die('Illegal call!');
}
#added 24.06.08 timo.trautmann security fix filter submitted treeItemPost array before insertion, name also changed according to security fix
$aPostTreeItem = array();
if (!is_object($db)) {
$db = new DB_Contenido();
}
if (isset($_REQUEST['treeItemPost']['idpica_alloc'])) {
$aPostTreeItem['idpica_alloc'] = (int) $_REQUEST['treeItemPost']['idpica_alloc'];
}
if (isset($_REQUEST['treeItemPost']['parentid'])) {
$aPostTreeItem['parentid'] = (int) $_REQUEST['treeItemPost']['parentid'];
}
if (isset($_REQUEST['treeItemPost']['name'])) {
$sName = stripslashes($_REQUEST['treeItemPost']['name']);
$sName = $db->escape($sName);
$aPostTreeItem['name'] = $sName;
}
$_GET['idpica_alloc'] = (int) $_GET['idpica_alloc'];
#end added 24.06.08 timo.trautmann
$oPage = new cPage();
$oPage->setMargin(10);
$oPage->setMessageBox();
$oTree = new pApiContentAllocationTreeView('f7771624-4874-4745-8b7e-21a49a71a447');
// store item
if ($_POST['step'] == 'store') {
$pNotify = '<div style="width:410px;margin-bottom:20px;">';
$sMessage = sprintf(i18n("New Category %s successfully stored!", 'content_allocation'), $treeItem['name']);
$notification->displayNotification("info", $sMessage);
$pNotify .= '</div>';
$oTree->storeItem($aPostTreeItem);