--- eguide/functions.php.~1.33.~ 2009-12-24 23:21:37.000000000 +0900
+++ eguide/functions.php 2010-01-10 17:26:24.745461717 +0900
@@ -103,6 +103,18 @@
return $data;
}
+function apply_user_vars($text) {
+ global $xoopsUser;
+ if (preg_match_all("/{X_([A-Z_]+)}/", $text, $d)) {
+ $u = is_object($xoopsUser);
+ foreach ($d[1] as $vname) {
+ $rep = $u?$xoopsUser->getVar(strtolower($vname)):'';
+ $text = str_replace("{X_$vname}", $rep, $text);
+ }
+ }
+ return $text;
+}
+
function eventform($data) {
global $xoopsUser, $xoopsModuleConfig;
$myts =& MyTextSanitizer::getInstance();
@@ -244,9 +256,11 @@
}
}
}
- if (empty($v) && !isset($_POST[$fname]) &&
- $xoopsUser && preg_match(_MD_NAME, $name)) {
- $v = htmlspecialchars($xoopsUser->getVar('name'));
+ if (!isset($_POST[$fname])) {
+ if (empty($v) && $xoopsUser && preg_match(_MD_NAME, $name)) { // compat old version
+ $v = $xoopsUser->getVar('name');
+ } else $v = apply_user_vars($v);
+ $v = htmlspecialchars($v);
}
if ($type == "text") {
$opts .= "<input size='$size' name='$fname' value=\"$v\" $prop/>";
--- eguide/reserv_func.php.~1.6.~ 2009-06-01 10:34:46.000000000 +0900
+++ eguide/reserv_func.php 2010-01-10 17:30:11.541074300 +0900
@@ -21,7 +21,7 @@
case 'hidden':
case 'const':
if (!$hidden) { // pseudo POST variable
- $_POST[$iname] = $result[$fname] = join(',', $a);
+ $_POST[$iname] = $result[$fname] = apply_user_vars(join(',', $a));
}
case "checkbox":
case 'textarea':
--
安冨 伸浩 (マイサイト管理人)
安冨 伸浩 (マイサイト管理人)