page was viewing.
// This was using $_REQUEST, but $_REQUEST also contains all your cookies. So we're restricting it
-// to $_GET. If this is used in a post handler, that decision may need to be considered.
+// to $_GET and $_POST.
function extra_query_args() {
$s = '';
@@ -2058,7 +2068,15 @@ function extra_query_args() {
foreach($_GET as $k => $v) {
// these are request vars we don't want to duplicate
if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) {
- $s .= '&' . $k . '=' . $v;
+ $s .= '&' . $k . '=' . urlencode($v);
+ }
+ }
+ }
+ if(count($_POST)) {
+ foreach($_POST as $k => $v) {
+ // these are request vars we don't want to duplicate
+ if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) {
+ $s .= '&' . $k . '=' . urlencode($v);
}
}
}