[dgoette] 39818: * readd group & acl deletion * fix subsystem integration * tooltip now does not hide, if changing the <td> element inside the same <tr> * tooltip now hides, if editor is loaded * generator now doesn't cache scripts * show error message on login failure, instead of a white page
Author: dgoette Date: Sun Mar 1 02:47:12 2009 New Revision: 39818
URL: http://svn.reactos.org/svn/reactos?rev=39818&view=rev Log: * readd group & acl deletion * fix subsystem integration * tooltip now does not hide, if changing the <td> element inside the same <tr> * tooltip now hides, if editor is loaded * generator now doesn't cache scripts * show error message on login failure, instead of a white page
Modified: branches/danny-web/reactos.org/htdocs/roscms/js/cms_maintain.js branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_ACL.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_Groups.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/om/Login.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_User_Login.class.php
Modified: branches/danny-web/reactos.org/htdocs/roscms/js/cms_maintain.js URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/js/cms_maintain.js [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/js/cms_maintain.js [iso-8859-1] Sun Mar 1 02:47:12 2009 @@ -390,6 +390,36 @@ /** * @FILLME */ +function deleteAccess( id ) +{ + // highlight left menu entry + highlightMenu('Access'); + + document.getElementById('accessList').style.display = 'none'; + document.getElementById('accessDetails').style.display = 'block'; + + // get language list + makeRequest('?page=backend&type=admin&subtype=acl&action=delete&access='+id, 'apply', 'accessDetails', 'html', 'GET'); + return true; +} // end of function loadGenerate + + + +/** + * @FILLME + */ +function submitAccessDelete( ) +{ + makeRequest('?page=backend&type=admin&subtype=acl&action=delete&submit=true', 'apply', 'accessDetails', 'html', 'POST'); + + loadAccess(); +} + + + +/** + * @FILLME + */ function loadSystem( ) {
@@ -487,7 +517,37 @@ */ function submitGroupEdit( ) { - makeRequest('?page=backend&type=admin&subtype=group&action=edit&submit=true', 'apply', 'groupDetails', 'html', 'POST'); + makeRequest('?page=backend&type=admin&subtype=group&action=delete&submit=true', 'apply', 'groupDetails', 'html', 'POST'); + + loadGroups(); +} + + + +/** + * @FILLME + */ +function deleteGroup( id ) +{ + // highlight left menu entry + highlightMenu('Groups'); + + document.getElementById('groupList').style.display = 'none'; + document.getElementById('groupDetails').style.display = 'block'; + + // get language list + makeRequest('?page=backend&type=admin&subtype=group&action=delete&group='+id, 'apply', 'groupDetails', 'html', 'GET'); + return true; +} // end of function loadGenerate + + + +/** + * @FILLME + */ +function submitGroupDelete( ) +{ + makeRequest('?page=backend&type=admin&subtype=group&action=delete&submit=true', 'apply', 'groupDetails', 'html', 'POST');
loadGroups(); }
Modified: branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js [iso-8859-1] Sun Mar 1 02:47:12 2009 @@ -24,7 +24,8 @@ // check for quirks / standard mode var IEmode = ( typeof document.compatMode != "undefined" && document.compatMode != "BackCompat") ? "documentElement" : "body";
-var timerTooltip; +var timerTooltip, timer_tooltip_delete; +var tooltip_row = null;
document.onmousemove = getMousePosition; @@ -302,8 +303,22 @@ { // deactivate tooltip-timer window.clearTimeout(timerTooltip); - + + window.clearTimeout(timer_tooltip_delete); + timer_tooltip_delete = window.setTimeout("deleteTooltip()", 300); +} // end of function clearTooltip + + + +/** + * Disables Tooltip view + */ +function deleteTooltip( ) +{ document.getElementById('tooltip').style.display = 'none'; + + // deactivate tooltip-timer + window.clearTimeout(timer_tooltip_delete); } // end of function clearTooltip
@@ -433,16 +448,20 @@ // deactivate Tooltip-timer window.clearTimeout(timerTooltip);
- timerTooltip = window.setTimeout("loadTooltip('"+this.getElementsByTagName('td')[3].className+"')", 500); + if (tooltip_row == this.id) { + window.clearTimeout(timer_tooltip_delete); + } + else { + tooltip_row = this.id; + + timerTooltip = window.setTimeout("loadTooltip('"+this.getElementsByTagName('td')[3].className+"')", 500); + } } // end of inner function localStartActive
//sets a timeout to remove Tooltip function localStopActive() { hlRow(this.id,2); - - // deactivate Tooltip-timer - window.clearTimeout(timerTooltip);
clearTooltip(); } // end of inner function localStopActive @@ -460,6 +479,8 @@
function localStartEditor() { + clearTooltip(); + loadEditor(roscms_current_page, this.className); } // end of inner function localStartEditor
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem.class.php [iso-8859-1] Sun Mar 1 02:47:12 2009 @@ -154,7 +154,7 @@ */ protected function updateUser( $user_id, $subsys_user ) { - $user = ROSUser::getDetailsById($user_id); + $user = self::getRoscmsUser($user_id); if ($user === false) { return false; }
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_ACL.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_ACL.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_ACL.class.php [iso-8859-1] Sun Mar 1 02:47:12 2009 @@ -226,6 +226,7 @@ echo_strip(' <h2>Edit Access Control List (ACL)</h2> <form onsubmit="return false;"> + <button onclick="'."deleteAccess(".$access['id'].")".'">show Delete ACL</button> <fieldset> <legend>Access Control List Options</legend> <input type="hidden" name="access_id" id="access_id" value="'.$access['id'].'" /> @@ -349,7 +350,7 @@ { // check how many entries are depend on this ACL $stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(id) FROM ".ROSCMST_ENTRIES." WHERE access_id=:access_id"); - $stmt->bindParam('access_id',$_POST['access'],PDO::PARAM_INT); + $stmt->bindParam('access_id',$_REQUEST['access'],PDO::PARAM_INT); $stmt->execute(); $data_count = $stmt->fetchColumn();
@@ -360,8 +361,8 @@ else {
// ACL information - $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short, description, id FROM ".ROSCMST_ACCESS." WHERE id=:access_id"); - $stmt->bindParam('access_id',$_POST['access'],PDO::PARAM_INT); + $stmt=&DBConnection::getInstance()->prepare("SELECT name, description, id FROM ".ROSCMST_ACCESS." WHERE id=:access_id"); + $stmt->bindParam('access_id',$_REQUEST['access'],PDO::PARAM_INT); $stmt->execute(); $access = $stmt->fetchOnce(PDO::FETCH_ASSOC);
@@ -371,7 +372,7 @@ <input type="hidden" name="access_id" id="access_id" value="'.$access['id'].'" />
Do you really want to delete the access "<span title="'.$access['description'].'">'.$access['name'].'</span>" ? - <button style="color: red;" onclick="'."submitDelete('acl')".'" name="uaq" value="yes">Yes, Delete it.</button> + <button style="color: red;" onclick="'."submitAccessDelete()".'" name="uaq" value="yes">Yes, Delete it.</button> <button style="color: green;" name="uaq" value="no">No</button> </div> </form>');
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_Groups.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_Groups.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_Groups.class.php [iso-8859-1] Sun Mar 1 02:47:12 2009 @@ -275,6 +275,7 @@ echo_strip(' <h2>Edit Group</h2> <form onsubmit="return false;"> + <button onclick="'."deleteGroup(".$group['id'].")".'">show Delete Group</button> <fieldset> <legend>Group Data</legend> <input type="hidden" name="group_id" id="group_id" value="'.$group['id'].'" /> @@ -451,7 +452,7 @@ { // get Group information $stmt=&DBConnection::getInstance()->prepare("SELECT name, description, id FROM ".ROSCMST_GROUPS." WHERE id=:group_id"); - $stmt->bindParam('group_id',$_POST['group'],PDO::PARAM_INT); + $stmt->bindParam('group_id',$_GET['group'],PDO::PARAM_INT); $stmt->execute(); $group = $stmt->fetchOnce(PDO::FETCH_ASSOC);
@@ -461,7 +462,7 @@ <input type="hidden" name="group_id" id="group_id" value="'.$group['id'].'" />
Do you really want to delete the Group "<span title="'.$group['description'].'">'.$group['name'].'</span>" ? - <button style="color: red;" onclick="'."submitDelete('group')".'" name="uaq" value="yes">Yes, Delete it.</button> + <button style="color: red;" onclick="'."submitGroupDelete()".'" name="uaq" value="yes">Yes, Delete it.</button> <button style="color: green;" name="uaq" value="no">No</button> </div> </form>'); @@ -480,7 +481,7 @@
// delete group $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_GROUPS." WHERE id=:group_id"); - $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); + $stmt->bindParam('group_id',$_REQUEST['group_id'],PDO::PARAM_INT); $success = $success && $stmt->execute();
// delete connections @@ -488,17 +489,17 @@
// delete ACL connections $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_ACL." WHERE group_id=:group_id"); - $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); + $stmt->bindParam('group_id',$_REQUEST['group_id'],PDO::PARAM_INT); $success = $success && $stmt->execute();
// delete APL connections $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_AREA_ACCESS." WHERE group_id=:group_id"); - $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); + $stmt->bindParam('group_id',$_REQUEST['group_id'],PDO::PARAM_INT); $success = $success && $stmt->execute();
// delete memberships $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_MEMBERSHIPS." WHERE group_id=:group_id"); - $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); + $stmt->bindParam('group_id',$_REQUEST['group_id'],PDO::PARAM_INT); $success = $success && $stmt->execute(); }
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php [iso-8859-1] Sun Mar 1 02:47:12 2009 @@ -218,19 +218,17 @@ $content = $revision['content'];
// replace dependencies - $stmt_more=&DBConnection::getInstance()->prepare("SELECT d.id, d.type, d.name FROM ".ROSCMST_DEPENDENCIES." w JOIN ".ROSCMST_ENTRIES." d ON w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS TRUE"); + $stmt_more=&DBConnection::getInstance()->prepare("SELECT d.id, d.type, d.name FROM ".ROSCMST_DEPENDENCIES." w JOIN ".ROSCMST_ENTRIES." d ON w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS TRUE AND d.type != 'script'"); $stmt_more->bindParam('rev_id',$revision['id'],PDO::PARAM_INT); $stmt_more->execute(); while ($dependency = $stmt_more->fetch(PDO::FETCH_ASSOC)) {
// replace - if ($dependency['type'] != 'script') { - $content = str_replace('[#'.$this->short[$dependency['type']].'_'.$dependency['name'].']', $this->getCached(array(null, $this->short[$dependency['type']].'_'.$dependency['name'])), $content); - } + $content = str_replace('[#'.$this->short[$dependency['type']].'_'.$dependency['name'].']', $this->getCached(array(null, $this->short[$dependency['type']].'_'.$dependency['name'])), $content); } // end foreach
// execute scripts - $content = preg_replace_callback('/[#inc_([^][#[:space:]]+)]/', array($this,'evalScript'),$content); + $content = preg_replace_callback('/[#inc_([a-zA-Z0-9_]+)]/', array($this,'evalScript'),$content);
// replace roscms vars $content = $this->replaceRoscmsPlaceholder($content); @@ -435,7 +433,7 @@ $stmt->execute();
// prepare for usage in loop - $stmt_more=&DBConnection::getInstance()->prepare("SELECT w.child_id, d.type, d.name FROM ".ROSCMST_DEPENDENCIES." w JOIN ".ROSCMST_ENTRIES." d ON w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS TRUE"); + $stmt_more=&DBConnection::getInstance()->prepare("SELECT w.child_id, d.type, d.name FROM ".ROSCMST_DEPENDENCIES." w JOIN ".ROSCMST_ENTRIES." d ON w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS TRUE AND d.type != 'script'");
while ($data = $stmt->fetch(PDO::FETCH_ASSOC)) {
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/om/Login.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/om/Login.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/om/Login.class.php [iso-8859-1] Sun Mar 1 02:47:12 2009 @@ -83,8 +83,8 @@ $stmt=&DBConnection::getInstance()->prepare("SELECT s.user_id, s.expires FROM ".ROSCMST_SESSIONS." s JOIN ".ROSCMST_USERS." u ON u.id = s.user_id WHERE s.id = :session_id AND (u.match_ip IS FALSE OR s.ip=:ip ) AND (u.match_browseragent IS FALSE OR s.browseragent = :agent) AND u.disabled IS FALSE LIMIT 1"); } else{ - $stmt=&DBConnection::getInstance()->prepare("SELECT m.user_id, s.expires FROM ".ROSCMST_SESSIONS." s JOIN ".ROSCMST_USERS." u ON u.id = s.user_id JOIN ".ROSCMST_SUBSYS." m ON m.user_id = s.user_id WHERE s.id = :session_id AND (u.match_ip IS FALSE OR s.ip = :ip) AND (u.match_browseragent IS FALSE OR s.browseragent = :agent) AND m.subsys = :subsys AND u.disabled IS FALSE LIMIT 1"); - $stmt->bindParam('subsys',$subsys,PDO::PARAM_STR); + $stmt=&DBConnection::getInstance()->prepare("SELECT m.subsys_user_id AS user_id, s.expires FROM ".ROSCMST_SESSIONS." s JOIN ".ROSCMST_USERS." u ON u.id = s.user_id JOIN ".ROSCMST_SUBSYS." m ON m.user_id = s.user_id WHERE s.id = :session_id AND (u.match_ip IS FALSE OR s.ip = :ip) AND (u.match_browseragent IS FALSE OR s.browseragent = :agent) AND m.subsys = :subsys AND u.disabled IS FALSE LIMIT 1"); + $stmt->bindParam('subsys',$subsys,PDO::PARAM_STR); } $stmt->bindParam('session_id',$session_id,PDO::PARAM_INT); $stmt->bindParam('ip',$remote_addr,PDO::PARAM_STR);
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_User_Login.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_User_Login.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_User_Login.class.php [iso-8859-1] Sun Mar 1 02:47:12 2009 @@ -99,7 +99,7 @@ } else { $this->loginPage('You have specified an incorrect username.'); - exit; + return false; }
// Check password. It should only contain printable ASCII chars @@ -108,7 +108,7 @@ } else { $this->loginPage('You have specified an invalid password.'); - exit; + return false; }
// get user data @@ -128,14 +128,14 @@ }
if ($a_password != $user['password']) { - $this->loginPage("You have specified an incorrect or inactive username, or an invalid password."); - exit; + $this->loginPage('You have specified an incorrect or inactive username, or an invalid password.'); + return false; }
// if the account is NOT enabled; e.g. a reason could be that a member of the admin group has disabled this account because of spamming, etc. if ($user['disabled'] == true) { $this->loginPage('Account is not activated or disabled!<br /><br />Check your email inbox (and spam folder), maybe you have overseen the activation information.'); - exit; + return false; }
// if the user account setting is "multisession" (a by user setting), it is set to "false" by default
-
dgoette@svn.reactos.org