diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php index de33bbe2..0669029d 100644 --- a/includes/pages/admin_import.php +++ b/includes/pages/admin_import.php @@ -8,6 +8,7 @@ function admin_import() { global $rooms_import; global $user; $html = ""; + $import_dir = __DIR__ . '/../../import'; $step = "input"; if (isset($_REQUEST['step']) && in_array($step, [ @@ -18,14 +19,14 @@ function admin_import() { $step = $_REQUEST['step']; } - if ($test_handle = fopen('../import/tmp', 'w')) { + if ($test_handle = @fopen($import_dir . '/tmp', 'w')) { fclose($test_handle); - unlink('../import/tmp'); + @unlink($import_dir . '/tmp'); } else { error(_('Webserver has no write-permission on import directory.')); } - $import_file = '../import/import_' . $user['UID'] . '.xml'; + $import_file = $import_dir . '/import_' . $user['UID'] . '.xml'; $shifttype_id = null; $add_minutes_start = 15; $add_minutes_end = 15; diff --git a/includes/pages/guest_credits.php b/includes/pages/guest_credits.php index b982a38e..cbdc3133 100644 --- a/includes/pages/guest_credits.php +++ b/includes/pages/guest_credits.php @@ -4,6 +4,6 @@ function credits_title() { } function guest_credits() { - return template_render('../templates/guest_credits.html', []); + return template_render(__DIR__ . '/../../templates/guest_credits.html', []); } ?> \ No newline at end of file diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php index 60ac79bf..c990ee4a 100644 --- a/includes/pages/user_shifts.php +++ b/includes/pages/user_shifts.php @@ -154,7 +154,7 @@ function view_user_shifts() { return page([ div('col-md-12', [ msg(), - template_render('../templates/user_shifts.html', [ + template_render(__DIR__ . '/../../templates/user_shifts.html', [ 'title' => shifts_title(), 'room_select' => make_select($rooms, $shiftsFilter->getRooms(), "rooms", _("Rooms")), 'start_select' => html_select_key("start_day", "start_day", array_combine($days, $days), $start_day), diff --git a/public/index.php b/public/index.php index 7bf9b169..85e5b4da 100644 --- a/public/index.php +++ b/public/index.php @@ -162,7 +162,7 @@ if (isset($_REQUEST['p']) && preg_match("/^[a-z0-9_]*$/i", $_REQUEST['p']) && (i $event_config = EventConfig(); -echo template_render('../templates/layout.html', [ +echo template_render(__DIR__ . '/../templates/layout.html', [ 'theme' => isset($user) ? $user['color'] : $default_theme, 'title' => $title, 'atom_link' => ($page == 'news' || $page == 'user_meetings') ? '' : '',