[dgoette] 37644: * switch back from rdf * implement moving entries only at one place, simplyfy backend code * trim whitespaces from entry names * insert 'http://' if no protocoll for homepage is given
25 Nov
2008
25 Nov
'08
7:10 p.m.
Author: dgoette
Date: Tue Nov 25 13:10:11 2008
New Revision: 37644
URL: http://svn.reactos.org/svn/reactos?rev=37644&view=rev
Log:
* switch back from rdf
* implement moving entries only at one place, simplyfy backend code
* trim whitespaces from entry names
* insert 'http://' if no protocoll for homepage is given
Modified:
branches/danny-web/reactos.org/htdocs/roscms/custom.php
branches/danny-web/reactos.org/htdocs/roscms/index.php
branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Page.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Activate.class.p…
branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Login.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_LostPassword.cla…
branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Profile.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_ProfileEdit.clas…
branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Register.class.p…
branches/danny-web/reactos.org/htdocs/roscms/lib/Login.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/Security.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem_PHPBB.class.php
Modified: branches/danny-web/reactos.org/htdocs/roscms/custom.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/custom.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/custom.php [iso-8859-1] Tue Nov 25
13:10:11 2008
@@ -25,7 +25,6 @@
$roscms_intern_webserver_pages = "/reactos/";
$roscms_intern_webserver_roscms = "/reactos/roscms/";
- $roscms_SET_path_ex = $roscms_intern_webserver_roscms."index.php/";
$roscms_intern_page_link = $roscms_intern_webserver_roscms . "?page=";
$roscms_standard_language="en"; // en/de/fr/...
Modified: branches/danny-web/reactos.org/htdocs/roscms/index.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/index.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/index.php [iso-8859-1] Tue Nov 25
13:10:11 2008
@@ -47,28 +47,13 @@
$rpm_page="";
$rpm_lang="";
- if (array_key_exists("page", $_GET))
$rpm_page=htmlspecialchars($_GET["page"]);
if (array_key_exists("lang", $_GET))
$rpm_lang=htmlspecialchars($_GET["lang"]);
require("lang.php"); // lang code outsourced
require("custom.php"); // custom on-screen information
-
- $rdf_URI_tree = $_SERVER['REQUEST_URI'];
- $rdf_URI_tree = str_replace($roscms_intern_webserver_roscms,'',$rdf_URI_tree);
- $rdf_URI_tree = str_replace('index.php/','',$rdf_URI_tree);
-
- $rdf_URI_tree_split = explode('/', $rdf_URI_tree);
-
- $rdf_uri_2 = @$rdf_URI_tree_split[1];
- $rdf_uri_3 = @$rdf_URI_tree_split[2];
-
- if ($rpm_page != "") {
- $rdf_URI_tree_split[0] = $rpm_page;
- }
-
- $rdf_uri_str = $rdf_URI_tree_split[0]."/";
+
$RosCMS_GET_d_use = ""; // data usage (where the data will be used)
@@ -77,10 +62,6 @@
$RosCMS_GET_d_value2 = ""; // data transport value
$RosCMS_GET_d_value3 = ""; // data transport value
$RosCMS_GET_d_value4 = ""; // data transport value
-
- $RosCMS_GET_d_id = ""; // data_id
- $RosCMS_GET_d_r_id = ""; // data rev id
- $RosCMS_GET_d_r_lang = ""; // data rev language (e.g. "en",
"de", etc.)
if (array_key_exists("d_u", $_GET))
$RosCMS_GET_d_use=htmlspecialchars($_GET["d_u"]);
if (array_key_exists("d_fl", $_GET))
$RosCMS_GET_d_flag=htmlspecialchars($_GET["d_fl"]);
@@ -88,10 +69,6 @@
if (array_key_exists("d_val2", $_GET))
$RosCMS_GET_d_value2=htmlspecialchars($_GET["d_val2"]);
if (array_key_exists("d_val3", $_GET))
$RosCMS_GET_d_value3=htmlspecialchars($_GET["d_val3"]);
if (array_key_exists("d_val4", $_GET))
$RosCMS_GET_d_value4=htmlspecialchars($_GET["d_val4"]);
-
- if (array_key_exists("d_id", $_GET))
$RosCMS_GET_d_id=htmlspecialchars($_GET["d_id"]);
- if (array_key_exists("d_r_id", $_GET))
$RosCMS_GET_d_r_id=htmlspecialchars($_GET["d_r_id"]);
- if (array_key_exists("d_r_lang", $_GET))
$RosCMS_GET_d_r_lang=htmlspecialchars($_GET["d_r_lang"]);
if (isset($_GET['d_arch']) && $_GET['d_arch'] == true) {
@@ -111,12 +88,12 @@
echo str_replace("\r",'',$text);
}
-
-switch ($rdf_URI_tree_split[0]) {
+// select page
+switch (@$_GET['page']) {
// Login user
case 'login':
- switch (@$rdf_URI_tree_split[1]) {
+ switch (@$_GET['subpage']) {
case 'lost':
new HTML_User_LostPassword();
break;
@@ -136,12 +113,12 @@
// Register new user
case 'register':
- if (@$rdf_URI_tree_split[1] == 'captcha') {
- new CaptchaSecurityImages();
- }
- else {
- new HTML_User_Register();
- }
+ new HTML_User_Register();
+ break;
+
+ // Captcha
+ case 'captcha':
+ new CaptchaSecurityImages();
break;
// User Profile (view | edit)
@@ -149,7 +126,7 @@
case 'user':
default:
// select action
- switch (@$rdf_URI_tree_split[1]) {
+ switch (@$_GET['subpage']) {
case 'edit':
case 'activate':
new HTML_User_ProfileEdit();
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php [iso-8859-1] Tue Nov
25 13:10:11 2008
@@ -114,7 +114,7 @@
* @param int rev_id
* @access public
*/
- public static function updateRevision( $data_id, $rev_id, $lang, $version, $user_name,
$date, $time, $new_data_name, $new_data_type )
+ public static function updateRevision( $data_id, $rev_id, $lang, $version, $user_name,
$date, $time )
{
global $h_a;
global $h_a2;
@@ -184,7 +184,6 @@
// date + time (check for Y-m-d and valid-date) + (H:i:s)
if (preg_match('/^([12][0-9]{3})-(0[1-9]|1[0-2])-(0[1-9]|[12][0-9]|3[01])$/',
$date,$date_matches) && checkdate($date_matches[2], $date_matches[3],
$date_matches[1]) &&
preg_match('/^([01][0-9]|2[0-3])(:[0-5][0-9]){2}$/',$time) &&
($data['rev_date'] != $date || $data['rev_time'] != $time) ) {
-
//
$stmt=DBConnection::getInstance()->prepare("UPDATE
data_revision".$h_a." SET rev_datetime = :datetime, rev_date = :date, rev_time =
:time WHERE rev_id = :rev_id LIMIT 1");
$stmt->bindValue('datetime',$date." ".$time,PDO::PARAM_STR);
@@ -193,40 +192,6 @@
$stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT);
$stmt->execute();
Log::writeMedium('entry date+time changed:
'.$data['rev_date'].' '.$data['rev_time'].' =>
'.$date.' '.$time.Log::prepareInfo($data_id,
$rev_id).'{alterentry}');
- }
-
- // move revision to another data
- //@CHECKME is that correct behaviour
- if ($new_data_name != '' && $new_data_type != '') {
-
- $stmt=DBConnection::getInstance()->prepare("SELECT data_id FROM
data_".$h_a2." WHERE data_name = :name AND data_type = :type LIMIT 1");
- $stmt->bindParam('name',$new_data_name,PDO::PARAM_STR);
- $stmt->bindParam('type',$new_data_type,PDO::PARAM_STR);
- $stmt->execute();
- $new_data_id = $stmt->fetchColumn();
-
- if ($new_data_id > 0) {
- $stmt=DBConnection::getInstance()->prepare("UPDATE
data_revision".$h_a." SET data_id = :new_data_id WHERE rev_id = :rev_id LIMIT
1");
- $stmt->bindParam('new_data_id',$new_data_id,PDO::PARAM_INT);
- $stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT);
- $stmt->execute();
-
- $stmt=DBConnection::getInstance()->prepare("SELECT COUNT(*) FROM
data_revision".$h_a." WHERE data_id = :data_id");
- $stmt->bindParam('data_id',$data_id,PDO::PARAM_INT);
- $stmt->execute();
- $data_count = $stmt->fetchColumn();
-
-
- Log::writeMedium('entry moved to another data-id: '.$data_id.'
=> '.$new_data_id.Log::prepareInfo($data_id, $rev_id).'{alterentry}');
-
-
- if ($data_count === 0) {
- $stmt=DBConnection::getInstance()->prepare("DELETE FROM
data_".$h_a2." WHERE data_id = :data_id LIMIT 1");
- $stmt->bindParam('data_id',$data_id,PDO::PARAM_INT);
- $stmt->execute();
- Log::writeMedium('unused data-id deleted:
'.$data_id.Log::prepareInfo($data_id, $rev_id).'{alterentry}');
- }
- }
}
} // end of member function getCookieDomain
@@ -498,6 +463,17 @@
return;
}
+ // update data type
+ if ($data_type != '' && $data_type != $data['data_type']) {
+ $stmt=DBConnection::getInstance()->prepare("UPDATE data_".$h_a2."
SET data_type = :type_new WHERE data_id = :data_id LIMIT 1");
+ $stmt->bindParam('type_new',$data_type,PDO::PARAM_STR);
+ $stmt->bindParam('data_id',$data_id,PDO::PARAM_INT);
+ $stmt->execute();
+ Log::writeMedium('data-type changed: '.$data['data_type'].'
=> '.$data_type.Log::prepareInfo($data_id).'{altersecurityfields}');
+ $new_data_type = $data_type;
+ }
+
+ // update data name
if ($data_name != '' && $data_name != $data['data_name']) {
$stmt=DBConnection::getInstance()->prepare("UPDATE data_".$h_a2."
SET data_name = :name_new WHERE data_id = :id LIMIT 1");
$stmt->bindParam('name_new',$data_name,PDO::PARAM_STR);
@@ -506,77 +482,75 @@
Log::writeMedium('data-name changed: '.$data['data_name'].'
=> '.$data_name.Log::prepareInfo($data_id).'{altersecurityfields}');
+ // update dependent entries
if ($update_links == true) {
- if ($data_type == '') {
- $data_type = $data['data_type'];
+ if ($new_data_type == '') {
+ $new_data_type = $data['data_type'];
}
- switch ($data_type) {
+ // old type
+ switch ($data['data_type']) {
case 'content':
- $type_short = 'cont';
+ $new_type_short = 'cont';
break;
case 'template':
- $type_short = 'templ';
+ $new_type_short = 'templ';
break;
case 'script':
- $type_short = 'inc';
+ $new_type_short = 'inc';
break;
case 'system':
- $type_short = 'sys';
+ $new_type_short = 'sys';
break;
case 'page':
default:
- $type_short = 'no';
+ $new_type_short = 'no';
break;
}
- // prepare for usage in while loop
- $stmt_update=DBConnection::getInstance()->prepare("UPDATE
data_text".$h_a." SET text_content = :content WHERE text_id = :text_id LIMIT
1");
+ // new type
+ switch ($new_data_type) {
+ case 'content':
+ $old_type_short = 'cont';
+ break;
+ case 'template':
+ $old_type_short = 'templ';
+ break;
+ case 'script':
+ $old_type_short = 'inc';
+ break;
+ case 'system':
+ $old_type_short = 'sys';
+ break;
+ case 'page':
+ default:
+ $old_type_short = 'no';
+ break;
+ }
// update text content with new name
//@ADD check, for only updating dependent entries
- $stmt=DBConnection::getInstance()->prepare("SELECT text_id, text_content
FROM data_text".$h_a." ORDER BY text_id ASC");
+ $stmt=DBConnection::getInstance()->prepare("UPDATE
data_text".$h_a." SET text_content = REPLACE(REPLACE(text_content,
:old_type_name, :new_type_name), :old_link, :new_link) WHERE text_content LIKE :search1 OR
text_content LIKE :search2 ORDER BY text_id ASC");
+
$stmt->bindParam('search1','%[#'.$old_type_short.'_'.$data['data_name'].']%',PDO::PARAM_STR);
+
$stmt->bindParam('search2','%[#link_'.$data['data_name'].']%',PDO::PARAM_STR);
+
$stmt->bindParam('old_type_name','[#'.$old_type_short.'_'.$data['data_name'].']',PDO::PARAM_STR);
+
$stmt->bindParam('new_type_name','[#'.$new_type_short.'_'.$data_name.']',PDO::PARAM_STR);
+
$stmt->bindParam('old_link','[#link_'.$data['data_name'].']',PDO::PARAM_STR);
+
$stmt->bindParam('new_link','[#link_'.$data_name.']',PDO::PARAM_STR);
$stmt->execute();
- while ($text = $stmt->fetch(PDO::FETCH_ASSOC)) {
- $text_content = $text['text_content'];
-
- // update imports
- if ($type_short != 'no') {
- $text_content =
str_replace('[#'.$type_short.'_'.$data['data_name'].']',
'[#'.$type_short.'_'.$data_name.']', $text_content);
- }
-
- // update links
- if ($data['data_type'] == 'page') {
- $text_content =
str_replace('[#link_'.$data['data_name'].']',
'[#link_'.$data_name.']', $text_content);
- }
-
- // write update, if something has changed
- if ($text['text_content'] != $text_content) {
- $stmt_update->bindParam('content',$text_content,PDO::PARAM_STR);
-
$stmt_update->bindParam('text_id',$text['text_id'],PDO::PARAM_INT);
- $stmt_update->execute();
- }
- } // while
Log::writeMedium('data-interlinks updated due data-name
change'.Log::prepareInfo($data_id).'{altersecurityfields}');
}
} // end data_name changes
- if ($data_type != '' && $data_type != $data['data_type']) {
- $stmt=DBConnection::getInstance()->prepare("UPDATE data_".$h_a2."
SET data_type = :type_new WHERE data_id = :data_id LIMIT 1");
- $stmt->bindParam('type_new',$data_type,PDO::PARAM_STR);
- $stmt->bindParam('data_id',$data_id,PDO::PARAM_INT);
- $stmt->execute();
- Log::writeMedium('data-type changed: '.$data['data_type'].'
=> '.$data_type.Log::prepareInfo($data_id).'{altersecurityfields}');
- } // end data_type changes
-
+ // change ACL
if ($data_acl != '' && $data_acl != $data['data_acl']) {
$stmt=DBConnection::getInstance()->prepare("UPDATE data_".$h_a2."
SET data_acl = :acl_new WHERE data_id = :data_id LIMIT 1");
$stmt->bindParam('acl_new',$data_acl);
$stmt->bindParam('data_id',$data_id);
$stmt->execute();
Log::writeMedium('data-acl changed: '.$data['data_acl'].'
=> '.$data_acl.Log::prepareInfo($data_id).'{altersecurityfields}');
- } // end data_acl changes
+ }
} // end of member function getCookieDomain
@@ -595,7 +569,7 @@
{
$thisuser = &ThisUser::getInstance();
- $data_name = @htmlspecialchars($_GET['d_name']);
+ $data_name = trim(@htmlspecialchars($_GET['d_name']));
$stmt=DBConnection::getInstance()->prepare("SELECT data_id FROM data_ WHERE
data_name = :name AND data_type = :type LIMIT 1");
$stmt->bindParam('name',$data_name,PDO::PARAM_STR);
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php [iso-8859-1]
Tue Nov 25 13:10:11 2008
@@ -31,7 +31,7 @@
const FIELDS = 1;
const HISTORY = 2;
const SECURITY = 3;
- const ENTRY = 4;
+ const REVISION = 4;
const DEPENCIES= 5;
// types of new entries
@@ -52,8 +52,6 @@
global $roscms_standard_language;
global $RosCMS_GET_d_value, $RosCMS_GET_d_value2, $RosCMS_GET_d_value3,
$RosCMS_GET_d_value4;
- global $RosCMS_GET_d_id, $RosCMS_GET_d_r_id;
- global $RosCMS_GET_d_r_lang;
switch ($action) {
@@ -117,18 +115,18 @@
// update Field details
case 'alterfields2':
- Data::updateText($RosCMS_GET_d_r_id, $RosCMS_GET_d_value, $RosCMS_GET_d_value2,
@$_GET['d_arch']);
+ Data::updateText($_GET['d_r_id'], $RosCMS_GET_d_value,
$RosCMS_GET_d_value2, @$_GET['d_arch']);
$this->show();
break;
- // show entry details
+ // show revision details
case 'showentry':
- $this->showEntryDetails(self::ENTRY);
- break;
-
- // update Entry details
+ $this->showEntryDetails(self::REVISION);
+ break;
+
+ // update revision details
case 'alterentry':
- Data::updateRevision($RosCMS_GET_d_id,
$RosCMS_GET_d_r_id,$RosCMS_GET_d_value,$RosCMS_GET_d_value2,$RosCMS_GET_d_value3,$RosCMS_GET_d_value4,htmlspecialchars(@$_GET["d_val5"]),htmlspecialchars(@$_GET["d_val6"]),htmlspecialchars(@$_GET["d_val7"]));
+ Data::updateRevision($_GET['d_id'],
$_GET['d_r_id'],$RosCMS_GET_d_value,$RosCMS_GET_d_value2,$RosCMS_GET_d_value3,$RosCMS_GET_d_value4,htmlspecialchars(@$_GET["d_val5"]));
$this->show();
break;
@@ -139,13 +137,13 @@
// update Security details
case 'altersecurity':
- Data::update($RosCMS_GET_d_id, $RosCMS_GET_d_value, $RosCMS_GET_d_value2,
$RosCMS_GET_d_value3, $RosCMS_GET_d_value4);
+ Data::update($_GET['d_id'], $RosCMS_GET_d_value, $RosCMS_GET_d_value2,
$RosCMS_GET_d_value3, $RosCMS_GET_d_value4);
$this->show();
break;
// add new tag
case 'addtag':
- Tag::add($RosCMS_GET_d_id, $RosCMS_GET_d_r_id, $RosCMS_GET_d_value,
$RosCMS_GET_d_value2, $RosCMS_GET_d_value3);
+ Tag::add(, $_GET['d_r_id'], $RosCMS_GET_d_value, $RosCMS_GET_d_value2,
$RosCMS_GET_d_value3);
$this->showEntryDetails(self::METADATA);
break;
@@ -164,23 +162,23 @@
// update tag by id
case 'changetag':
Tag::deleteById($RosCMS_GET_d_value4, $RosCMS_GET_d_value3);
- Tag::add($RosCMS_GET_d_id, $RosCMS_GET_d_r_id, $RosCMS_GET_d_value,
$RosCMS_GET_d_value2, $RosCMS_GET_d_value3);
- echo Tag::getIdByUser($RosCMS_GET_d_id, $RosCMS_GET_d_r_id, $RosCMS_GET_d_value,
$thisuser->id());
+ Tag::add($_GET['d_id'], $_GET['d_r_id'], $RosCMS_GET_d_value,
$RosCMS_GET_d_value2, $RosCMS_GET_d_value3);
+ echo Tag::getIdByUser($_GET['d_id'], $_GET['d_r_id'],
$RosCMS_GET_d_value, $thisuser->id());
break;
// update tag by name/user
case 'changetag2':
case 'changetag3':
- Tag::deleteByName($RosCMS_GET_d_id, $RosCMS_GET_d_r_id, $RosCMS_GET_d_value ,
$RosCMS_GET_d_value3);
- Tag::add($RosCMS_GET_d_id, $RosCMS_GET_d_r_id, $RosCMS_GET_d_value ,
$RosCMS_GET_d_value2, $RosCMS_GET_d_value3);
- echo Tag::getIdByName($RosCMS_GET_d_id, $RosCMS_GET_d_r_id, $RosCMS_GET_d_value,
$RosCMS_GET_d_value3);
+ Tag::deleteByName($_GET['d_id'], $_GET['d_r_id'],
$RosCMS_GET_d_value , $RosCMS_GET_d_value3);
+ Tag::add($_GET['d_id'], $_GET['d_r_id'], $RosCMS_GET_d_value ,
$RosCMS_GET_d_value2, $RosCMS_GET_d_value3);
+ echo Tag::getIdByName($_GET['d_id'], $_GET['d_r_id'],
$RosCMS_GET_d_value, $RosCMS_GET_d_value3);
break;
// Change Tags around Data entry
case 'changetags':
// only call function if some entries are given ($_GET['d_val'] holds
number of id's)
if ($_GET['d_val'] > 0) {
- Data::evalAction($RosCMS_GET_d_value2 /* entry rev_id's */,
$RosCMS_GET_d_value3 /* action */, $RosCMS_GET_d_r_lang, $RosCMS_GET_d_value4);
+ Data::evalAction($RosCMS_GET_d_value2 /* entry rev_id's */,
$RosCMS_GET_d_value3 /* action */, $_GET['d_r_lang'], $RosCMS_GET_d_value4);
}
break;
@@ -206,8 +204,6 @@
*/
protected function performDefaultAction()
{
- global $RosCMS_GET_d_r_lang;
-
// normal (contains NO "tr")
if (!isset($_GET['d_r_id']) || strpos($_GET['d_r_id'], 'tr')
=== false) {
$this->show();
@@ -224,7 +220,7 @@
if (Security::hasRight($revision['data_id'], 'trans')) {
// copy existing entry to new language
- if (Data::copy($revision['data_id'], $revision['rev_id'], 1 /*
copy mode */, $RosCMS_GET_d_r_lang)) {
+ if (Data::copy($revision['data_id'], $revision['rev_id'], 1 /*
copy mode */, $_GET['d_r_lang'])) {
$stmt=DBConnection::getInstance()->prepare("SELECT data_id, rev_id,
rev_language FROM data_revision WHERE data_id = :data_id AND rev_usrid = :user_id AND
rev_version = 0 AND rev_language = :lang AND rev_date = :date ORDER BY rev_id DESC LIMIT
1");
$stmt->bindParam('data_id',$revision['data_id'],PDO::PARAM_STR);
$stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT);
@@ -290,7 +286,7 @@
$stext_num++;
echo_strip('
- <label for="estext"'.$stext_num.'"
class="frmeditheadline" style="font-weight: bold;">'); echo
ucfirst($stext['stext_name']);echo_strip(':</label>
+ <label for="estext"'.$stext_num.'"
class="frmeditheadline" style="font-weight:
bold;">'.$stext['stext_name'].':</label>
<span id="edstext'.$stext_num.'"
style="display:none;">'.$stext['stext_name'].'</span><br
/>
<input name="estext"'.$stext_num.'"
type="text" id="estext'.$stext_num.'" size="50"
maxlength="250" value="');echo
$stext['stext_content'].'" /><br /><br />';
}
@@ -311,7 +307,7 @@
$text_num++;
echo_strip('
- <label class="frmeditheadline"
for="elm'.$text_num.'">');echo
ucfirst($text['text_name']); echo_strip('</label>
+ <label class="frmeditheadline"
for="elm'.$text_num.'">'.$text['text_name'].'</label>
<button type="button" id="butRTE'.$text_num.'"
onclick="'."toggleEditor('elm".$text_num."',
this.id)".'">Rich Text</button>
<span id="swraped'.$text_num.'">
<input id="wraped'.$text_num.'" type="checkbox"
onclick="'."toggleWordWrap(this.id,
'elm".$text_num."');".'" checked="checked"
/>
@@ -654,11 +650,11 @@
}
echo ' | ';
- if ($mode == self::ENTRY) {
- echo '<strong>Entry</strong>';
+ if ($mode == self::REVISION) {
+ echo '<strong>Revision</strong>';
}
else {
- echo '<span class="detailmenu"
onclick="'."bshowentry(".$this->data_id.",".$this->rev_id.",
'".$thisuser->id()."')".'">Entry</span>';
+ echo '<span class="detailmenu"
onclick="'."bshowentry(".$this->data_id.",".$this->rev_id.",
'".$thisuser->id()."')".'">Revision</span>';
}
}
@@ -696,8 +692,8 @@
case self::FIELDS:
$this->showEntryDetailsFields();
break;
- case self::ENTRY:
- $this->showEntryDetailsEntry();
+ case self::REVISION:
+ $this->showEntryDetailsRevision();
break;
}
@@ -1018,7 +1014,7 @@
*
* @access private
*/
- private function showEntryDetailsEntry( )
+ private function showEntryDetailsRevision( )
{
global $h_a, $h_a2;
@@ -1057,16 +1053,6 @@
<div class="frmeditheadline">Time</div><br />
<input type="text" name="vertime" id="vertime"
size="8" maxlength="8"
value="'.$revision['rev_time'].'" /> (hour:minute:second)
<img src="images/attention.gif" width="22"
height="22" /><br />
- <br />
- <div class="frmeditheadline">Move Entry</div><br />
- <input type="text" name="chgdataname"
id="chgdataname" size="25" maxlength="100"
value="'.$revision['data_name'].'" />
- <select id="cbmchgdatatype">
- <option value="page"'.(($revision['data_type'] ==
'page') ? ' selected="selected"' :
'').'>Page</option>
- <option value="content"'.(($revision['data_type'] ==
'content') ? ' selected="selected"' :
'').'>Content</option>
- <option value="template"'.(($revision['data_type'] ==
'template') ? ' selected="selected"' :
'').'>Template</option>
- <option value="script"'.(($revision['data_type'] ==
'script') ? ' selected="selected"' :
'').'>Script</option>
- <option value="system"'.(($revision['data_type'] ==
'system') ? ' selected="selected"' :
'').'>System</option>
- </select> <img src="images/attention.gif" width="22"
height="22" /><br />
<br />
<br />
<button type="button" id="beditsaveentry"
onclick="editsaveentrychanges('.$this->data_id.','.$this->rev_id.')">Save
Changes</button>
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Page.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Page.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Page.class.php [iso-8859-1]
Tue Nov 25 13:10:11 2008
@@ -52,7 +52,6 @@
public function page( )
{
global $RosCMS_GET_d_value, $RosCMS_GET_d_value2,$RosCMS_GET_d_value3;
- global $RosCMS_GET_d_r_lang;
global $roscms_standard_language;
$dynamic_num = $RosCMS_GET_d_value3;
@@ -66,7 +65,7 @@
default:
if (empty($_GET['d_r_id']) || strpos($_GET['d_r_id'],
'tr') >= 0) {
// translation mode (contains "tr")
- $RosCMS_GET_d_value2 = $RosCMS_GET_d_r_lang;
+ $RosCMS_GET_d_value2 = $_GET['d_r_lang'];
}
// remove "tr" so that it also work in translation view
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User.class.php [iso-8859-1] Tue
Nov 25 13:10:11 2008
@@ -56,8 +56,7 @@
{
global $roscms_intern_webserver_pages;
global $roscms_intern_webserver_roscms;
- global $roscms_SET_path_ex;
- global $rdf_uri_str;
+ global $roscms_intern_page_link;
global $rpm_lang;
global $roscms_langres;
@@ -82,8 +81,8 @@
<div
class="navTitle">'.$roscms_langres['Account'].'</div>
<ol>
<li
title="'.$thisuser->name().'"> Nick: '.substr($thisuser->name(),
0, 9).'</li>
- <li><a href="'.$roscms_SET_path_ex.'my/">My
Profile</a></li>
- <li><a href="'.$roscms_SET_path_ex.'search/">User
Search</a></li>
+ <li><a href="'.$roscms_intern_page_link.'my">My
Profile</a></li>
+ <li><a
href="'.$roscms_intern_page_link.'search">User
Search</a></li>
<li><a
href="'.$roscms_intern_webserver_pages.'peoplemap/">User
Map</a></li>');
if ($thisuser->securityLevel() > 0) {
echo '<li><a
href="'.$roscms_intern_webserver_roscms.'?page=data&branch=welcome">RosCMS
Interface</a></li>';
@@ -97,8 +96,8 @@
echo_strip('
<div
class="navTitle">'.$roscms_langres['Account'].'</div>
<ol>
- <li><a
href="'.$roscms_SET_path_ex.'login/">Login</a></li>
- <li><a
href="'.$roscms_SET_path_ex.'register/">Register</a></li>
+ <li><a
href="'.$roscms_intern_page_link.'login">Login</a></li>
+ <li><a
href="'.$roscms_intern_page_link.'register">Register</a></li>
</ol>
<br />');
}
@@ -121,7 +120,7 @@
<ol>
<li>
<div style="text-align:center;">
- <select id="select" size="1" name="select"
class="selectbox" style="width:140px"
onchange="'."window.location.href =
'".$roscms_SET_path_ex.$rdf_uri_str."?lang=' +
this.options[this.selectedIndex].value".'">
+ <select id="select" size="1" name="select"
class="selectbox" style="width:140px"
onchange="'."window.location.href =
'".$roscms_intern_webserver_roscms.'?'.$_SERVER['QUERY_STRING']."&lang='
+ this.options[this.selectedIndex].value".'">
<optgroup label="current language">');
$stmt=DBConnection::getInstance()->prepare("SELECT lang_name FROM languages
WHERE lang_id = :lang_id");
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Activate.class.p…
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Activate.class.p…
[iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Activate.class.p…
[iso-8859-1] Tue Nov 25 13:10:11 2008
@@ -45,22 +45,21 @@
*/
protected function body( )
{
- global $rdf_uri_3;
- global $roscms_SET_path_ex;
+ global $roscms_intern_page_link;
global $rdf_logon_system_name;
$err_message = ''; // error message box text
$mail_exists = false; // email already exists in the database (true = email exists)
$activation_code_exists = false; // pwd-id exists in the database (true = pwd-id
exists)
- $activation_code = $rdf_uri_3;
+ $activation_code = @$_GET['code'];
echo_strip('
<h1>Activate myReactOS Account</h1>
<div class="u-h1">Activate myReactOS Account</div>
- <div class="u-h2">Already a member? <a
href="'.$roscms_SET_path_ex.'login/">Login now</a>!<br
/>
- Don\'t have a '.$rdf_logon_system_name.' account yet? <a
href="'.$roscms_SET_path_ex.'register/">Join now</a>, it\'s
free and just takes a minute.</div>
- <form action="'.$roscms_SET_path_ex.'login/activate/"
method="post">
+ <div class="u-h2">Already a member? <a
href="'.$roscms_intern_page_link.'login">Login now</a>!<br
/>
+ Don\'t have a '.$rdf_logon_system_name.' account yet? <a
href="'.$roscms_intern_page_link.'register">Join now</a>,
it\'s free and just takes a minute.</div>
+ <form
action="'.$roscms_intern_page_link.'login&subpage=activate"
method="post">
<div align="center">
<div style="background: #e1eafb none repeat scroll 0%; width:
300px;">
<div class="corner1">
@@ -111,7 +110,7 @@
echo_strip('
<div class="login-title">Account activated</div>
- <div><a href="'.$roscms_SET_path_ex.'login/"
style="color:red !important; text-decoration:underline;">Login
now</a>!</div>');
+ <div><a href="'.$roscms_intern_page_link.'login"
style="color:red !important; text-decoration:underline;">Login
now</a>!</div>');
}
elseif ($activation_code_exists) {
echo_strip('
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Login.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Login.class.php
[iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Login.class.php
[iso-8859-1] Tue Nov 25 13:10:11 2008
@@ -48,7 +48,7 @@
*/
protected function body( )
{
- global $roscms_SET_path_ex;
+ global $roscms_intern_page_link;
global $rdf_login_cookie_usrkey;
global $rdf_login_cookie_seckey;
global $rdf_login_cookie_usrname;
@@ -192,7 +192,7 @@
exit;
}
- header('Location: '.$roscms_SET_path_ex.'my/');
+ header('Location: '.$roscms_intern_page_link.'my');
exit;
}
} // end of member function body
@@ -210,12 +210,12 @@
global $rdf_login_cookie_usrpwd;
global $rdf_login_cookie_loginname;
global $rdf_name;
- global $roscms_SET_path_ex;
+ global $roscms_intern_page_link;
//@ADD comment -> why do we need this
$random_string_security = '';
- if (isset($_GET['sec']) && $_GET['sec'] ==
"security") {
+ if (isset($_GET['sec']) && $_GET['sec'] ==
'security') {
$random_string_security = self::makeKey();
setcookie($rdf_login_cookie_seckey, $random_string_security, 0, '/',
Cookie::getDomain());
}
@@ -228,7 +228,7 @@
$target_clean = $matches[1];
}
- echo '<form action="'.$roscms_SET_path_ex.'login/"
method="post">';
+ echo '<form action="'.$roscms_intern_page_link.'login"
method="post">';
if ($target_clean != '' ) {
echo_strip('
@@ -240,7 +240,7 @@
echo_strip('
<h1>Login</h1>
<div class="u-h1">Login to '.$rdf_name.'</div>
- <div class="u-h2">You don\'t have a '.$rdf_name.'
account yet? <a href="'.$roscms_SET_path_ex.'register/">Join
now</a>, it\'s free and just takes a minute.</div>
+ <div class="u-h2">You don\'t have a '.$rdf_name.'
account yet? <a href="'.$roscms_intern_page_link.'register">Join
now</a>, it\'s free and just takes a minute.</div>
<div>
<div style="margin: 0px auto; background: #e1eafb none repeat scroll 0%;
width: 300px;">
<div class="corner1">
@@ -266,7 +266,7 @@
<input name="'.$rdf_login_cookie_usrpwd.'"
type="password" class="input" tabindex="2"
id="'.$rdf_login_cookie_usrpwd.'" size="50"
maxlength="50" />
</div>');
- if (isset($_GET['sec']) && ($_GET['sec'] == '' ||
$_GET['sec'] == 'standard')) {
+ if (empty($_GET['sec']) || $_GET['sec'] == 'standard') {
echo_strip('
<div class="login-options">
<input name="loginoption1" type="checkbox"
id="loginoption1"
value="save"'.(isset($_COOKIE[$rdf_login_cookie_loginname]) ?
'checked' : '').' tabindex="3" />
@@ -306,16 +306,16 @@
echo '<div style="margin:10px;text-align:center;">';
- if (isset($_GET['sec']) && ($_GET['sec'] == '' ||
$_GET['sec'] == 'standard')) {
- echo '<a
href="'.$roscms_SET_path_ex.'login/?sec=security'.(($target_clean !=
'') ? '&target='.urlencode($target_clean) :
'').'">Use enhanced security</a>';
+ if (empty($_GET['sec']) || $_GET['sec'] == 'standard') {
+ echo '<a
href="'.$roscms_intern_page_link.'login&sec=security'.(($target_clean
!= '') ? '&target='.urlencode($target_clean) :
'').'">Use enhanced security</a>';
}
else {
- echo '<a
href="'.$roscms_SET_path_ex.'login/?sec=standard'.(($target_clean !=
'') ? '&target='.urlencode($target_clean) :
'').'">Use standard security</a>';
+ echo '<a
href="'.$roscms_intern_page_link.'login&sec=standard'.(($target_clean
!= '') ? '&target='.urlencode($target_clean) :
'').'">Use standard security</a>';
}
echo_strip('
<br />
- <a href="'.$roscms_SET_path_ex.'login/lost/">Lost
username or password?</a>
+ <a
href="'.$roscms_intern_page_link.'login&subpage=lost">Lost
username or password?</a>
</div>
</div>
</form>');
Modified:
branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_LostPassword.cla…
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_LostPassword.cla…
[iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_LostPassword.cla…
[iso-8859-1] Tue Nov 25 13:10:11 2008
@@ -45,8 +45,7 @@
*/
protected function body( )
{
- global $rdf_uri_3;
- global $roscms_SET_path_ex;
+ global $roscms_intern_page_link, $roscms_intern_webserver_roscms;
global $rdf_name, $rdf_name_long;
global $rdf_register_user_pwd_min, $rdf_register_user_pwd_max;
global $rdf_support_email_str;
@@ -55,25 +54,25 @@
$mail_exists = false; // email already exists in the database (true = email exists)
$password_id_exists = null; // pwd-id exists in the database (true = pwd-id exists)
- $activation_code = $rdf_uri_3;
+ $activation_code = @$_GET['code'];
$mail_exists = isset($_POST['registerpost']) &&
isset($_POST['useremail']) && $_POST['useremail'] != ''
&& ROSUser::hasEmail($_POST['useremail']);
$password_id_exists = ROSUser::hasPasswordReset($activation_code);
if (strlen($activation_code > 6)) {
echo_strip('
- <h1><a
href="'.$roscms_SET_path_ex.'login/">Login</a> > Reset
your Password</h1>
+ <h1><a
href="'.$roscms_intern_page_link.'login">Login</a> >
Reset your Password</h1>
<div class="u-h1">Reset your Password</div>
<div class="u-h2">Have you forgotten your password of your
'.$rdf_name.' account? Don\'t panic. You have already requested us that we
reset your password. Now it\'s your turn to enter a new password for your
'.$rdf_name.' account.</div>');
}
else {
echo_strip('
- <h1><a
href="'.$roscms_SET_path_ex.'login/">Login</a> > Lost
Username or Password?</h1>
+ <h1><a
href="'.$roscms_intern_page_link.'login">Login</a> >
Lost Username or Password?</h1>
<div class="u-h1">Lost Username or Password?</div>
<div class="u-h2">Have you forgotten your username and/or
password of your '.$rdf_name.' account? Don\'t panic. We can send you your
username and let you reset your password. All you need is your email
address.</div>');
}
echo_strip('
- <form action="'.$roscms_SET_path_ex.'login/lost/"
method="post">
+ <form
action="'.$roscms_intern_page_link.'login&subpage=lost"
method="post">
<div style="text-align: center;">
<div style="margin:0px auto; background: #e1eafb none repeat scroll 0%;
width: 300px;">
<div class="corner1">
@@ -105,7 +104,7 @@
echo_strip('
<div class="login-title">Password changed</div>
- <div><a href="'.$roscms_SET_path_ex.'login/"
style="color:red !important; text-decoration:underline;">Login
now</a>!</div>');
+ <div><a href="'.$roscms_intern_page_link.'login"
style="color:red !important; text-decoration:underline;">Login
now</a>!</div>');
}
elseif (strlen($activation_code) < 6 &&
isset($_POST['registerpost']) && !empty($_POST['useremail'])
&& EMail::isValid($_POST['useremail']) &&
!empty($_POST['usercaptcha']) &&
!empty($_SESSION['rdf_security_code']) &&
strtolower($_SESSION['rdf_security_code']) ==
strtolower($_POST['usercaptcha']) && $mail_exists) {
@@ -128,7 +127,7 @@
$subject = $rdf_name_long.' - Lost username or password?';
// Email message
- $message = $rdf_name_long." - Lost username or password?\n\n\nYou have
requested your ".$rdf_name." account login data.\n\nYou haven't requested
your account login data? Oops, then someone has tried the 'Lost username or
password?' function with your email address, just ignore this email.\n\n\nUsername:
".$user['user_name']."\n\n\nLost your password? Reset your password:
".$roscms_SET_path_ex."login/lost/".$activation_code."/\n\n\nBest
regards,\nThe ".$rdf_name." Team\n\n\n(please do not reply as this is an auto
generated email!)";
+ $message = $rdf_name_long." - Lost username or password?\n\n\nYou have
requested your ".$rdf_name." account login data.\n\nYou haven't requested
your account login data? Oops, then someone has tried the 'Lost username or
password?' function with your email address, just ignore this email.\n\n\nUsername:
".$user['user_name']."\n\n\nLost your password? Reset your password:
".$roscms_intern_page_link."login&subpage=lost&code=".$activation_code."/\n\n\nBest
regards,\nThe ".$rdf_name." Team\n\n\n(please do not reply as this is an auto
generated email!)";
// send the Email
if (EMail::send($_POST['useremail'], $subject, $message)) {
@@ -197,14 +196,14 @@
function CaptchaReload()
{
++BypassCacheNumber;
- document.getElementById('captcha').src =
'".$roscms_SET_path_ex."register/captcha/' + BypassCacheNumber;
+ document.getElementById('captcha').src =
'".$roscms_intern_page_link."captcha' + BypassCacheNumber;
}
document.write('".'<br /><span
style="color:#817A71;">If you can\'t read this, try <a
href="javascript:CaptchaReload()">another
one</a>.</span>'."');
-->".'
</script>';
echo_strip('
- <img id="captcha"
src="'.$roscms_SET_path_ex.'register/captcha"
style="padding-top:10px;" alt="If you can\'t read this, try another one
or email '.$rdf_support_email_str.' for help." title="Are you
human?" />
+ <img id="captcha"
src="'.$roscms_intern_page_link.'captcha"
style="padding-top:10px;" alt="If you can\'t read this, try another one
or email '.$rdf_support_email_str.' for help." title="Are you
human?" />
<br />');
if (isset($_POST['registerpost'])) {
@@ -217,7 +216,7 @@
</div>
<div class="login-button">
<input type="submit" name="submit"
value="Send" tabindex="8" /><br />
- <input type="button"
onclick="'."window.location=".$roscms_SET_path_ex."'".'"
tabindex="9" value="Cancel" name="cancel"
style="color:#777777;" />
+ <input type="button"
onclick="'."window.location=".$roscms_intern_webserver_roscms."'".'"
tabindex="9" value="Cancel" name="cancel"
style="color:#777777;" />
<input name="registerpost" type="hidden"
id="registerpost" value="reg" />
</div>');
}
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Profile.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Profile.class.php
[iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Profile.class.php
[iso-8859-1] Tue Nov 25 13:10:11 2008
@@ -49,8 +49,7 @@
*/
protected function body( )
{
- global $rdf_uri_2;
- global $roscms_SET_path_ex;
+ global $roscms_intern_page_link;
if ($this->search) {
@@ -73,13 +72,14 @@
}
// more than one user was found (or none)
- if ($users_found != 1 && ($rdf_uri_2 == '' ||
isset($_GET['search']) && $_GET['search'] != '')) {
+ if ($users_found != 1 && (empty($_GET['user_name']) ||
!empty($_GET['search']))) {
echo_strip('
- <h1><a
href="'.$roscms_SET_path_ex.'my/">myReactOS</a> >
Profile Search</h1>
+ <h1><a
href="'.$roscms_intern_page_link.'my">myReactOS</a> >
Profile Search</h1>
<div class="u-h1">Profile Search</div>
- <form id="form1" name="form1" method="get"
action="'.$roscms_SET_path_ex.'search/">
+ <form id="form1" method="get"
action="'.$roscms_intern_page_link.'search">
+ <input type="hidden" name="page" id="page"
value="search" />
<input name="search" type="text" id="search"
value="'.(a)htmlentities($_GET['search']).'" />
- <input name="cmdsearch" type="submit"
id="cmdsearch" value="Search" />
+ <button type="submit">Search</button>
</form>
<br />');
@@ -93,7 +93,7 @@
$stmt->execute();
while ($search = $stmt->fetch(PDO::FETCH_ASSOC)) {
- echo '<li><a style="font-weight:bold;"
href="'.$roscms_SET_path_ex.'search/'.$search['user_name'].'">'.$search['user_name'].'</a>';
+ echo '<li><a style="font-weight:bold;"
href="'.$roscms_intern_page_link.'search&phrase'.$search['user_name'].'">'.$search['user_name'].'</a>';
if ($search['user_fullname']) {
echo '<br />'.$search['user_fullname'];
}
@@ -106,7 +106,7 @@
else {
if (empty($user_id)|| $user_id === false) {
$stmt=DBConnection::getInstance()->prepare("SELECT user_id FROM users
WHERE user_name = :user_name LIMIT 1");
- $stmt->bindParam('user_name',rawurldecode($rdf_uri_2));
+
$stmt->bindParam('user_name',rawurldecode(@$_GET['user_name']));
$stmt->execute();
$user_id = $stmt->fetchColumn();
}
@@ -125,7 +125,7 @@
*/
private function profile( $user_id = null )
{
- global $roscms_SET_path_ex;
+ global $roscms_intern_page_link;
global $roscms_intern_webserver_pages;
global $rdf_name;
@@ -226,7 +226,7 @@
echo_strip('
<div class="login-form">
<div class="u-desc">Private Website</div>
- <div class="u-title"><a
href="'.$profile['user_website'].'"
rel="nofollow">.'.htmlspecialchars($profile['user_website']).'</a></div>
+ <div class="u-title"><a
href="'.$profile['user_website'].'"
rel="nofollow">'.htmlspecialchars($profile['user_website']).'</a></div>
</div>');
}
@@ -268,14 +268,14 @@
if ($profile['user_id'] == $thisuser->id()) {
echo_strip('
<div> </div>
- <div class="u-link"><a
href="'.$roscms_SET_path_ex.'my/edit/">Edit My
Profile</a></div>
+ <div class="u-link"><a
href="'.$roscms_intern_page_link.'my&subpage=edit">Edit My
Profile</a></div>
<div> </div>');
}
else {
echo_strip('
<div> </div>
<div>
- <a href="'.$roscms_SET_path_ex.'search/"
style="color:#333333 !important; text-decoration:underline;
font-weight:bold;">
+ <a href="'.$roscms_intern_page_link.'search"
style="color:#333333 !important; text-decoration:underline;
font-weight:bold;">
<strong>» Profile Search</strong>
</a>
</div>
Modified:
branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_ProfileEdit.clas…
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_ProfileEdit.clas…
[iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_ProfileEdit.clas…
[iso-8859-1] Tue Nov 25 13:10:11 2008
@@ -34,7 +34,6 @@
public function __construct()
{
Login::required();
- session_start();
parent::__construct();
}
@@ -46,8 +45,7 @@
*/
protected function body( )
{
- global $roscms_SET_path_ex;
- global $rdf_uri_3;
+ global $roscms_intern_page_link;
global $rdf_name_long;
global $rdf_name;
global $rdf_register_user_pwd_min;
@@ -55,16 +53,15 @@
global $rdf_register_user_name_max;
global $roscms_intern_webserver_pages;
- $activation_code = $rdf_uri_3;
-
- $err_message = ''; // error message box text
+ $activation_code = @$_GET['code'];
+
$existemail = false; // email already exists in the database (true = email exists)
$safepwd = ''; // unsafe password, common cracked passwords ("" =
not checked; "true" = fine; "false" = match with a db entry =>
protected name)
$password_change = false; // new password
if ($activation_code != '' && strlen($activation_code) > 6) {
echo_strip('
- <h1><a
href="'.$roscms_SET_path_ex.'my/">myReactOS</a> > <a
href="'.$roscms_SET_path_ex.'my/edit/">Edit My Profile</a>
> Activate E-Mail Address</h1>
+ <h1><a
href="'.$roscms_intern_page_link.'my">myReactOS</a> >
<a href="'.$roscms_intern_page_link.'my&subpage=edit">Edit
My Profile</a> > Activate E-Mail Address</h1>
<div class="u-h1">Activate E-Mail Address</div>
<div class="u-h2">
So you have a new email address and would like to keep your
'.$rdf_name.' account up-to-date? That is a very good idea. To confirm your email
address change, please enter your new email address again.
@@ -72,13 +69,13 @@
}
else {
echo_strip('
- <h1><a
href="'.$roscms_SET_path_ex.'my/">myReactOS</a> > Edit
My Profile</h1>
+ <h1><a
href="'.$roscms_intern_page_link.'my">myReactOS</a> >
Edit My Profile</h1>
<div class="u-h1">Edit My Profile</div>
<div class="u-h2">Update your user account profile data to
reflect the current state.</div>');
}
echo_strip('
- <form action="'.$roscms_SET_path_ex.'my/edit/"
method="post">
+ <form
action="'.$roscms_intern_page_link.'my&subpage=edit"
method="post">
<div style="text-align:center;">
<div style="margin: 0px auto; background: #e1eafb none repeat scroll
0%; width: 300px;">
<div class="corner1">
@@ -104,7 +101,7 @@
echo_strip('
<div class="login-title">E-Mail Address Changed</div>
<div>
- <a href="'.$roscms_SET_path_ex.'my/" style="color:
red !important; text-decoration:underline;">My Profile</a>
+ <a href="'.$roscms_intern_page_link.'my"
style="color: red !important; text-decoration:underline;">My
Profile</a>
</div>');
return;
}
@@ -164,6 +161,11 @@
$stmt->bindValue('activation_code',htmlspecialchars($_POST['useremail']).$account_act_code,PDO::PARAM_STR);
$stmt->bindParam('user_id',$profile['user_id'],PDO::PARAM_INT);
$stmt->execute();
+ }
+
+ // validate website
+ if (!preg_match('#://#',$_POST['userwebsite'])) {
+ $_POST['userwebsite'] = 'http://'.$_POST['userwebsite'];
}
// update account data
@@ -189,7 +191,7 @@
$subject = $rdf_name_long." - Email Address Activation";
// message
- $message = $rdf_name_long." - Email Address Activation\n\n\nYou have
requested an email address change for your account on ".$rdf_name.". The next
step in order to enable the new email address for the account is to activate it by using
the hyperlink below.\n\n\nCurrent E-Mail Address:
".$profile['user_email']."\nNew E-Mail Address:
".$_POST['useremail']."\n\nActivation-Hyperlink:
".$roscms_SET_path_ex."my/activate/".$account_act_code."/\n\n\nBest
regards,\nThe ".$rdf_name." Team\n\n\n(please do not reply as this is an auto
generated email!)";
+ $message = $rdf_name_long." - Email Address Activation\n\n\nYou have
requested an email address change for your account on ".$rdf_name.". The next
step in order to enable the new email address for the account is to activate it by using
the hyperlink below.\n\n\nCurrent E-Mail Address:
".$profile['user_email']."\nNew E-Mail Address:
".$_POST['useremail']."\n\nActivation-Hyperlink:
".$roscms_intern_page_link."my&subpage=activate&code=".$account_act_code."/\n\n\nBest
regards,\nThe ".$rdf_name." Team\n\n\n(please do not reply as this is an auto
generated email!)";
// send the mail
if (EMail::send($_POST['useremail'], $subject, $message)) {
@@ -204,11 +206,9 @@
echo '<div>Password changed.</div>';
}
- echo '<div><a href="'.$roscms_SET_path_ex.'my/"
style="color:red !important; text-decoration:underline;">My
Profile</a></div>';
+ echo '<div><a href="'.$roscms_intern_page_link.'my"
style="color:red !important; text-decoration:underline;">My
Profile</a></div>';
ROSUser::syncSubsystems($profile['user_id']);
-
- unset($_SESSION['rdf_security_code']);
}
elseif ($activation_code != '' && strlen($activation_code) > 6) {
echo_strip('
@@ -220,7 +220,7 @@
<div class="login-button">
<input type="submit" name="submit"
value="Save" tabindex="16" />
<br />
- <input type="button"
onclick="'."window.location='".$roscms_SET_path_ex."'".'"
tabindex="17" value="Cancel" name="cancel"
style="color:#777777;" />
+ <input type="button"
onclick="'."window.location='".$roscms_intern_webserver_pages."'".'"
tabindex="17" value="Cancel" name="cancel"
style="color:#777777;" />
<input name="registerpost" type="hidden"
id="registerpost" value="reg" />
</div>');
}
@@ -274,7 +274,7 @@
if (isset($_POST['registerpost']) && $existemail &&
$_POST['useremail'] != $profile['user_email']) {
echo_strip('
<br />
- <em>That email address is already with an account. Do you have several
accounts? Please <a href="'.$roscms_SET_path_ex.'login/"
style="color:red !important;
text-decoration:underline;"><strong>login</strong></a>!</em>');
+ <em>That email address is already with an account. Do you have several
accounts? Please <a href="'.$roscms_intern_page_link.'login"
style="color:red !important;
text-decoration:underline;"><strong>login</strong></a>!</em>');
}
echo_strip('
@@ -380,7 +380,7 @@
<div class="login-button">
<input type="submit" name="submit"
value="Save" tabindex="16" />
- <input type="button"
onclick="'.("window.location='".$roscms_SET_path_ex."'").'"
tabindex="17" value="Cancel" name="cancel"
style="color:#777777;" />
+ <input type="button"
onclick="'.("window.location='".$roscms_intern_webserver_roscms."'").'"
tabindex="17" value="Cancel" name="cancel"
style="color:#777777;" />
<input name="registerpost" type="hidden"
id="registerpost" value="reg" />
</div>');
}
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Register.class.p…
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Register.class.p…
[iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Register.class.p…
[iso-8859-1] Tue Nov 25 13:10:11 2008
@@ -47,7 +47,7 @@
{
global $rdf_name;
global $rdf_logon_system_name;
- global $roscms_SET_path_ex;
+ global $roscms_intern_page_link, $roscms_intern_webserver_roscms;
global $rdf_support_email_str;
global $rdf_register_user_name_min, $rdf_register_user_name_max;
@@ -62,11 +62,11 @@
<div class="u-h1">Register to '.$rdf_name.'</div>
<span class="u-h2">Become a member of the '.$rdf_name.'
Community. </span> The <span
class="u-h2">'.$rdf_logon_system_name.'</span> account offers
single sign-on for all <span
class="u-h2">'.$rdf_name.'</span> web services.
<ul>
- <li>Already a member? <a
href="'.$roscms_SET_path_ex.'login/">Login now</a>!
</li>
- <li><a
href="'.$roscms_SET_path_ex.'login/lost/">Lost username or
password?</a></li>
+ <li>Already a member? <a
href="'.$roscms_intern_page_link.'login">Login now</a>!
</li>
+ <li><a
href="'.$roscms_intern_page_link.'login&subpage=lost">Lost
username or password?</a></li>
</ul>
- <form action="'.$roscms_SET_path_ex.'register/"
method="post">
+ <form action="'.$roscms_intern_page_link.'register"
method="post">
<div>
<div style="margin: 0px auto; background: #e1eafb none repeat scroll
0%; width: 300px;">
<div class="corner1">
@@ -160,7 +160,7 @@
$subject = $rdf_name_long." - Account Activation";
// message
- $message = $rdf_name_long." - Account Activation\n\n\nYou have registered
an account on ".$rdf_name.". The next step in order to enable the account is to
activate it by using the hyperlink below.\n\nYou haven't registered an account? Oops,
then someone has tried to register an account with your email address. Just ignore this
email, no one can use it anyway as it is not activated and the account will get deleted
soon.\n\n\nUsername: ".$_POST['username']."\nPassword:
".$_POST['userpwd1']."\n\nActivation-Hyperlink:
".$roscms_SET_path_ex."login/activate/".$account_act_code."/\n\n\nBest
regards,\nThe ".$rdf_name." Team\n\n\n(please do not reply as this is an auto
generated email!)";
+ $message = $rdf_name_long." - Account Activation\n\n\nYou have registered
an account on ".$rdf_name.". The next step in order to enable the account is to
activate it by using the hyperlink below.\n\nYou haven't registered an account? Oops,
then someone has tried to register an account with your email address. Just ignore this
email, no one can use it anyway as it is not activated and the account will get deleted
soon.\n\n\nUsername: ".$_POST['username']."\nPassword:
".$_POST['userpwd1']."\n\nActivation-Hyperlink:
".$roscms_intern_page_link."login&subpage=activate&code=".$account_act_code."/\n\n\nBest
regards,\nThe ".$rdf_name." Team\n\n\n(please do not reply as this is an auto
generated email!)";
// send the mail
if (Email::send($_POST['useremail'], $subject, $message)) {
@@ -221,7 +221,7 @@
if (isset($_POST['registerpost']) && $mail_exists) {
echo_strip('
<br />
- <em>That email address is already with an account. Please <a
href="'.$roscms_SET_path_ex.'login/" style="color:red !important;
font-weight: bold; text-decoration:underline;">login</a>!</em>');
+ <em>That email address is already with an account. Please <a
href="'.$roscms_intern_page_link.'login" style="color:red
!important; font-weight: bold;
text-decoration:underline;">login</a>!</em>');
}
echo_strip('
@@ -237,14 +237,14 @@
function CaptchaReload()
{
++BypassCacheNumber;
- document.getElementById('captcha').src =
'".$roscms_SET_path_ex.">register/captcha/' + BypassCacheNumber;
+ document.getElementById('captcha').src =
'".$roscms_intern_page_link."captcha' + BypassCacheNumber;
}
- document.write(<![CDATA['<br /><span
style=\"color:#817A71; \">If you can't read this, try <a
href=\"javascript:CaptchaReload()\">another
one</a>.</span>']]>);
+ document.write('<br /><span style=\"color:#817A71;
\">If you can't read this, try <a
href=\"javascript:CaptchaReload()\">another
one</a>.</span>');
-->";echo_strip('
</script>
- <img id="captcha"
src="'.$roscms_SET_path_ex.'register/captcha"
style="padding-top:10px;" alt="If you can\'t read this, try another one
or email '.$rdf_support_email_str.' for help." title="Are you
human?" />
+ <img id="captcha"
src="'.$roscms_intern_page_link.'captcha"
style="padding-top:10px;" alt="If you can\'t read this, try another one
or email '.$rdf_support_email_str.' for help." title="Are you
human?" />
<br />');
if (isset($_POST['registerpost'])) {
echo_strip('
@@ -256,7 +256,7 @@
</div>
<div class="login-button">
<input type="submit" name="submit"
value="Register" tabindex="8" />
- <input type="button"
onclick="'."window.location='".$roscms_SET_path_ex."'".'"
tabindex="9" value="Cancel" name="cancel"
style="color:#777777;" />
+ <input type="button"
onclick="'."window.location='".$roscms_intern_webserver_roscms."'".'"
tabindex="9" value="Cancel" name="cancel"
style="color:#777777;" />
<input name="registerpost" type="hidden"
id="registerpost" value="reg" />
</div>');
} // end registration form
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Login.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Login.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Login.class.php [iso-8859-1] Tue Nov
25 13:10:11 2008
@@ -123,7 +123,7 @@
public static function out( $target = '' )
{
global $rdf_login_cookie_usrkey;
- global $roscms_SET_path_ex;
+ global $roscms_intern_page_link;
if (isset($_COOKIE[$rdf_login_cookie_usrkey]))
{
@@ -147,7 +147,7 @@
exit;
}
- header('Location: '.$roscms_SET_path_ex);
+ header('Location: '.$roscms_intern_page_link.'my');
exit;
} // end of member function login
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Security.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Security.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Security.class.php [iso-8859-1] Tue
Nov 25 13:10:11 2008
@@ -166,7 +166,7 @@
while($usergroup = $stmt->fetch(PDO::FETCH_ASSOC)) {
//
- $pos = strpos($rights['sec_allow'],
"|".$usergroup['usergroupmember_usergroupid']."|");
+ $pos = strpos($rights['sec_allow'],
'|'.$usergroup['usergroupmember_usergroupid'].'|');
if ($pos !== false) {
$acl_allow = true;
}
@@ -179,7 +179,7 @@
while($usergroup = $stmt->fetch(PDO::FETCH_ASSOC)) {
//
- $pos = strpos($rights['sec_deny'],
"|".$usergroup['usergroupmember_usergroupid']."|");
+ $pos = strpos($rights['sec_deny'],
'|'.$usergroup['usergroupmember_usergroupid'].'|');
if ($pos !== false) {
$acl_deny = true;
}
@@ -206,6 +206,7 @@
return $rights_list;
} // end of member function getRightsList
+
/**
* checks if the user has the given right to do things
*
@@ -221,11 +222,11 @@
return false;
}
-
// return if the requested kind of right is in the rights list for the user
$pos = strpos(self::getRightsList($data_id), '|'.$kind.'|');
return ($pos !== false);
} // end of member function hasRight
+
/**
* gives a short overview about user rights
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem_PHPBB.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem_PHPBB.class.php
[iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem_PHPBB.class.php
[iso-8859-1] Tue Nov 25 13:10:11 2008
@@ -74,7 +74,7 @@
$inconsistencies = 0;
$stmt=DBConnection::getInstance()->prepare("SELECT u.user_id, u.user_name,
u.user_email, u.user_register, p.username AS subsys_name, p.user_email AS subsys_email,
FROM_UNIXTIME(p.user_regdate) AS subsys_register FROM users u, subsys_mappings m,
".$this->user_table." p WHERE m.map_roscms_userid = u.user_id AND
m.map_subsys_name = 'phpbb' AND p.user_id = m.map_subsys_userid AND (u.user_name
!= p.username OR u.user_email != p.user_email OR u.user_register !=
FROM_UNIXTIME(p.user_regdate)) ");
- $stmt->execute() or die("DB error (subsys_phpbb #1)");
+ $stmt->execute() or die('DB error (subsys_phpbb #1)');
while ($mapping = $stmt->fetch(PDO::FETCH_ASSOC)) {
echo 'Info mismatch for RosCMS userid '.$mapping['user_id'].':
';
@@ -112,7 +112,7 @@
$stmt->bindParam('user_name',$user_name,PDO::PARAM_STR);
$stmt->bindParam('user_email',$user_email,PDO::PARAM_STR);
$stmt->bindParam('user_id',$subsys_user,PDO::PARAM_INT);
- $stmt->execute() or die("DB error (subsys_phpbb #7)");
+ $stmt->execute() or die('DB error (subsys_phpbb #7)');
if ($stmt->fetchColumn() > 0) {
echo 'User name ('.$user_name.') and/or email address
('.$user_email.') collision<br />';
return false;
@@ -124,7 +124,7 @@
$stmt->bindParam('reg_date',$user_register,PDO::PARAM_STR);
$stmt->bindParam('user_email',$user_email,PDO::PARAM_STR);
$stmt->bindParam('user_id',$user_id,PDO::PARAM_INT);
- $stmt->execute() or die("DB error (subsys_phpbb #8)");
+ $stmt->execute() or die('DB error (subsys_phpbb #8)');
return true;
} // end of member function updateUserPrivate
@@ -143,7 +143,7 @@
{
// Determine the next available userid
$stmt=DBConnection::getInstance()->prepare("SELECT MAX(user_id) FROM
".$this->user_table);
- $stmt->execute() or die("DB error (subsys_phpbb #20)");
+ $stmt->execute() or die('DB error (subsys_phpbb #20)');
$phpbb_user_id = $stmt->fetchColumn() + 1;
$dbh = DBConnection::getInstance();
@@ -153,27 +153,27 @@
$stmt->bindValue('user_clean_name',strtolower($name),PDO::PARAM_STR);
$stmt->bindParam('user_email',$email,PDO::PARAM_STR);
$stmt->bindParam('reg_date',$register,PDO::PARAM_STR);
- $stmt->execute() or die("DB error (subsys_phpbb #10)");
+ $stmt->execute() or die('DB error (subsys_phpbb #10)');
// Put the user in the REGISTERED group
$stmt=DBConnection::getInstance()->prepare("SELECT group_id FROM
".self::DB_NAME.".phpbb_groups WHERE group_name = 'REGISTERED' LIMIT
1");
- $stmt->execute() or die("DB error (subsys_phpbb #18)");
+ $stmt->execute() or die('DB error (subsys_phpbb #18)');
$group_id = $stmt->fetchColumn();
if($group_id === false){
- die("DB error (subsys_phpbb #20)");
+ die('DB error (subsys_phpbb #20)');
}
$stmt=DBConnection::getInstance()->prepare("INSERT INTO
".self::DB_NAME.".phpbb_user_group (group_id, user_id, user_pending) VALUES
(:group_id, :user_id, 0)");
$stmt->bindParam('group_id',$group_id,PDO::PARAM_INT);
$stmt->bindParam('user_id',$phpbb_user_id,PDO::PARAM_INT);
- $stmt->execute() or die("DB error (subsys_phpbb #19)");
+ $stmt->execute() or die('DB error (subsys_phpbb #19)');
// Finally, insert a row in the mapping table
- $query=DBConnection::getInstance()->prepare("INSERT INTO subsys_mappings
(map_roscms_userid, map_subsys_name, map_subsys_userid) VALUES(:roscms_user,
'phpbb', :phpbb_user)");
+ $stmt=DBConnection::getInstance()->prepare("INSERT INTO subsys_mappings
(map_roscms_userid, map_subsys_name, map_subsys_userid) VALUES(:roscms_user,
'phpbb', :phpbb_user)");
$stmt->bindParam('roscms_user',$id,PDO::PARAM_INT);
$stmt->bindParam('phpbb_user',$phpbb_user_id,PDO::PARAM_INT);
- $stmt->execute() or die("DB error (subsys_phpbb #11)");
+ $stmt->execute() or die('DB error (subsys_phpbb #11)');
return true;
} // end of member function addUser
@@ -194,14 +194,14 @@
// First, try to match on email address
$stmt=DBConnection::getInstance()->prepare("SELECT user_id FROM
".$this->user_table." WHERE LOWER(user_email) = LOWER(:user_email)");
$stmt->bindParam('user_email',$user['email'],PDO::PARAM_STR);
- $stmt->execute() or die("DB error (subsys_phpbb #5)");
+ $stmt->execute() or die('DB error (subsys_phpbb #5)');
$phpbb_user_id = $stmt->fetchColumn();
if ($phpbb_user_id === false) {
// That failed. Let's try to match on user name then
$stmt=DBConnection::getInstance()->prepare("SELECT user_id FROM
".$this->user_table." WHERE LOWER(username) = LOWER(:user_name)");
$stmt->bindParam('user_name',$user['name'],PDO::PARAM_STR);
- $stmt->execute() or die("DB error (subsys_phpbb #6)");
+ $stmt->execute() or die('DB error (subsys_phpbb #6)');
$phpbb_user_id = $stmt->fetchColumn();
}
@@ -221,7 +221,7 @@
$stmt=DBConnection::getInstance()->prepare("INSERT INTO subsys_mappings
(map_roscms_userid, map_subsys_name, map_subsys_userid) VALUES(:roscms_user,
'phpbb', :phpbb_user)");
$stmt->bindParam('roscms_user',$user_id,PDO::PARAM_INT);
$stmt->bindParam('phpbb_user',$phpbb_user_id,PDO::PARAM_INT);
- $stmt->execute() or die("DB error (subsys_phpbb #9)");
+ $stmt->execute() or die('DB error (subsys_phpbb #9)');
return true;
}
5832
days inactive
5832
days old
0 comments
1 participants
participants (1)
-
dgoette@svn.reactos.org