%s 篇日志, 并有 %s 条关于你的评论在 %s 个分类中.', +
%s 篇文章, 并有 %s 条关于你的评论在 %s 个分类中.',
$stat->myPublishedPostsNum, $stat->myPublishedCommentsNum, $stat->categoriesNum); ?>
-
-
pass('contributor', true)): ?>
diff --git a/admin/media.php b/admin/media.php
index 8a315373..64cae0f1 100644
--- a/admin/media.php
+++ b/admin/media.php
@@ -144,7 +144,7 @@ $(document).ready(function() {
var uploader = new plupload.Uploader({
browse_button : $('.upload-file').get(0),
- url : 'index('/action/upload?do=modify&cid=' . $attachment->cid); ?>',
+ url : 'index('/action/upload?do=modify&cid=' . $attachment->cid); ?>',
runtimes : 'html5,flash,silverlight,html4',
flash_swf_url : 'adminUrl('js/Moxie.swf'); ?>',
silverlight_xap_url : 'adminUrl('js/Moxie.xap'); ?>',
diff --git a/var/Widget/Metas/Category/Edit.php b/var/Widget/Metas/Category/Edit.php
index 13d79431..138deac5 100644
--- a/var/Widget/Metas/Category/Edit.php
+++ b/var/Widget/Metas/Category/Edit.php
@@ -223,7 +223,6 @@ class Widget_Metas_Category_Edit extends Widget_Abstract_Metas implements Widget
/** 取出数据 */
$category = $this->request->from('name', 'slug', 'description', 'parent');
- $parent = 0;
$category['slug'] = Typecho_Common::slugName(empty($category['slug']) ? $category['name'] : $category['slug']);
$category['type'] = 'category';
@@ -259,13 +258,13 @@ class Widget_Metas_Category_Edit extends Widget_Abstract_Metas implements Widget
/** 取出数据 */
$category = $this->request->from('name', 'slug', 'description', 'parent');
- $current = $this->fetchRow($this->select()->where('mid = ?', $category['mid']));
+ $current = $this->db->fetchRow($this->select()->where('mid = ?', $category['mid']));
$category['slug'] = Typecho_Common::slugName(empty($category['slug']) ? $category['name'] : $category['slug']);
$category['type'] = 'category';
$category['mid'] = $this->request->mid;
if ($current['parent'] != $category['parent']) {
- $parent = $this->fetchRow($this->select()->where('mid = ?', $category['parent']));
+ $parent = $this->db->fetchRow($this->select()->where('mid = ?', $category['parent']));
if ($parent['mid'] == $category['mid']) {
$category['order'] = $parent['order'];
@@ -307,7 +306,7 @@ class Widget_Metas_Category_Edit extends Widget_Abstract_Metas implements Widget
if ($categories && is_array($categories)) {
foreach ($categories as $category) {
- $parent = $this->fetchObject($this->select()->where('mid = ?', $category))->parent;
+ $parent = $this->db->fetchObject($this->select()->where('mid = ?', $category))->parent;
if ($this->delete($this->db->sql()->where('mid = ?', $category))) {
$this->db->query($this->db->delete('table.relationships')->where('mid = ?', $category));
diff --git a/var/Widget/Security.php b/var/Widget/Security.php
index a51777ee..a064e945 100644
--- a/var/Widget/Security.php
+++ b/var/Widget/Security.php
@@ -32,7 +32,8 @@ class Widget_Security extends Typecho_Widget
$token = uniqid();
if ($user->hasLogin()) {
$token = $user->authCode . '&' . $user->uid
- . '&' . $this->request->getRequestUrl();
+ . '&' . $this->request->getRequestUrl()
+ . '&' . $this->request->getIp();
}
$this->_token = md5($token);
@@ -69,7 +70,8 @@ class Widget_Security extends Typecho_Widget
$token = uniqid();
if ($user->hasLogin()) {
$token = $user->authCode . '&' . $user->uid
- . '&' . $this->request->getReferer();
+ . '&' . $this->request->getReferer()
+ . '&' . $this->request->getIp();
}
if ($this->request->get('_') != md5($token)) {
diff --git a/var/Widget/Upload.php b/var/Widget/Upload.php
index e4b110f6..e22127e3 100644
--- a/var/Widget/Upload.php
+++ b/var/Widget/Upload.php
@@ -413,7 +413,6 @@ class Widget_Upload extends Widget_Abstract_Contents implements Widget_Interface
public function action()
{
if ($this->user->pass('contributor', true) && $this->request->isPost()) {
- $this->security->protect();
if ($this->request->is('do=modify&cid')) {
$this->modify();
} else {