[dgoette] 408: * fix usage of UTF8 * show language selection also for unregistered users - Ros-diffs

7 May 2009

Author: dgoette
Date: Fri May  8 00:12:07 2009
New Revision: 408

URL: http://svn.reactos.org/svn/reactos?rev=408&view=rev
Log:
* fix usage of UTF8
* show language selection also for unregistered users

Modified:
    branches/danny-web/www/www.reactos.org/roscms/connect.db.php
    branches/danny-web/www/www.reactos.org/roscms/lib/DBConnection.class.php
    branches/danny-web/www/www.reactos.org/roscms/lib/HTML_User.class.php
    branches/danny-web/www/www.reactos.org/roscms/lib/backend/Admin_ACL.class.p…
    branches/danny-web/www/www.reactos.org/roscms/lib/backend/Admin_Groups.clas…
    branches/danny-web/www/www.reactos.org/roscms/lib/backend/Admin_Languages.c…
    branches/danny-web/www/www.reactos.org/roscms/lib/om/EMail.class.php
    branches/danny-web/www/www.reactos.org/roscms/lib/view/HTML_User_Login.clas…
    branches/danny-web/www/www.reactos.org/roscms/lib/view/HTML_User_Profile.cl…

Modified: branches/danny-web/www/www.reactos.org/roscms/connect.db.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/www/www.reactos.org/r…
==============================================================================

--- branches/danny-web/www/www.reactos.org/roscms/connect.db.php [iso-8859-1] (original)
+++ branches/danny-web/www/www.reactos.org/roscms/connect.db.php [iso-8859-1] Fri May  8
00:12:07 2009
@@ -24,7 +24,7 @@
 $db_user = 'username';
 $db_pass = 'password';
 $db_name = 'roscms';
-$db_port = 3301;
+$db_port = 3306;
 
 // vars are unset in DBConnection class
 // !!! so be sure to use DBConnection or unset(..) yourself

Modified: branches/danny-web/www/www.reactos.org/roscms/lib/DBConnection.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/www/www.reactos.org/r…
==============================================================================
--- branches/danny-web/www/www.reactos.org/roscms/lib/DBConnection.class.php [iso-8859-1]
(original)
+++ branches/danny-web/www/www.reactos.org/roscms/lib/DBConnection.class.php [iso-8859-1]
Fri May  8 00:12:07 2009
@@ -53,6 +53,7 @@
       // show errors as warning, and use our own statement class
       $this->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);
       $this->setAttribute(PDO::ATTR_STATEMENT_CLASS,array('DBStatement',
array($this)));
+      $this->exec("SET names 'utf8'");
     }
     catch (PDOException $e) {
 

Modified: branches/danny-web/www/www.reactos.org/roscms/lib/HTML_User.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/www/www.reactos.org/r…
==============================================================================
--- branches/danny-web/www/www.reactos.org/roscms/lib/HTML_User.class.php [iso-8859-1]
(original)
+++ branches/danny-web/www/www.reactos.org/roscms/lib/HTML_User.class.php [iso-8859-1] Fri
May  8 00:12:07 2009
@@ -89,7 +89,7 @@
       echo_strip('
         <h2>Account</h2>
         <ul>
-          <li
title="'.htmlentities($thisuser->name()).'">&nbsp;Nick:&nbsp;'.htmlentities($thisuser->name()).'</li>
+          <li
title="'.htmlspecialchars($thisuser->name()).'">&nbsp;Nick:&nbsp;'.htmlspecialchars($thisuser->name()).'</li>
           <li><a
href="'.$config->pathInstance().'?page=my">My
Profile</a></li>
           <li><a
href="'.$config->pathInstance().'?page=search">User
Search</a></li>
           <li><a
href="'.$config->pathGenerated().'peoplemap/">User
Map</a></li>');
@@ -128,38 +128,50 @@
       <ul>
         <li> 
           <div style="text-align:center;"> 
-            <select id="select" size="1" name="select"
class="selectbox" style="width:140px"
onchange="'."window.location.href =
'".$config->pathInstance().'?'.htmlentities($_SERVER['QUERY_STRING'])."&lang='
+ this.options[this.selectedIndex].value".'">
-              <optgroup label="current language">'); 
-
-    // print current language
-    $stmt=&DBConnection::getInstance()->prepare("SELECT id, name FROM
".ROSCMST_LANGUAGES." WHERE id = :lang_id");
-    $stmt->bindParam('lang_id',$thisuser->language(),PDO::PARAM_INT);
-    $stmt->execute();
-    $current_lang = $stmt->fetchOnce(PDO::FETCH_ASSOC);
-
-    echo_strip('
-        <option
value="#">'.$current_lang['name'].'</option>
-      </optgroup>
-      <optgroup label="all languages">');
+            <select id="select" size="1" name="select"
class="selectbox" style="width:140px"
onchange="'."window.location.href =
'".$config->pathInstance().'?'.htmlspecialchars($_SERVER['QUERY_STRING'])."&lang='
+ this.options[this.selectedIndex].value".'">');
+
+    // show current profile language of registered users
+    if ($thisuser->language() > 0) {
+      // print current language
+      $stmt=&DBConnection::getInstance()->prepare("SELECT id, name FROM
".ROSCMST_LANGUAGES." WHERE id = :lang_id");
+      $stmt->bindParam('lang_id',$thisuser->language(),PDO::PARAM_INT);
+      $stmt->execute();
+      $current_lang = $stmt->fetchOnce(PDO::FETCH_ASSOC);
+
+      echo_strip('
+        <optgroup label="current language">
+          <option
value="#">'.$current_lang['name'].'</option>
+        </optgroup>
+        <optgroup label="all languages">');
+
+      $stmt=&DBConnection::getInstance()->prepare("SELECT name, id,
name_original FROM ".ROSCMST_LANGUAGES." WHERE id != :lang ORDER BY name
ASC");
+      $stmt->bindParam('lang',$current_lang['id'],PDO::PARAM_INT);
+    }
+
+    // for guests show all
+    else {
+      $stmt=&DBConnection::getInstance()->prepare("SELECT name, id,
name_original FROM ".ROSCMST_LANGUAGES." ORDER BY name ASC");
+    }
 
     // print available languages
-    $stmt=&DBConnection::getInstance()->prepare("SELECT name, id,
name_original FROM ".ROSCMST_LANGUAGES." WHERE id != :lang ORDER BY name
ASC");
-    $stmt->bindParam('lang',$current_lang['id'],PDO::PARAM_INT);
     $stmt->execute();
     while ($language = $stmt->fetch(PDO::FETCH_ASSOC)) {
 
       // display original name in brackets, if a localized version is available
       if ($language['name_original'] != '') {
-        echo '<option
value="'.$language['id'].'">'.$language['name'].'
('.htmlentities($language['name_original']).')</option>';
+        echo '<option
value="'.$language['id'].'">'.$language['name'].'
('.htmlspecialchars($language['name_original']).')</option>';
       }
       else {
         echo '<option
value="'.$language['id'].'">'.$language['name'].'</option>';
       }
     }
+    
+    if ($thisuser->language() > 0) {
+      echo '</optgroup>';
+    }
 
     // close navigation and open content area
     echo_strip('
-                </optgroup>
               </select>
             </div>
           </li>

Modified: branches/danny-web/www/www.reactos.org/roscms/lib/backend/Admin_ACL.class.p…
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/www/www.reactos.org/r…
==============================================================================
--- branches/danny-web/www/www.reactos.org/roscms/lib/backend/Admin_ACL.class.p…
[iso-8859-1] (original)
+++ branches/danny-web/www/www.reactos.org/roscms/lib/backend/Admin_ACL.class.p…
[iso-8859-1] Fri May  8 00:12:07 2009
@@ -172,7 +172,7 @@
         <tr id="tra'.($x).'" class="'.($x%2 ? 'odd'
: 'even').'"
onclick="'."editAccess(".$access['id'].")".'"
onmouseover="'."hlRow(this.id,1)".'"
onmouseout="'."hlRow(this.id,2)".'">
           <td>'.$access['standard'].'</td>
           <td>'.$access['name'].'</td>
-          <td>'.htmlentities($access['description']).'</td>
+         
<td>'.htmlspecialchars($access['description']).'</td>
         </tr>');
     }
 

Modified:
branches/danny-web/www/www.reactos.org/roscms/lib/backend/Admin_Groups.clas…
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/www/www.reactos.org/r…
==============================================================================
--- branches/danny-web/www/www.reactos.org/roscms/lib/backend/Admin_Groups.clas…
[iso-8859-1] (original)
+++ branches/danny-web/www/www.reactos.org/roscms/lib/backend/Admin_Groups.clas…
[iso-8859-1] Fri May  8 00:12:07 2009
@@ -225,7 +225,7 @@
         <tr id="trg'.($x).'" class="'.($x%2 ? 'odd'
: 'even').'"
onclick="'."editGroup(".$group['id'].")".'"
onmouseover="'."hlRow(this.id,1)".'"
onmouseout="'."hlRow(this.id,2)".'">
           <td>'.$group['security_level'].'</td>
           <td>'.$group['name'].'</td>
-          <td>'.htmlentities($group['description']).'</td>
+         
<td>'.htmlspecialchars($group['description']).'</td>
         </tr>');
     }
   } // end of member function showSearch

Modified:
branches/danny-web/www/www.reactos.org/roscms/lib/backend/Admin_Languages.c…
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/www/www.reactos.org/r…
==============================================================================
--- branches/danny-web/www/www.reactos.org/roscms/lib/backend/Admin_Languages.c…
[iso-8859-1] (original)
+++ branches/danny-web/www/www.reactos.org/roscms/lib/backend/Admin_Languages.c…
[iso-8859-1] Fri May  8 00:12:07 2009
@@ -117,7 +117,7 @@
         <tr id="trl'.($x).'" class="'.($x%2 ? 'odd'
: 'even').'"
onclick="'."editLanguage(".$lang['id'].")".'"
onmouseover="'."hlRow(this.id,1)".'"
onmouseout="'."hlRow(this.id,2)".'">
           <td>'.$lang['name_short'].'</td>
           <td>'.$lang['name'].'</td>
-          <td>'.htmlentities($lang['name_original']).'</td>
+         
<td>'.htmlspecialchars($lang['name_original']).'</td>
         </tr>');
     }
   } // end of member function showSearch

Modified: branches/danny-web/www/www.reactos.org/roscms/lib/om/EMail.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/www/www.reactos.org/r…
==============================================================================
--- branches/danny-web/www/www.reactos.org/roscms/lib/om/EMail.class.php [iso-8859-1]
(original)
+++ branches/danny-web/www/www.reactos.org/roscms/lib/om/EMail.class.php [iso-8859-1] Fri
May  8 00:12:07 2009
@@ -55,7 +55,7 @@
     }
 
     // email addresses
-    $receiver = htmlentities($receiver, ENT_NOQUOTES, 'UTF-8');
+    $receiver = htmlspecialchars($receiver, ENT_NOQUOTES, 'UTF-8');
 
     // header
     $headers = "";

Modified:
branches/danny-web/www/www.reactos.org/roscms/lib/view/HTML_User_Login.clas…
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/www/www.reactos.org/r…
==============================================================================
--- branches/danny-web/www/www.reactos.org/roscms/lib/view/HTML_User_Login.clas…
[iso-8859-1] (original)
+++ branches/danny-web/www/www.reactos.org/roscms/lib/view/HTML_User_Login.clas…
[iso-8859-1] Fri May  8 00:12:07 2009
@@ -233,7 +233,7 @@
 
     $target_clean = '';
     if (isset($_REQUEST['target']) &&
preg_match('/^(\/[a-zA-Z0-9!$%&,\'()*+\-.\/:;=?@_~]+)$/',
$_REQUEST['target'], $matches)) {
-      $target_clean = htmlentities($matches[1]);
+      $target_clean = htmlspecialchars($matches[1]);
     }
 
     echo_strip('

Modified:
branches/danny-web/www/www.reactos.org/roscms/lib/view/HTML_User_Profile.cl…
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/www/www.reactos.org/r…
==============================================================================
--- branches/danny-web/www/www.reactos.org/roscms/lib/view/HTML_User_Profile.cl…
[iso-8859-1] (original)
+++ branches/danny-web/www/www.reactos.org/roscms/lib/view/HTML_User_Profile.cl…
[iso-8859-1] Fri May  8 00:12:07 2009
@@ -86,7 +86,7 @@
               <h2>Profile Search</h2>
               <div class="field">
                 <label for="search">Username</label>
-                <input name="search" type="text"
id="search" value=&quot;&#39;.(a)htmlentities($_GET[&#39;search&#39;]).&#39;&quot;
/>
+                <input name="search" type="text"
id="search"
value=&quot;&#39;.(a)htmlspecialchars($_GET[&#39;search&#39;]).&#39;&quot; />
               </div>
               <div class="field">
                 <input type="hidden" name="page"
id="page" value="search" />


    