summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Braksator2012-01-30 00:59:05 (GMT)
committer Daniel Braksator2012-01-30 00:59:05 (GMT)
commitbc0cc82cbdd3dfbc96ae3b91f28e991ca8960eb2 (patch)
treef70ae3c8546e05c472a9e05c9633e91d99ced8af
parent8d0b036436ca8180680c0981e6864333eda5e839 (diff)
Check your breath before you speak incase it's halitocious.6.x-1.22
-rwxr-xr-xfinder.module9
-rwxr-xr-xmodules/finder_autocomplete/finder_autocomplete.module2
2 files changed, 9 insertions, 2 deletions
diff --git a/finder.module b/finder.module
index e473fe6..00b9962 100755
--- a/finder.module
+++ b/finder.module
@@ -56,7 +56,7 @@ function finder_menu() {
$items['admin/build/finder/import'] = $admin_item + array(
'title' => t('Finder import'),
'page callback' => 'finder_admin_import',
- 'access arguments' => array('administer finder'),
+ 'access callback' => 'finder_menu_allow_finder_import',
'weight' => 2,
'type' => MENU_LOCAL_TASK,
);
@@ -110,6 +110,13 @@ function finder_menu() {
}
/**
+ * Determine whether to allow the import tab.
+ */
+function finder_menu_allow_finder_import() {
+ return user_access('administer finder') && user_access('administer finder PHP settings');
+}
+
+/**
* Determine whether to show edit/delete tabs for finder.
*
* @see finder_menu()
diff --git a/modules/finder_autocomplete/finder_autocomplete.module b/modules/finder_autocomplete/finder_autocomplete.module
index 92e1e1a..b825214 100755
--- a/modules/finder_autocomplete/finder_autocomplete.module
+++ b/modules/finder_autocomplete/finder_autocomplete.module
@@ -200,7 +200,7 @@ function finder_autocomplete_autocomplete($finder_id, $finder_element_id, $keywo
$autofill = theme('finder_autocomplete_autofill', $option, $element);
$suggestion = theme('finder_autocomplete_suggestion', $option, $element);
if ($autofill && $suggestion) {
- $choices[$autofill] = $suggestion;
+ $choices[$autofill] = filter_xss($suggestion);
}
}
}