Author: dgoette
Date: Sun Mar 1 02:47:12 2009
New Revision: 39818
URL:
http://svn.reactos.org/svn/reactos?rev=39818&view=rev
Log:
* readd group & acl deletion
* fix subsystem integration
* tooltip now does not hide, if changing the <td> element inside the same
<tr>
* tooltip now hides, if editor is loaded
* generator now doesn't cache scripts
* show error message on login failure, instead of a white page
Modified:
branches/danny-web/reactos.org/htdocs/roscms/js/cms_maintain.js
branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js
branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_ACL.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_Groups.class…
branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/om/Login.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_User_Login.class…
Modified:
branches/danny-web/reactos.org/htdocs/roscms/js/cms_maintain.js
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
---
branches/danny-web/reactos.org/htdocs/roscms/js/cms_maintain.js [iso-8859-1]
(original)
+++
branches/danny-web/reactos.org/htdocs/roscms/js/cms_maintain.js [iso-8859-1] Sun Mar
1 02:47:12 2009
@@ -390,6 +390,36 @@
/**
* @FILLME
*/
+function deleteAccess( id )
+{
+ // highlight left menu entry
+ highlightMenu('Access');
+
+ document.getElementById('accessList').style.display = 'none';
+ document.getElementById('accessDetails').style.display = 'block';
+
+ // get language list
+
makeRequest('?page=backend&type=admin&subtype=acl&action=delete&access='+id,
'apply', 'accessDetails', 'html', 'GET');
+ return true;
+} // end of function loadGenerate
+
+
+
+/**
+ * @FILLME
+ */
+function submitAccessDelete( )
+{
+
makeRequest('?page=backend&type=admin&subtype=acl&action=delete&submit=true',
'apply', 'accessDetails', 'html', 'POST');
+
+ loadAccess();
+}
+
+
+
+/**
+ * @FILLME
+ */
function loadSystem( )
{
@@ -487,7 +517,37 @@
*/
function submitGroupEdit( )
{
-
makeRequest('?page=backend&type=admin&subtype=group&action=edit&submit=true',
'apply', 'groupDetails', 'html', 'POST');
+
makeRequest('?page=backend&type=admin&subtype=group&action=delete&submit=true',
'apply', 'groupDetails', 'html', 'POST');
+
+ loadGroups();
+}
+
+
+
+/**
+ * @FILLME
+ */
+function deleteGroup( id )
+{
+ // highlight left menu entry
+ highlightMenu('Groups');
+
+ document.getElementById('groupList').style.display = 'none';
+ document.getElementById('groupDetails').style.display = 'block';
+
+ // get language list
+
makeRequest('?page=backend&type=admin&subtype=group&action=delete&group='+id,
'apply', 'groupDetails', 'html', 'GET');
+ return true;
+} // end of function loadGenerate
+
+
+
+/**
+ * @FILLME
+ */
+function submitGroupDelete( )
+{
+
makeRequest('?page=backend&type=admin&subtype=group&action=delete&submit=true',
'apply', 'groupDetails', 'html', 'POST');
loadGroups();
}
Modified:
branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
---
branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js [iso-8859-1]
(original)
+++
branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js [iso-8859-1] Sun Mar 1
02:47:12 2009
@@ -24,7 +24,8 @@
// check for quirks / standard mode
var IEmode = ( typeof document.compatMode != "undefined" &&
document.compatMode != "BackCompat") ? "documentElement" :
"body";
-var timerTooltip;
+var timerTooltip, timer_tooltip_delete;
+var tooltip_row = null;
document.onmousemove = getMousePosition;
@@ -302,8 +303,22 @@
{
// deactivate tooltip-timer
window.clearTimeout(timerTooltip);
-
+
+ window.clearTimeout(timer_tooltip_delete);
+ timer_tooltip_delete = window.setTimeout("deleteTooltip()", 300);
+} // end of function clearTooltip
+
+
+
+/**
+ * Disables Tooltip view
+ */
+function deleteTooltip( )
+{
document.getElementById('tooltip').style.display = 'none';
+
+ // deactivate tooltip-timer
+ window.clearTimeout(timer_tooltip_delete);
} // end of function clearTooltip
@@ -433,16 +448,20 @@
// deactivate Tooltip-timer
window.clearTimeout(timerTooltip);
- timerTooltip =
window.setTimeout("loadTooltip('"+this.getElementsByTagName('td')[3].className+"')",
500);
+ if (tooltip_row == this.id) {
+ window.clearTimeout(timer_tooltip_delete);
+ }
+ else {
+ tooltip_row = this.id;
+
+ timerTooltip =
window.setTimeout("loadTooltip('"+this.getElementsByTagName('td')[3].className+"')",
500);
+ }
} // end of inner function localStartActive
//sets a timeout to remove Tooltip
function localStopActive() {
hlRow(this.id,2);
-
- // deactivate Tooltip-timer
- window.clearTimeout(timerTooltip);
clearTooltip();
} // end of inner function localStopActive
@@ -460,6 +479,8 @@
function localStartEditor() {
+ clearTooltip();
+
loadEditor(roscms_current_page, this.className);
} // end of inner function localStartEditor
Modified:
branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
---
branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem.class.php [iso-8859-1]
(original)
+++
branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem.class.php [iso-8859-1] Sun
Mar 1 02:47:12 2009
@@ -154,7 +154,7 @@
*/
protected function updateUser( $user_id, $subsys_user )
{
- $user = ROSUser::getDetailsById($user_id);
+ $user = self::getRoscmsUser($user_id);
if ($user === false) {
return false;
}
Modified:
branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_ACL.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
---
branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_ACL.class.php
[iso-8859-1] (original)
+++
branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_ACL.class.php
[iso-8859-1] Sun Mar 1 02:47:12 2009
@@ -226,6 +226,7 @@
echo_strip('
<h2>Edit Access Control List (ACL)</h2>
<form onsubmit="return false;">
+ <button
onclick="'."deleteAccess(".$access['id'].")".'">show
Delete ACL</button>
<fieldset>
<legend>Access Control List Options</legend>
<input type="hidden" name="access_id"
id="access_id" value="'.$access['id'].'" />
@@ -349,7 +350,7 @@
{
// check how many entries are depend on this ACL
$stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(id) FROM
".ROSCMST_ENTRIES." WHERE access_id=:access_id");
- $stmt->bindParam('access_id',$_POST['access'],PDO::PARAM_INT);
+ $stmt->bindParam('access_id',$_REQUEST['access'],PDO::PARAM_INT);
$stmt->execute();
$data_count = $stmt->fetchColumn();
@@ -360,8 +361,8 @@
else {
// ACL information
- $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short,
description, id FROM ".ROSCMST_ACCESS." WHERE id=:access_id");
- $stmt->bindParam('access_id',$_POST['access'],PDO::PARAM_INT);
+ $stmt=&DBConnection::getInstance()->prepare("SELECT name, description,
id FROM ".ROSCMST_ACCESS." WHERE id=:access_id");
+
$stmt->bindParam('access_id',$_REQUEST['access'],PDO::PARAM_INT);
$stmt->execute();
$access = $stmt->fetchOnce(PDO::FETCH_ASSOC);
@@ -371,7 +372,7 @@
<input type="hidden" name="access_id"
id="access_id" value="'.$access['id'].'" />
Do you really want to delete the access "<span
title="'.$access['description'].'">'.$access['name'].'</span>"
?
- <button style="color: red;"
onclick="'."submitDelete('acl')".'"
name="uaq" value="yes">Yes, Delete it.</button>
+ <button style="color: red;"
onclick="'."submitAccessDelete()".'" name="uaq"
value="yes">Yes, Delete it.</button>
<button style="color: green;" name="uaq"
value="no">No</button>
</div>
</form>');
Modified:
branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_Groups.class…
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
---
branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_Groups.class…
[iso-8859-1] (original)
+++
branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_Groups.class…
[iso-8859-1] Sun Mar 1 02:47:12 2009
@@ -275,6 +275,7 @@
echo_strip('
<h2>Edit Group</h2>
<form onsubmit="return false;">
+ <button
onclick="'."deleteGroup(".$group['id'].")".'">show
Delete Group</button>
<fieldset>
<legend>Group Data</legend>
<input type="hidden" name="group_id"
id="group_id" value="'.$group['id'].'" />
@@ -451,7 +452,7 @@
{
// get Group information
$stmt=&DBConnection::getInstance()->prepare("SELECT name, description, id
FROM ".ROSCMST_GROUPS." WHERE id=:group_id");
- $stmt->bindParam('group_id',$_POST['group'],PDO::PARAM_INT);
+ $stmt->bindParam('group_id',$_GET['group'],PDO::PARAM_INT);
$stmt->execute();
$group = $stmt->fetchOnce(PDO::FETCH_ASSOC);
@@ -461,7 +462,7 @@
<input type="hidden" name="group_id"
id="group_id" value="'.$group['id'].'" />
Do you really want to delete the Group "<span
title="'.$group['description'].'">'.$group['name'].'</span>"
?
- <button style="color: red;"
onclick="'."submitDelete('group')".'"
name="uaq" value="yes">Yes, Delete it.</button>
+ <button style="color: red;"
onclick="'."submitGroupDelete()".'" name="uaq"
value="yes">Yes, Delete it.</button>
<button style="color: green;" name="uaq"
value="no">No</button>
</div>
</form>');
@@ -480,7 +481,7 @@
// delete group
$stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_GROUPS." WHERE id=:group_id");
- $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
+
$stmt->bindParam('group_id',$_REQUEST['group_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
// delete connections
@@ -488,17 +489,17 @@
// delete ACL connections
$stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_ACL." WHERE group_id=:group_id");
- $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
+
$stmt->bindParam('group_id',$_REQUEST['group_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
// delete APL connections
$stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_AREA_ACCESS." WHERE group_id=:group_id");
- $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
+
$stmt->bindParam('group_id',$_REQUEST['group_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
// delete memberships
$stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_MEMBERSHIPS." WHERE group_id=:group_id");
- $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
+
$stmt->bindParam('group_id',$_REQUEST['group_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
}
Modified:
branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
---
branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php [iso-8859-1]
(original)
+++
branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php [iso-8859-1]
Sun Mar 1 02:47:12 2009
@@ -218,19 +218,17 @@
$content = $revision['content'];
// replace dependencies
- $stmt_more=&DBConnection::getInstance()->prepare("SELECT d.id, d.type,
d.name FROM ".ROSCMST_DEPENDENCIES." w JOIN ".ROSCMST_ENTRIES." d ON
w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS TRUE");
+ $stmt_more=&DBConnection::getInstance()->prepare("SELECT d.id, d.type,
d.name FROM ".ROSCMST_DEPENDENCIES." w JOIN ".ROSCMST_ENTRIES." d ON
w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS TRUE AND d.type !=
'script'");
$stmt_more->bindParam('rev_id',$revision['id'],PDO::PARAM_INT);
$stmt_more->execute();
while ($dependency = $stmt_more->fetch(PDO::FETCH_ASSOC)) {
// replace
- if ($dependency['type'] != 'script') {
- $content =
str_replace('[#'.$this->short[$dependency['type']].'_'.$dependency['name'].']',
$this->getCached(array(null,
$this->short[$dependency['type']].'_'.$dependency['name'])),
$content);
- }
+ $content =
str_replace('[#'.$this->short[$dependency['type']].'_'.$dependency['name'].']',
$this->getCached(array(null,
$this->short[$dependency['type']].'_'.$dependency['name'])),
$content);
} // end foreach
// execute scripts
- $content = preg_replace_callback('/\[#inc_([^][#[:space:]]+)\]/',
array($this,'evalScript'),$content);
+ $content = preg_replace_callback('/\[#inc_([a-zA-Z0-9_]+)\]/',
array($this,'evalScript'),$content);
// replace roscms vars
$content = $this->replaceRoscmsPlaceholder($content);
@@ -435,7 +433,7 @@
$stmt->execute();
// prepare for usage in loop
- $stmt_more=&DBConnection::getInstance()->prepare("SELECT w.child_id,
d.type, d.name FROM ".ROSCMST_DEPENDENCIES." w JOIN
".ROSCMST_ENTRIES." d ON w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS
TRUE");
+ $stmt_more=&DBConnection::getInstance()->prepare("SELECT w.child_id,
d.type, d.name FROM ".ROSCMST_DEPENDENCIES." w JOIN
".ROSCMST_ENTRIES." d ON w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS
TRUE AND d.type != 'script'");
while ($data = $stmt->fetch(PDO::FETCH_ASSOC)) {
Modified:
branches/danny-web/reactos.org/htdocs/roscms/lib/om/Login.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
---
branches/danny-web/reactos.org/htdocs/roscms/lib/om/Login.class.php [iso-8859-1]
(original)
+++
branches/danny-web/reactos.org/htdocs/roscms/lib/om/Login.class.php [iso-8859-1] Sun
Mar 1 02:47:12 2009
@@ -83,8 +83,8 @@
$stmt=&DBConnection::getInstance()->prepare("SELECT s.user_id,
s.expires FROM ".ROSCMST_SESSIONS." s JOIN ".ROSCMST_USERS." u ON u.id
= s.user_id WHERE s.id = :session_id AND (u.match_ip IS FALSE OR s.ip=:ip ) AND
(u.match_browseragent IS FALSE OR s.browseragent = :agent) AND u.disabled IS FALSE LIMIT
1");
}
else{
- $stmt=&DBConnection::getInstance()->prepare("SELECT m.user_id,
s.expires FROM ".ROSCMST_SESSIONS." s JOIN ".ROSCMST_USERS." u ON u.id
= s.user_id JOIN ".ROSCMST_SUBSYS." m ON m.user_id = s.user_id WHERE s.id =
:session_id AND (u.match_ip IS FALSE OR s.ip = :ip) AND (u.match_browseragent IS FALSE OR
s.browseragent = :agent) AND m.subsys = :subsys AND u.disabled IS FALSE LIMIT 1");
- $stmt->bindParam('subsys',$subsys,PDO::PARAM_STR);
+ $stmt=&DBConnection::getInstance()->prepare("SELECT m.subsys_user_id
AS user_id, s.expires FROM ".ROSCMST_SESSIONS." s JOIN
".ROSCMST_USERS." u ON u.id = s.user_id JOIN ".ROSCMST_SUBSYS." m ON
m.user_id = s.user_id WHERE s.id = :session_id AND (u.match_ip IS FALSE OR s.ip = :ip) AND
(u.match_browseragent IS FALSE OR s.browseragent = :agent) AND m.subsys = :subsys AND
u.disabled IS FALSE LIMIT 1");
+ $stmt->bindParam('subsys',$subsys,PDO::PARAM_STR);
}
$stmt->bindParam('session_id',$session_id,PDO::PARAM_INT);
$stmt->bindParam('ip',$remote_addr,PDO::PARAM_STR);
Modified:
branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_User_Login.class…
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
---
branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_User_Login.class…
[iso-8859-1] (original)
+++
branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_User_Login.class…
[iso-8859-1] Sun Mar 1 02:47:12 2009
@@ -99,7 +99,7 @@
}
else {
$this->loginPage('You have specified an incorrect username.');
- exit;
+ return false;
}
// Check password. It should only contain printable ASCII chars
@@ -108,7 +108,7 @@
}
else {
$this->loginPage('You have specified an invalid password.');
- exit;
+ return false;
}
// get user data
@@ -128,14 +128,14 @@
}
if ($a_password != $user['password']) {
- $this->loginPage("You have specified an incorrect or inactive username,
or an invalid password.");
- exit;
+ $this->loginPage('You have specified an incorrect or inactive username, or
an invalid password.');
+ return false;
}
// if the account is NOT enabled; e.g. a reason could be that a member of the admin
group has disabled this account because of spamming, etc.
if ($user['disabled'] == true) {
$this->loginPage('Account is not activated or disabled!<br /><br
/>Check your email inbox (and spam folder), maybe you have overseen the activation
information.');
- exit;
+ return false;
}
// if the user account setting is "multisession" (a by user setting), it
is set to "false" by default