plugins/SpecialUserFuncs.php
author Dan
Wed, 09 Apr 2008 22:45:51 -0400
changeset 528 43535769970b
parent 525 3f2dfdb99be4
child 536 218a627eb53e
permissions -rw-r--r--
Fixed some bad language string references in plugin management API
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     1
<?php
519
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     2
/**!info**
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     3
{
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     4
  "Plugin Name"  : "plugin_specialuserfuncs_title",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     5
  "Plugin URI"   : "http://enanocms.org/",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     6
  "Description"  : "plugin_specialuserfuncs_desc",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     7
  "Author"       : "Dan Fuhry",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     8
  "Version"      : "1.1.3",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     9
  "Author URI"   : "http://enanocms.org/"
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
    10
}
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
    11
**!*/
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    12
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    13
/*
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    14
 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
504
bc8e0e9ee01d Added support for embedding language data into plugins; updated all version numbers on plugin files
Dan
parents: 472
diff changeset
    15
 * Version 1.1.3 (Caoineag alpha 3)
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    16
 * Copyright (C) 2006-2007 Dan Fuhry
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    17
 *
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    18
 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    19
 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    20
 *
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    21
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    22
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    23
 */
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    24
 
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    25
global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    26
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
    27
$plugins->attachHook('session_started', '
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    28
  global $paths;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    29
    $paths->add_page(Array(
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
    30
      \'name\'=>\'specialpage_log_in\',
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    31
      \'urlname\'=>\'Login\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    32
      \'namespace\'=>\'Special\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    33
      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    34
      ));
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    35
    $paths->add_page(Array(
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
    36
      \'name\'=>\'specialpage_log_out\',
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    37
      \'urlname\'=>\'Logout\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    38
      \'namespace\'=>\'Special\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    39
      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    40
      ));
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    41
    $paths->add_page(Array(
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
    42
      \'name\'=>\'specialpage_register\',
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    43
      \'urlname\'=>\'Register\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    44
      \'namespace\'=>\'Special\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    45
      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    46
      ));
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    47
    $paths->add_page(Array(
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
    48
      \'name\'=>\'specialpage_preferences\',
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    49
      \'urlname\'=>\'Preferences\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    50
      \'namespace\'=>\'Special\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    51
      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    52
      ));
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    53
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    54
    $paths->add_page(Array(
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
    55
      \'name\'=>\'specialpage_contributions\',
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    56
      \'urlname\'=>\'Contributions\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    57
      \'namespace\'=>\'Special\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    58
      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    59
      ));
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    60
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    61
    $paths->add_page(Array(
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
    62
      \'name\'=>\'specialpage_change_theme\',
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    63
      \'urlname\'=>\'ChangeStyle\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    64
      \'namespace\'=>\'Special\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    65
      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    66
      ));
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    67
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    68
    $paths->add_page(Array(
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
    69
      \'name\'=>\'specialpage_activate_account\',
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    70
      \'urlname\'=>\'ActivateAccount\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    71
      \'namespace\'=>\'Special\',
116
77c75179bb95 Made most special pages "visible"; fixup for non-existent special page redirect in paths.php; rewrote Special:AllPages to have pagination (WiP, Special:SpecialPages is possibly next, depending on whether paginate_array works or not)
Dan
parents: 115
diff changeset
    72
      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    73
      ));
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    74
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    75
    $paths->add_page(Array(
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
    76
      \'name\'=>\'specialpage_captcha\',
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    77
      \'urlname\'=>\'Captcha\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    78
      \'namespace\'=>\'Special\',
116
77c75179bb95 Made most special pages "visible"; fixup for non-existent special page redirect in paths.php; rewrote Special:AllPages to have pagination (WiP, Special:SpecialPages is possibly next, depending on whether paginate_array works or not)
Dan
parents: 115
diff changeset
    79
      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    80
      ));
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    81
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    82
    $paths->add_page(Array(
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
    83
      \'name\'=>\'specialpage_password_reset\',
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    84
      \'urlname\'=>\'PasswordReset\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    85
      \'namespace\'=>\'Special\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    86
      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    87
      ));
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
    88
    
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
    89
    $paths->add_page(Array(
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
    90
      \'name\'=>\'specialpage_member_list\',
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
    91
      \'urlname\'=>\'Memberlist\',
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
    92
      \'namespace\'=>\'Special\',
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
    93
      \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
    94
      ));
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
    95
      
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
    96
    $paths->add_page(Array(
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
    97
      \'name\'=>\'specialpage_language_export\',
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
    98
      \'urlname\'=>\'LangExportJSON\',
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
    99
      \'namespace\'=>\'Special\',
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   100
      \'special\'=>0,\'visible\'=>0,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   101
      ));
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   102
      
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   103
    ');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   104
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   105
// function names are IMPORTANT!!! The name pattern is: page_<namespace ID>_<page URLname, without namespace>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   106
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   107
$__login_status = '';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   108
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   109
function page_Special_Login()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   110
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   111
  global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   112
  global $__login_status;
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   113
  global $lang;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   114
  
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   115
  $pubkey = $session->rijndael_genkey();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   116
  $challenge = $session->dss_rand();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   117
  
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   118
  $locked_out = false;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   119
  // are we locked out?
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   120
  $threshold = ( $_ = getConfig('lockout_threshold') ) ? intval($_) : 5;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   121
  $duration  = ( $_ = getConfig('lockout_duration') ) ? intval($_) : 15;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   122
  // convert to minutes
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   123
  $duration  = $duration * 60;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   124
  $policy = ( $x = getConfig('lockout_policy') && in_array(getConfig('lockout_policy'), array('lockout', 'disable', 'captcha')) ) ? getConfig('lockout_policy') : 'lockout';
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   125
  if ( $policy != 'disable' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   126
  {
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   127
    $ipaddr = $db->escape($_SERVER['REMOTE_ADDR']);
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   128
    $timestamp_cutoff = time() - $duration;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   129
    $q = $session->sql('SELECT timestamp FROM '.table_prefix.'lockout WHERE timestamp > ' . $timestamp_cutoff . ' AND ipaddr = \'' . $ipaddr . '\' ORDER BY timestamp DESC;');
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   130
    $fails = $db->numrows();
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   131
    if ( $fails >= $threshold )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   132
    {
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   133
      $row = $db->fetchrow();
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   134
      $locked_out = true;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   135
      $lockdata = array(
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   136
          'locked_out' => true,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   137
          'lockout_threshold' => $threshold,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   138
          'lockout_duration' => ( $duration / 60 ),
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   139
          'lockout_fails' => $fails,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   140
          'lockout_policy' => $policy,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   141
          'lockout_last_time' => $row['timestamp'],
182
c69730750be3 Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues
Dan
parents: 179
diff changeset
   142
          'time_rem' => ( $duration / 60 ) - round( ( time() - $row['timestamp'] ) / 60 ),
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   143
          'captcha' => ''
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   144
        );
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   145
      if ( $policy == 'captcha' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   146
      {
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   147
        $lockdata['captcha'] = $session->make_captcha();
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   148
      }
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   149
    }
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   150
    $db->free_result();
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   151
  }
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   152
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   153
  if ( isset($_GET['act']) && $_GET['act'] == 'getkey' )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   154
  {
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   155
    header('Content-type: text/javascript');
60
71b50f8c8f85 Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
parents: 57
diff changeset
   156
    $username = ( $session->user_logged_in ) ? $session->username : false;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   157
    $response = Array(
60
71b50f8c8f85 Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
parents: 57
diff changeset
   158
      'username' => $username,
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   159
      'key' => $pubkey,
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   160
      'challenge' => $challenge,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   161
      'locked_out' => false
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   162
      );
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   163
    
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   164
    if ( $locked_out )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   165
    {
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   166
      foreach ( $lockdata as $x => $y )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   167
      {
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   168
        $response[$x] = $y;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   169
      }
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   170
      unset($x, $y);
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   171
    }
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   172
    
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   173
    // 1.1.3: generate diffie hellman key
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   174
    require_once( ENANO_ROOT . '/includes/diffiehellman.php' );
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   175
    global $dh_supported, $_math;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   176
    
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   177
    $response['dh_supported'] = $dh_supported;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   178
    if ( $dh_supported )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   179
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   180
      $dh_key_priv = dh_gen_private();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   181
      $dh_key_pub = dh_gen_public($dh_key_priv);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   182
      $dh_key_priv = $_math->str($dh_key_priv);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   183
      $dh_key_pub = $_math->str($dh_key_pub);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   184
      $response['dh_public_key'] = $dh_key_pub;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   185
      // store the keys in the DB
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   186
      $q = $db->sql_query('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );");
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   187
      if ( !$q )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   188
        $db->die_json();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   189
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   190
    
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
   191
    $response = enano_json_encode($response);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   192
    echo $response;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   193
    return null;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   194
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   195
  
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   196
  $level = ( isset($_GET['level']) && in_array($_GET['level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) ) ? intval($_GET['level']) : USER_LEVEL_MEMBER;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   197
  if ( isset($_POST['login']) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   198
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   199
    if ( in_array($_POST['auth_level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   200
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   201
      $level = intval($_POST['auth_level']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   202
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   203
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   204
  
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   205
  if ( $level > USER_LEVEL_MEMBER && !$session->user_logged_in )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   206
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   207
    $level = USER_LEVEL_MEMBER;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   208
  }
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   209
  if ( $level <= USER_LEVEL_MEMBER && $session->user_logged_in )
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   210
    $paths->main_page();
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   211
  $template->header();
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   212
  echo '<form action="'.makeUrl($paths->nslist['Special'].'Login').'" method="post" name="loginform" onsubmit="try{runEncryption();}catch(e){};">';
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   213
  $header = ( $level > USER_LEVEL_MEMBER ) ? $lang->get('user_login_message_short_elev') : $lang->get('user_login_message_short');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   214
  if ( isset($_POST['login']) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   215
  {
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   216
    $errstring = $__login_status['error'];
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   217
    switch($__login_status['error'])
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   218
    {
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   219
      case 'key_not_found':
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   220
        $errstring = $lang->get('user_err_key_not_found');
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   221
        break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   222
      case 'key_wrong_length':
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   223
        $errstring = $lang->get('user_err_key_wrong_length');
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   224
        break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   225
      case 'too_big_for_britches':
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   226
        $errstring = $lang->get('user_err_too_big_for_britches');
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   227
        break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   228
      case 'invalid_credentials':
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   229
        $errstring = $lang->get('user_err_invalid_credentials');
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   230
        if ( $__login_status['lockout_policy'] == 'lockout' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   231
        {
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   232
          $errstring .= $lang->get('err_invalid_credentials_lockout', array('fails' => $__login_status['lockout_fails']));
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   233
        }
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   234
        else if ( $__login_status['lockout_policy'] == 'captcha' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   235
        {
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   236
          $errstring .= $lang->get('user_err_invalid_credentials_lockout_captcha', array('fails' => $__login_status['lockout_fails']));
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   237
        }
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   238
        break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   239
      case 'backend_fail':
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   240
        $errstring = $lang->get('user_err_backend_fail');
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   241
        break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   242
      case 'locked_out':
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   243
        $attempts = intval($__login_status['lockout_fails']);
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   244
        if ( $attempts > $__login_status['lockout_threshold'])
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   245
          $attempts = $__login_status['lockout_threshold'];
182
c69730750be3 Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues
Dan
parents: 179
diff changeset
   246
        
c69730750be3 Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues
Dan
parents: 179
diff changeset
   247
        $server_time = time();
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   248
        $time_rem = ( $__login_status['lockout_last_time'] == time() ) ? $__login_status['lockout_duration'] : $__login_status['lockout_duration'] - round( ( $server_time - $__login_status['lockout_last_time'] ) / 60 );
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   249
        if ( $time_rem < 1 )
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   250
          $time_rem = $__login_status['lockout_duration'];
182
c69730750be3 Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues
Dan
parents: 179
diff changeset
   251
        
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   252
        $s = ( $time_rem == 1 ) ? '' : $lang->get('meta_plural');
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   253
        
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   254
        $captcha_string = ( $__login_status['lockout_policy'] == 'captcha' ) ? $lang->get('user_err_locked_out_captcha_blurb') : '';
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   255
        $errstring = $lang->get('user_err_locked_out', array('plural' => $s, 'captcha_blurb' => $captcha_string, 'time_rem' => $time_rem));
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   256
        
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   257
        break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   258
    }
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   259
    echo '<div class="error-box-mini">'.$errstring.'</div>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   260
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   261
  if ( $p = $paths->getAllParams() )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   262
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   263
    echo '<input type="hidden" name="return_to" value="'.$p.'" />';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   264
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   265
  else if ( isset($_POST['login']) && isset($_POST['return_to']) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   266
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   267
    echo '<input type="hidden" name="return_to" value="'.htmlspecialchars($_POST['return_to']).'" />';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   268
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   269
  ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   270
    <div class="tblholder">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   271
      <table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   272
        <tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   273
          <th colspan="3"><?php echo $header; ?></th>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   274
        </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   275
        <tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   276
          <td colspan="3" class="row1">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   277
            <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   278
            if ( $level <= USER_LEVEL_MEMBER )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   279
            {
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   280
              echo '<p>' . $lang->get('user_login_body', array('reg_link' => makeUrlNS('Special', 'Register'))) . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   281
            }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   282
            else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   283
            {
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   284
              echo '<p>' . $lang->get('user_login_body_elev') . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   285
            }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   286
            ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   287
          </td>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   288
        </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   289
        <tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   290
          <td class="row2">
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   291
            <?php echo $lang->get('user_login_field_username'); ?>:
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   292
          </td>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   293
          <td class="row1">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   294
            <input name="username" size="25" type="text" <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   295
              if ( $level <= USER_LEVEL_MEMBER )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   296
              {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   297
                echo 'tabindex="1" ';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   298
              }
32
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   299
              else
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   300
              {
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   301
                echo 'tabindex="3" ';
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   302
              }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   303
              if ( $session->user_logged_in )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   304
              {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   305
                echo 'value="' . $session->username . '"';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   306
              }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   307
              ?> />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   308
          </td>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   309
          <?php if ( $level <= USER_LEVEL_MEMBER ) { ?>
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   310
          <td rowspan="<?php echo ( ( $locked_out && $lockdata['lockout_policy'] == 'captcha' ) ) ? '4' : '2'; ?>" class="row3">
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   311
            <small><?php echo $lang->get('user_login_forgotpass_blurb', array('forgotpass_link' => makeUrlNS('Special', 'PasswordReset'))); ?><br />
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   312
            <?php echo $lang->get('user_login_createaccount_blurb', array('reg_link' => makeUrlNS('Special', 'Register'))); ?></small>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   313
          </td>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   314
          <?php } ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   315
        </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   316
        <tr>
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   317
          <td class="row2">
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   318
            <?php echo $lang->get('user_login_field_password'); ?>:
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   319
          </td><td class="row1"><input name="pass" size="25" type="password" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '2' : '1'; ?>" /></td>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   320
         </tr>
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   321
         <?php
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   322
         if ( $locked_out && $lockdata['lockout_policy'] == 'captcha' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   323
         {
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   324
           ?>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   325
           <tr>
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   326
             <td class="row2" rowspan="2"><?php echo $lang->get('user_login_field_captcha'); ?>:<br /></td><td class="row1"><input type="hidden" name="captcha_hash" value="<?php echo $lockdata['captcha']; ?>" /><input name="captcha_code" size="25" type="text" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '4'; ?>" /></td>
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   327
           </tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   328
           <tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   329
             <td class="row3">
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   330
               <img src="<?php echo makeUrlNS('Special', 'Captcha/' . $lockdata['captcha']) ?>" onclick="this.src=this.src+'/a';" style="cursor: pointer;" />
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   331
             </td>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   332
           </tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   333
           <?php
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   334
         }
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   335
         ?>
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   336
         <?php
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   337
         if ( $level <= USER_LEVEL_MEMBER && ( !isset($_GET['use_crypt']) || ( isset($_GET['use_crypt']) && $_GET['use_crypt']!='0' ) ) )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   338
         {
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   339
           echo '<tr>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   340
             <td class="row3" colspan="3">';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   341
             
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   342
           $returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : '';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   343
           $nocrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=0", true);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   344
           echo '<p><b>' . $lang->get('user_login_nocrypt_title') . '</b> ' . $lang->get('user_login_nocrypt_body', array('nocrypt_link' => $nocrypt_link)) . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   345
           echo '<p>' . $lang->get('user_login_nocrypt_countrylist') . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   346
           
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   347
           echo '  </td>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   348
           </tr>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   349
         }
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   350
         else if ( $level <= USER_LEVEL_MEMBER && ( isset($_GET['use_crypt']) && $_GET['use_crypt']=='0' ) )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   351
         {
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   352
           echo '<tr>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   353
             <td class="row3" colspan="3">';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   354
             
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   355
           $returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : '';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   356
           $usecrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=1", true);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   357
           echo '<p><b>' . $lang->get('user_login_usecrypt_title') . '</b> ' . $lang->get('user_login_usecrypt_body', array('usecrypt_link' => $usecrypt_link)) . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   358
           echo '<p>' . $lang->get('user_login_usecrypt_countrylist') . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   359
           
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   360
           echo '  </td>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   361
           </tr>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   362
         }
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   363
         ?>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   364
         
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   365
         <tr>
32
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   366
           <th colspan="3" style="text-align: center" class="subhead"><input type="submit" name="login" value="Log in" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '2'; ?>" /></th>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   367
         </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   368
      </table>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   369
    </div>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   370
      <input type="hidden" name="challenge_data" value="<?php echo $challenge; ?>" />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   371
      <input type="hidden" name="use_crypt" value="no" />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   372
      <input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   373
      <input type="hidden" name="crypt_data" value="" />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   374
      <input type="hidden" name="auth_level" value="<?php echo (string)$level; ?>" />
32
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   375
      <?php if ( $level <= USER_LEVEL_MEMBER ): ?>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   376
      <script type="text/javascript">
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   377
        document.forms.loginform.username.focus();
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   378
      </script>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   379
      <?php else: ?>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   380
      <script type="text/javascript">
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   381
        document.forms.loginform.pass.focus();
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   382
      </script>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   383
      <?php endif; ?>
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   384
      <?php
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   385
      // 1.1.4
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   386
      
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   387
      require_once( ENANO_ROOT . '/includes/diffiehellman.php' );
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   388
      
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   389
      global $dh_supported, $_math;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   390
      if ( $dh_supported )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   391
      {
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   392
        $dh_key_priv = dh_gen_private();
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   393
        $dh_key_pub = dh_gen_public($dh_key_priv);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   394
        $dh_key_priv = $_math->str($dh_key_priv);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   395
        $dh_key_pub = $_math->str($dh_key_pub);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   396
        // store the keys in the DB
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   397
        $q = $db->sql_query('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );");
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   398
        if ( !$q )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   399
          $db->_die();
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   400
        
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   401
        echo "<input type=\"hidden\" name=\"dh_supported\" value=\"true\" />
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   402
              <input type=\"hidden\" name=\"dh_public_key\" value=\"$dh_key_pub\" />
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   403
              <input type=\"hidden\" name=\"dh_client_public_key\" value=\"\" />";
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   404
      }
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   405
      else
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   406
      {
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   407
        echo "<input type=\"hidden\" name=\"dh_supported\" value=\"false\" />";
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   408
      }
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   409
      ?>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   410
    </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   411
    <?php
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   412
      echo $session->aes_javascript('loginform', 'pass', 'use_crypt', 'crypt_key', 'crypt_data', 'challenge_data', 'dh_supported', 'dh_public_key', 'dh_client_public_key');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   413
    ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   414
  <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   415
  $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   416
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   417
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   418
function page_Special_Login_preloader() // adding _preloader to the end of the function name calls the function before $session and $paths setup routines are called
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   419
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   420
  global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   421
  global $__login_status;
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   422
  global $lang;
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   423
  if ( $paths->getParam(0) === 'action.json' )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   424
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   425
    if ( !isset($_POST['r']) )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   426
      die('No request.');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   427
    
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   428
    $request = $_POST['r'];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   429
    try
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   430
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   431
      $request = enano_json_decode($request);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   432
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   433
    catch ( Exception $e )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   434
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   435
      die(enano_json_encode(array(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   436
          'mode' => 'error',
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   437
          'error' => 'ERR_JSON_PARSE_FAILED'
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   438
        )));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   439
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   440
    
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   441
    echo enano_json_encode($session->process_login_request($request));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   442
    
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   443
    $db->close();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   444
    exit;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   445
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   446
  if ( isset($_GET['act']) && $_GET['act'] == 'ajaxlogin' )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   447
  {
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   448
    die('This version of the Enano LoginAPI is deprecated. Please use the action.json method instead.');
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   449
    $db->close();
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   450
    exit;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   451
  }
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   452
  if(isset($_POST['login']))
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   453
  {
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   454
    $captcha_hash = ( isset($_POST['captcha_hash']) ) ? $_POST['captcha_hash'] : false;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   455
    $captcha_code = ( isset($_POST['captcha_code']) ) ? $_POST['captcha_code'] : false;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   456
    if ( $_POST['use_crypt'] == 'yes' )
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   457
    {
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   458
      $result = $session->login_with_crypto($_POST['username'], $_POST['crypt_data'], $_POST['crypt_key'], $_POST['challenge_data'], intval($_POST['auth_level']), $captcha_hash, $captcha_code);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   459
    }
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   460
    else if ( $_POST['use_crypt'] == 'yes_dh' )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   461
    {
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   462
      // retrieve and decrypt the password using DiffieHellman
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   463
      
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   464
      require_once( ENANO_ROOT . '/includes/diffiehellman.php' );
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   465
      global $dh_supported, $_math;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   466
      
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   467
      if ( !$dh_supported )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   468
      {
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   469
        die_semicritical('DiffieHellman error', 'Server does not support DiffieHellman, denying logon request');
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   470
      }
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   471
      
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   472
      // Fetch private key
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   473
      $dh_public = $_POST['dh_public_key'];
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   474
      if ( !preg_match('/^[0-9]+$/', $dh_public) )
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   475
      {
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   476
        die_semicritical('DiffieHellman error', 'Public key not integer: ' . $dh_public);
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   477
      }
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   478
      $q = $db->sql_query('SELECT private_key, key_id FROM ' . table_prefix . "diffiehellman WHERE public_key = '$dh_public';");
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   479
      if ( !$q )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   480
        $db->die_json();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   481
      
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   482
      if ( $db->numrows() < 1 )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   483
      {
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   484
        die_semicritical('DiffieHellman error', 'ERR_DH_KEY_NOT_FOUND');
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   485
      }
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   486
      
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   487
      list($dh_private, $dh_key_id) = $db->fetchrow_num();
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   488
      $db->free_result();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   489
      
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   490
      // We have the private key, now delete the key pair, we no longer need it
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   491
      $q = $db->sql_query('DELETE FROM ' . table_prefix . "diffiehellman WHERE key_id = $dh_key_id;");
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   492
      if ( !$q )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   493
        $db->die_json();
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   494
      
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   495
      // Generate the shared secret
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   496
      $dh_secret = dh_gen_shared_secret($dh_private, $_POST['dh_client_public_key']);
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   497
      $dh_secret = $_math->str($dh_secret);
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   498
      
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   499
      // Did we get all our math right?
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   500
      $dh_secret_check = sha1($dh_secret);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   501
      $dh_hash = $_POST['crypt_key'];
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   502
      if ( $dh_secret_check !== $dh_hash )
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   503
      {
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   504
        die_semicritical('DiffieHellman error', 'ERR_DH_HASH_NO_MATCH');
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   505
      }
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   506
      
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   507
      // All good! Generate the AES key
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   508
      $aes_key = substr(sha256($dh_secret), 0, ( AES_BITS / 4 ));
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   509
      
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   510
      // decrypt user info
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   511
      $aes_key = hexdecode($aes_key);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   512
      $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   513
      $password = $aes->decrypt($_POST['crypt_data'], $aes_key, ENC_HEX);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   514
      
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   515
      $result = $session->login_without_crypto($_POST['username'], $password, false, intval($_POST['auth_level']), $captcha_hash, $captcha_code);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   516
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   517
    else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   518
    {
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   519
      $result = $session->login_without_crypto($_POST['username'], $_POST['pass'], false, intval($_POST['auth_level']), $captcha_hash, $captcha_code);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   520
    }
372
5bd429428101 A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
parents: 371
diff changeset
   521
   
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   522
    if($result['success'])
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   523
    {
372
5bd429428101 A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
parents: 371
diff changeset
   524
      $session->start();
5bd429428101 A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
parents: 371
diff changeset
   525
      
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   526
      $template->load_theme($session->theme, $session->style);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   527
      if(isset($_POST['return_to']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   528
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   529
        $name = ( isset($paths->pages[$_POST['return_to']]['name']) ) ? $paths->pages[$_POST['return_to']]['name'] : $_POST['return_to'];
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   530
        $subst = array(
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   531
            'username' => $session->username,
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   532
            'redir_target' => $name
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   533
          );
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   534
        redirect( makeUrl($_POST['return_to'], false, true), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) );
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   535
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   536
      else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   537
      {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   538
        $subst = array(
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   539
            'username' => $session->username,
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   540
            'redir_target' => $lang->get('user_login_success_body_mainpage')
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   541
          );
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   542
        redirect( makeUrl(getConfig('main_page'), false, true), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) );
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   543
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   544
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   545
    else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   546
    {
521
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents: 517
diff changeset
   547
      if ( $result['error'] === 'valid_reset' )
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents: 517
diff changeset
   548
      {
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents: 517
diff changeset
   549
        header('HTTP/1.1 302 Temporary Redirect');
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents: 517
diff changeset
   550
        header('Location: ' . $result['redirect_url']);
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents: 517
diff changeset
   551
        
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents: 517
diff changeset
   552
        $db->close();
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents: 517
diff changeset
   553
        exit();
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents: 517
diff changeset
   554
      }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   555
      $GLOBALS['__login_status'] = $result;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   556
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   557
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   558
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   559
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   560
function SpecialLogin_SendResponse_PasswordReset($user_id, $passkey)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   561
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   562
  
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   563
  $response = Array(
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   564
      'result' => 'success_reset',
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   565
      'user_id' => $user_id,
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   566
      'temppass' => $passkey
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   567
    );
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   568
  
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
   569
  $response = enano_json_encode($response);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   570
  echo $response;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   571
  
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   572
  $db->close();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   573
  
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   574
  exit;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   575
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   576
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   577
function page_Special_Logout() {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   578
  global $db, $session, $paths, $template, $plugins; // Common objects
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   579
  global $lang;
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   580
  if ( !$session->user_logged_in )
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   581
    $paths->main_page();
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   582
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   583
  $l = $session->logout();
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   584
  if ( $l == 'success' )
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   585
  {
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   586
    $url = makeUrl(getConfig('main_page'), false, true);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   587
    if ( $pi = $paths->getAllParams() )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   588
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   589
      list($pid, $ns) = RenderMan::strToPageID($pi);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   590
      $perms = $session->fetch_page_acl($pid, $ns);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   591
      if ( $perms->get_permissions('read') )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   592
      {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   593
        $url = makeUrl($pi, false, true);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   594
      }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   595
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   596
    redirect($url, $lang->get('user_logout_success_title'), $lang->get('user_logout_success_body'), 4);
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   597
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   598
  $template->header();
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   599
  echo '<h3>' . $lang->get('user_logout_err_title') . '</h3>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   600
  echo '<p>' . $l . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   601
  $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   602
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   603
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   604
function page_Special_Register()
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   605
{
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   606
  global $db, $session, $paths, $template, $plugins; // Common objects
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   607
  global $lang;
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   608
  
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   609
  // form field trackers
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   610
  $username = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   611
  $email = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   612
  $realname = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   613
  
348
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   614
  $terms = getConfig('register_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   615
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   616
  if(getConfig('account_activation') == 'disable' && ( ( $session->user_level >= USER_LEVEL_ADMIN && !isset($_GET['IWannaPlayToo']) ) || $session->user_level < USER_LEVEL_ADMIN || !$session->user_logged_in ))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   617
  {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   618
    $s = ($session->user_level >= USER_LEVEL_ADMIN) ? '<p>' . $lang->get('user_reg_err_disabled_body_adminblurb', array( 'reg_link' => makeUrl($paths->page, 'IWannaPlayToo&coppa=no', true) )) . '</p>' : '';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   619
    die_friendly($lang->get('user_reg_err_disabled_title'), '<p>' . $lang->get('user_reg_err_disabled_body') . '</p>' . $s);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   620
  }
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   621
  if ( $session->user_level < USER_LEVEL_ADMIN && $session->user_logged_in )
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   622
  {
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   623
    $paths->main_page();
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   624
  }
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   625
  if(isset($_POST['submit'])) 
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   626
  {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   627
    $_GET['coppa'] = ( isset($_POST['coppa']) ) ? $_POST['coppa'] : 'x';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   628
    
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   629
    $captcharesult = $session->get_captcha($_POST['captchahash']);
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
   630
    $session->kill_captcha();
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
   631
    if ( strtolower($captcharesult) != strtolower($_POST['captchacode']) )
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   632
    {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   633
      $s = $lang->get('user_reg_err_captcha');
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   634
    }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   635
    else
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   636
    {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   637
      if ( getConfig('enable_coppa') == '1' && ( !isset($_POST['coppa']) || ( isset($_POST['coppa']) && !in_array($_POST['coppa'], array('yes', 'no')) ) ) )
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   638
      {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   639
        $s = 'Invalid COPPA input';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   640
      }
348
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   641
      else if ( !empty($terms) && !isset($_POST['tou_agreed']) )
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   642
      {
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   643
        $s = $lang->get('user_reg_err_accept_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   644
      }
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   645
      else
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   646
      {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   647
        $coppa = ( isset($_POST['coppa']) && $_POST['coppa'] == 'yes' );
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   648
        $s = false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   649
        
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   650
        // decrypt password
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   651
        // as with the change pass form, we aren't going to bother checking the confirmation code because if the passwords didn't match
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   652
        // and yet the password got encrypted, that means the user screwed with the code, and if the user screwed with the code and thus
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   653
        // forgot his password, that's his problem.
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   654
        
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   655
        if ( $_POST['use_crypt'] == 'yes' )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   656
        {
286
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 270
diff changeset
   657
          $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   658
          $crypt_key = $session->fetch_public_key($_POST['crypt_key']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   659
          if ( !$crypt_key )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   660
          {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   661
            $s = $lang->get('user_reg_err_missing_key');
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   662
          }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   663
          else
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   664
          {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   665
            $data = $_POST['crypt_data'];
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   666
            $bin_key = hexdecode($crypt_key);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   667
            //die("Decrypting with params: key $crypt_key, data $data");
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   668
            $password = $aes->decrypt($data, $bin_key, ENC_HEX);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   669
          }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   670
        }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   671
        else
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   672
        {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   673
          $password = $_POST['password'];
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   674
        }
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   675
        
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   676
        // CAPTCHA code was correct, create the account
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   677
        // ... and check for errors returned from the crypto API
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   678
        if ( !$s )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   679
          $s = $session->create_user($_POST['username'], $password, $_POST['email'], $_POST['real_name'], $coppa);
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   680
      }
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   681
    }
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   682
    if($s == 'success' && !$coppa)
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   683
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   684
      switch(getConfig('account_activation'))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   685
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   686
        case "none":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   687
        default:
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   688
          $str = $lang->get('user_reg_msg_success_activ_none', array('login_link' => makeUrlNS('Special', 'Login', false, true)));
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   689
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   690
        case "user":
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   691
          $str = $lang->get('user_reg_msg_success_activ_user');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   692
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   693
        case "admin":
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   694
          $str = $lang->get('user_reg_msg_success_activ_admin');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   695
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   696
      }
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   697
      die_friendly($lang->get('user_reg_msg_success_title'), '<p>' . $lang->get('user_reg_msg_success_body') . ' ' . $str . '</p>');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   698
    }
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   699
    else if ( $s == 'success' && $coppa )
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   700
    {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   701
      $str = $lang->get('user_reg_msg_success_activ_coppa');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   702
      die_friendly($lang->get('user_reg_msg_success_title'), '<p>' . $lang->get('user_reg_msg_success_body') . ' ' . $str . '</p>');
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   703
    }
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   704
    $username = htmlspecialchars($_POST['username']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   705
    $email    = htmlspecialchars($_POST['email']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   706
    $realname = htmlspecialchars($_POST['real_name']);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   707
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   708
  $template->header();
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   709
  echo $lang->get('user_reg_msg_greatercontrol');
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   710
  
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   711
  if ( getConfig('enable_coppa') != '1' || ( isset($_GET['coppa']) && in_array($_GET['coppa'], array('yes', 'no')) ) )
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   712
  {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   713
    $coppa = ( isset($_GET['coppa']) && $_GET['coppa'] == 'yes' );
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   714
    $session->kill_captcha();
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   715
    $captchacode = $session->make_captcha();
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   716
    
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   717
    $pubkey = $session->rijndael_genkey();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   718
    $challenge = $session->dss_rand();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   719
    
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   720
    ?>
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   721
      <h3><?php echo $lang->get('user_reg_msg_table_title'); ?></h3>
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   722
      <form name="regform" action="<?php echo makeUrl($paths->page); ?>" method="post" onsubmit="return runEncryption();">
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   723
        <div class="tblholder">
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   724
          <table border="0" width="100%" cellspacing="1" cellpadding="4">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   725
            <tr><th class="subhead" colspan="3"><?php echo $lang->get('user_reg_msg_table_subtitle'); ?></th></tr>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   726
            
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   727
            <?php if(isset($_POST['submit'])) echo '<tr><td colspan="3" class="row2" style="color: red;">'.$s.'</td></tr>'; ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   728
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   729
            <!-- FIELD: Username -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   730
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   731
              <td class="row1" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   732
                <?php echo $lang->get('user_reg_lbl_field_username'); ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   733
                <span id="e_username"></span>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   734
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   735
              <td class="row1" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   736
                <input tabindex="1" type="text" name="username" size="30" value="<?php echo $username; ?>" onkeyup="namegood = false; validateForm(this);" onblur="checkUsername();" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   737
              </td>
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   738
              <td class="row1" style="width: 1px;">
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   739
                <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_username" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   740
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   741
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   742
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   743
            <!-- FIELD: Password -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   744
            <tr>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   745
              <td class="row3" style="width: 50%;" rowspan="<?php echo ( getConfig('pw_strength_enable') == '1' ) ? '3' : '2'; ?>">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   746
                <?php echo $lang->get('user_reg_lbl_field_password'); ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   747
                <span id="e_password"></span>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   748
                <?php if ( getConfig('pw_strength_enable') == '1' && getConfig('pw_strength_minimum') > -10 ): ?>
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   749
                <small><?php echo $lang->get('user_reg_msg_password_score'); ?></small>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   750
                <?php endif; ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   751
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   752
              <td class="row3" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   753
                <input tabindex="2" type="password" name="password" size="15" onkeyup="<?php if ( getConfig('pw_strength_enable') == '1' ): ?>password_score_field(this); <?php endif; ?>validateForm(this);" /><?php if ( getConfig('pw_strength_enable') == '1' ): ?><span class="password-checker" style="font-weight: bold; color: #aaaaaa;"> Loading...</span><?php endif; ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   754
              </td>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   755
              <td rowspan="<?php echo ( getConfig('pw_strength_enable') == '1' ) ? '3' : '2'; ?>" class="row3" style="max-width: 24px;">
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   756
                <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_password" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   757
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   758
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   759
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   760
            <!-- FIELD: Password confirmation -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   761
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   762
              <td class="row3" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   763
                <input tabindex="3" type="password" name="password_confirm" size="15" onkeyup="validateForm(this);" /> <small><?php echo $lang->get('user_reg_lbl_field_password_confirm'); ?></small>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   764
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   765
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   766
            
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   767
            <!-- FIELD: Password strength meter -->
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   768
            
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   769
            <?php if ( getConfig('pw_strength_enable') == '1' ): ?>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   770
            <tr>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   771
              <td class="row3" style="width: 50%;">
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   772
                <div id="pwmeter"></div>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   773
              </td>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   774
            </tr>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   775
            <?php endif; ?>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   776
            
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   777
            <!-- FIELD: E-mail address -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   778
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   779
              <td class="row1" style="width: 50%;">
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   780
                <?php
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   781
                  if ( $coppa )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   782
                  {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   783
                    echo $lang->get('user_reg_lbl_field_email_coppa');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   784
                  }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   785
                  else
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   786
                  {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   787
                    echo $lang->get('user_reg_lbl_field_email');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   788
                  }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   789
                ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   790
                <?php
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   791
                  if ( ( $x = getConfig('account_activation') ) == 'user' )
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   792
                  {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   793
                    echo '<br /><small>' . $lang->get('user_reg_msg_email_activuser') . '</small>';
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   794
                  }
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   795
                ?>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   796
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   797
              <td class="row1" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   798
                <input tabindex="4" type="text" name="email" size="30" value="<?php echo $email; ?>" onkeyup="validateForm(this);" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   799
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   800
              <td class="row1" style="max-width: 24px;">
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   801
                <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_email" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   802
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   803
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   804
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   805
            <!-- FIELD: Real name -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   806
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   807
              <td class="row3" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   808
                <?php echo $lang->get('user_reg_lbl_field_realname'); ?><br />
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   809
                <small><?php echo $lang->get('user_reg_msg_realname_optional'); ?></small>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   810
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   811
              <td class="row3" style="width: 50%;">
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   812
                <input tabindex="5" type="text" name="real_name" size="30" value="<?php echo $realname; ?>" /></td><td class="row3" style="max-width: 24px;">
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   813
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   814
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   815
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   816
            <!-- FIELD: CAPTCHA image -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   817
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   818
              <td class="row1" style="width: 50%;" rowspan="2">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   819
                <?php echo $lang->get('user_reg_lbl_field_captcha'); ?><br />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   820
                <small>
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   821
                  <?php echo $lang->get('user_reg_msg_captcha_pleaseenter', array('regen_flags' => 'href="#" onclick="regenCaptcha(); return false;"')); ?><br />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   822
                  <br />
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   823
                  <?php echo $lang->get('user_reg_msg_captcha_blind'); ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   824
                </small>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   825
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   826
              <td colspan="2" class="row1">
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   827
                <img id="captchaimg" alt="CAPTCHA image" src="<?php echo makeUrlNS('Special', 'Captcha/'.$captchacode); ?>" />
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   828
                <span id="b_username"></span>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   829
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   830
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   831
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   832
            <!-- FIELD: CAPTCHA input field -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   833
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   834
              <td class="row1" colspan="2">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   835
                <?php echo $lang->get('user_reg_lbl_field_captcha_code'); ?>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   836
                <input tabindex="6" name="captchacode" type="text" size="10" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   837
                <input type="hidden" name="captchahash" value="<?php echo $captchacode; ?>" />
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   838
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   839
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   840
            
348
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   841
            <!-- FIELD: TOU -->
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   842
            
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   843
            <?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   844
            if ( !empty($terms) ):
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   845
            ?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   846
            
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   847
            <tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   848
              <td class="row1" colspan="3">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   849
                <?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   850
                echo $lang->get('user_reg_msg_please_read_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   851
                ?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   852
              </td>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   853
            </tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   854
            
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   855
            <tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   856
              <td class="row3" colspan="3">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   857
                <div style="border: 1px solid #000000; height: 75px; width: 60%; clip: rect(0px,auto,auto,0px); overflow: auto; background-color: #FFF; margin: 0 auto; padding: 4px;">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   858
                  <?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   859
                  echo RenderMan::render($terms);
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   860
                  ?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   861
                </div>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   862
                <p style="text-align: center;">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   863
                  <label>
371
dc6026376919 Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files
Dan
parents: 359
diff changeset
   864
                    <input tabindex="7" type="checkbox" name="tou_agreed" />
348
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   865
                    <b><?php echo $lang->get('user_reg_lbl_field_tou'); ?></b>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   866
                  </label>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   867
                </p>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   868
              </td>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   869
            </tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   870
            
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   871
            <?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   872
            endif;
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   873
            ?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   874
            
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   875
            <!-- FIELD: submit button -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   876
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   877
              <th class="subhead" colspan="3" style="text-align: center;">
371
dc6026376919 Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files
Dan
parents: 359
diff changeset
   878
                <input tabindex="8" type="submit" name="submit" value="<?php echo $lang->get('user_reg_btn_create_account'); ?>" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   879
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   880
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   881
            
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   882
          </table>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   883
        </div>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   884
        <?php
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   885
          $val = ( $coppa ) ? 'yes' : 'no';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   886
          echo '<input type="hidden" name="coppa" value="' . $val . '" />';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   887
        ?>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   888
        <input type="hidden" name="challenge_data" value="<?php echo $challenge; ?>" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   889
        <input type="hidden" name="use_crypt" value="no" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   890
        <input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   891
        <input type="hidden" name="crypt_data" value="" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   892
      <script type="text/javascript">
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   893
        // ENCRYPTION CODE
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   894
        disableJSONExts();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   895
        str = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   896
        for(i=0;i<keySizeInBits/4;i++) str+='0';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   897
        var key = hexToByteArray(str);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   898
        var pt = hexToByteArray(str);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   899
        var ct = rijndaelEncrypt(pt, key, "ECB");
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   900
        var ct = byteArrayToHex(ct);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   901
        switch(keySizeInBits)
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   902
        {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   903
          case 128:
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   904
            v = '66e94bd4ef8a2c3b884cfa59ca342b2e';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   905
            break;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   906
          case 192:
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   907
            v = 'aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   908
            break;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   909
          case 256:
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   910
            v = 'dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   911
            break;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   912
        }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   913
        var aes_testpassed = ( ct == v && md5_vm_test() );
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   914
        function runEncryption()
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   915
        {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   916
          var frm = document.forms.regform;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   917
          if ( frm.password.value.length < 1 )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   918
            return true;
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   919
          pass1 = frm.password.value;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   920
          pass2 = frm.password_confirm.value;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   921
          if ( pass1 != pass2 )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   922
          {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   923
            alert($lang.get('user_reg_err_alert_password_nomatch'));
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   924
            return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   925
          }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   926
          if ( pass1.length < 6 && pass1.length > 0 )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   927
          {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   928
            alert($lang.get('user_reg_err_alert_password_tooshort'));
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   929
            return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   930
          }
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   931
          if(aes_testpassed)
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   932
          {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   933
            frm.use_crypt.value = 'yes';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   934
            var cryptkey = frm.crypt_key.value;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   935
            frm.crypt_key.value = hex_md5(cryptkey);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   936
            cryptkey = hexToByteArray(cryptkey);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   937
            if(!cryptkey || ( ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   938
            {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   939
              frm.submit.disabled = true;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   940
              len = ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   941
              alert('The key is messed up\nType: '+typeof(cryptkey)+len);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   942
            }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   943
            pass = frm.password.value;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   944
            pass = stringToByteArray(pass);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   945
            cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB');
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   946
            if(!cryptstring)
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   947
            {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   948
              return false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   949
            }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   950
            cryptstring = byteArrayToHex(cryptstring);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   951
            frm.crypt_data.value = cryptstring;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   952
            frm.password.value = "";
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   953
            frm.password_confirm.value = "";
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   954
          }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   955
          return true;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   956
        }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   957
        </script>
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   958
      </form>
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   959
      <!-- Don't optimize this script, it fails when compressed -->
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   960
      <enano:no-opt>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   961
        <script type="text/javascript">
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   962
          // <![CDATA[
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   963
          var namegood = false;
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   964
          function validateForm(field)
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   965
          {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   966
            if ( typeof(field) != 'object' )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   967
            {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   968
              field = {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   969
                name: '_nil',
459
31c23016ab62 Upgraded tinyMCE to 3.0.1 in hopes of fixing IE race conditions. Fixed a couple minor syntax errors in Javascript objects declared in various places.
Dan
parents: 458
diff changeset
   970
                value: '_nil'
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   971
              }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   972
            }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   973
            // wait until $lang is initted
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   974
            if ( typeof($lang) != 'object' )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   975
            {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   976
              setTimeout('validateForm();', 200);
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   977
              return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   978
            }
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   979
            var frm = document.forms.regform;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   980
            failed = false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   981
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   982
            // Username
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   983
            if(!namegood && ( field.name == 'username' || field.name == '_nil' ) ) 
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   984
            {
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   985
              //if(frm.username.value.match(/^([A-z0-9 \!@\-\(\)]+){2,}$/ig))
270
5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Dan
parents: 263
diff changeset
   986
              var regex = new RegExp('^([^<>&\?]+){2,}$', 'ig');
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   987
              if ( frm.username.value.match(regex) )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   988
              {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   989
                document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkunk.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   990
                document.getElementById('e_username').innerHTML = '&nbsp;';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   991
              } else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   992
                failed = true;
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   993
                document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   994
                document.getElementById('e_username').innerHTML = '<br /><small>' + $lang.get('user_reg_err_username_invalid') + '</small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   995
              }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   996
            }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   997
            document.getElementById('b_username').innerHTML = '';
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   998
            if(hex_md5(frm.real_name.value) == '5a397df72678128cf0e8147a2befd5f1')
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   999
            {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1000
              document.getElementById('b_username').innerHTML = '<br /><br />Hey...I know you!<br /><img alt="" src="http://upload.wikimedia.org/wikipedia/commons/thumb/7/7f/Bill_Gates_2004_cr.jpg/220px-Bill_Gates_2004_cr.jpg" />';
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1001
            }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1002
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1003
            // Password
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1004
            if ( field.name == 'password' || field.name == 'password_confirm' || field.name == '_nil' )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1005
            {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1006
              if(frm.password.value.match(/^(.+){6,}$/ig) && frm.password_confirm.value.match(/^(.+){6,}$/ig) && frm.password.value == frm.password_confirm.value )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1007
              {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1008
                document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/check.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1009
                document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_err_password_good') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1010
              } else {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1011
                failed = true;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1012
                if(frm.password.value.length < 6)
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1013
                {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1014
                  document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_msg_password_length') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1015
                }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1016
                else if(frm.password.value != frm.password_confirm.value)
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1017
                {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1018
                  document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_msg_password_needmatch') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1019
                }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1020
                else
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1021
                {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1022
                  document.getElementById('e_password').innerHTML = '';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1023
                }
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1024
                document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/checkbad.png';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1025
              }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1026
            }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1027
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1028
            // E-mail address
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1029
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1030
            // workaround for idiot jEdit bug
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1031
            if ( validateEmail(frm.email.value) && ( field.name == 'email' || field.name == '_nil' ) )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1032
            {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1033
              document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/check.png';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1034
            } else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1035
              failed = true;
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1036
              document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/checkbad.png';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1037
            }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1038
            if(failed)
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1039
            {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1040
              frm.submit.disabled = 'disabled';
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1041
            } else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1042
              frm.submit.disabled = false;
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1043
            }
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1044
          }
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1045
          function checkUsername()
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1046
          {
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1047
            var frm = document.forms.regform;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1048
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1049
            if(!namegood)
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1050
            {
270
5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Dan
parents: 263
diff changeset
  1051
              var regex = new RegExp('^([^<>&\?]+){2,}$', 'ig');
5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Dan
parents: 263
diff changeset
  1052
              if ( frm.username.value.match(regex) )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1053
              {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1054
                document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkunk.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1055
                document.getElementById('e_username').innerHTML = '&nbsp;';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1056
              } else {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1057
                document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1058
                document.getElementById('e_username').innerHTML = '<br /><small>' + $lang.get('user_reg_err_username_invalid') + '</small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1059
                return false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1060
              }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1061
            }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1062
            
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1063
            document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_checking') + '</b></small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1064
            ajaxGet('<?php echo scriptPath; ?>/ajax.php?title=null&_mode=checkusername&name='+escape(frm.username.value), function() {
407
35d94240a197 Mass-fixed all AJAX functions to also check the HTTP status code before parsing the response
Dan
parents: 404
diff changeset
  1065
              if ( ajax.readyState == 4 && ajax.status == 200 )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1066
                if(ajax.responseText == 'good')
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1067
                {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1068
                  document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/check.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1069
                  document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_available') + '</b></small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1070
                  namegood = true;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1071
                } else if(ajax.responseText == 'bad') {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1072
                  document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1073
                  document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_unavailable') + '</b></small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1074
                  namegood = false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1075
                } else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1076
                  document.getElementById('e_username').innerHTML = ajax.responseText;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1077
                }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1078
            });
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1079
          }
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1080
          function regenCaptcha()
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1081
          {
448
f725a16e4a20 Fixed broken regenCaptcha() in Special:Register
Dan
parents: 324
diff changeset
  1082
            var frm = document.forms.regform;
517
c6118b9e13bd Fixed bad captcha refresh code on registration page
Dan
parents: 507
diff changeset
  1083
            document.getElementById('captchaimg').src = '<?php echo makeUrlNS("Special", "Captcha/$captchacode"); ?>/'+Math.floor(Math.random() * 100000);
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1084
            return false;
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1085
          }
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1086
          <?php if ( getConfig('pw_strength_enable') == '1' ): ?>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1087
          var frm = document.forms.regform;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1088
          password_score_field(frm.password);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1089
          <?php endif; ?>
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1090
          validateForm();
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1091
          setTimeout('checkUsername();', 1000);
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1092
          // ]]>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1093
        </script>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1094
      </enano:no-opt>
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1095
    <?php
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1096
  }
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1097
  else
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1098
  {
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1099
    $year = intval( enano_date('Y') );
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1100
    $year = $year - 13;
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1101
    $month = enano_date('F');
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1102
    $day = enano_date('d');
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1103
    
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1104
    $yo13_date = "$month $day, $year";
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1105
    $link_coppa_yes = makeUrlNS('Special', 'Register', 'coppa=yes', true);
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1106
    $link_coppa_no  = makeUrlNS('Special', 'Register', 'coppa=no',  true);
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1107
    
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1108
    // COPPA enabled, ask age
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1109
    echo '<div class="tblholder">';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1110
    echo '<table border="0" cellspacing="1" cellpadding="4">';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1111
    echo '<tr>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1112
            <td class="row1">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1113
              ' . $lang->get('user_reg_coppa_title') . '
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1114
            </td>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1115
          </tr>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1116
          <tr>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1117
            <td class="row3">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1118
              <a href="' . $link_coppa_no  . '">' . $lang->get('user_reg_coppa_link_atleast13', array( 'yo13_date' => $yo13_date )) . '</a><br />
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1119
              <a href="' . $link_coppa_yes . '">' . $lang->get('user_reg_coppa_link_not13', array( 'yo13_date' => $yo13_date )) . '</a>
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1120
            </td>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1121
          </tr>';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1122
    echo '</table>';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1123
    echo '</div>';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1124
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1125
  $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1126
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1127
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1128
function page_Special_Contributions() {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1129
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1130
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1131
  
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1132
  // This is a vast improvement over the old Special:Contributions in 1.0.x.
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1133
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1134
  $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1135
  $user = $paths->getParam();
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1136
  if ( !$user && isset($_GET['user']) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1137
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1138
    $user = $_GET['user'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1139
  }
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1140
  else if ( !$user && !isset($_GET['user']) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1141
  {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1142
    echo '<p>' . $lang->get('userfuncs_contribs_err_no_user') . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1143
    $template->footer();
81
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1144
    return;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1145
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1146
  
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1147
  $user = $db->escape($user);
414
818b4cd12b8b Added "is_draft != 1" where appropriate in SQL queries to prevent drafts from being treated as real revisions.
Dan
parents: 411
diff changeset
  1148
  $q = 'SELECT log_type, time_id, action, date_string, page_id, namespace, author, edit_summary, minor_edit, page_id, namespace, ( action = \'edit\' ) AS is_edit FROM '.table_prefix.'logs WHERE author=\''.$user.'\' AND log_type=\'page\' AND is_draft != 1 ORDER BY is_edit DESC, time_id DESC;';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1149
  $q = $db->sql_query($q);
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1150
  if ( !$q )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1151
    $db->_die('SpecialUserFuncs selecting contribution data');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1152
  
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1153
  echo '<h3>' . $lang->get('userfuncs_contribs_heading_edits') . '</h3>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1154
  
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1155
  $cnt_edits = 0;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1156
  $cnt_other = 0;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1157
  $current = 'cnt_edits';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1158
  $cls = 'row2';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1159
  
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1160
  while ( $row = $db->fetchrow($q) )
81
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1161
  {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1162
    if ( $current == 'cnt_edits' && $row['is_edit'] != 1 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1163
    {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1164
      // No longer processing page edits - split the table
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1165
      if ( $cnt_edits == 0 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1166
      {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1167
        echo '<p>' . $lang->get('userfuncs_contribs_msg_no_edits') . '</p>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1168
      }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1169
      else
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1170
      {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1171
        echo '</table></div>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1172
        echo '<h3>' . $lang->get('userfuncs_contribs_heading_other') . '</h3>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1173
      }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1174
      $current = 'cnt_other';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1175
      $cls = 'row2';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1176
    }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1177
    if ( $$current == 0 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1178
    {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1179
      echo '<div class="tblholder">
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1180
              <table border="0" cellspacing="1" cellpadding="4">';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1181
      echo '  <tr>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1182
                <th>' . $lang->get('history_col_datetime') . '</th>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1183
      echo '    <th>' . $lang->get('history_col_page') . '</th>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1184
      if ( $current == 'cnt_edits' )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1185
      {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1186
        echo '  <th>' . $lang->get('history_col_summary') . '</th>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1187
      }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1188
      echo '    <th>' . $lang->get('history_col_minor') . '</th>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1189
      if ( $current == 'cnt_other' )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1190
      {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1191
        echo '  <th>' . $lang->get('history_col_action_taken') . '</th>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1192
                <th>' . $lang->get('history_col_extra') . '</th>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1193
             ';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1194
      }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1195
      echo '    <th>' . $lang->get('history_col_actions') . '</th>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1196
              </tr>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1197
    }
377
bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
Dan
parents: 372
diff changeset
  1198
    $$current++;
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1199
    $cls = ( $cls == 'row1' ) ? 'row2' : 'row1';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1200
    
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1201
    echo '<tr>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1202
    
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1203
    // date & time
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1204
    echo '  <td class="' . $cls . '">' . enano_date('d M Y h:i a', $row['time_id']) . '</td>';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1205
    
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1206
    // page & link to said page
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1207
    echo '  <td class="' . $cls . '"><a href="' . makeUrlNS($row['namespace'], $row['page_id']) . '">' . get_page_title_ns($row['page_id'], $row['namespace']) . '</a></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1208
    
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1209
    switch ( $row['action'] )
81
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1210
    {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1211
      case 'edit':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1212
        if ( $row['edit_summary'] == 'Automatic backup created when logs were purged' )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1213
        {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1214
          $row['edit_summary'] = $lang->get('history_summary_clearlogs');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1215
        }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1216
        else if ( empty($row['edit_summary']) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1217
        {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1218
          $row['edit_summary'] = '<span style="color: #808080">' . $lang->get('history_summary_none_given') . '</span>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1219
        }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1220
        echo '  <td class="' . $cls . '">' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1221
        if ( $row['minor_edit'] == 1 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1222
        {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1223
          echo '<td class="' . $cls . '"><b>M</b></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1224
        }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1225
        else
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1226
        {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1227
          echo '<td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1228
        }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1229
        break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1230
      case 'prot':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1231
        echo '  <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1232
        echo '  <td class="' . $cls . '">' . $lang->get('history_log_protect') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1233
        echo '  <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1234
        break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1235
      case 'unprot':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1236
        echo '  <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1237
        echo '  <td class="' . $cls . '">' . $lang->get('history_log_unprotect') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1238
        echo '  <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1239
        break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1240
      case 'semiprot':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1241
        echo '  <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1242
        echo '  <td class="' . $cls . '">' . $lang->get('history_log_semiprotect') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1243
        echo '  <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1244
        break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1245
      case 'rename':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1246
        echo '  <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1247
        echo '  <td class="' . $cls . '">' . $lang->get('history_log_rename') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1248
        echo '  <td class="' . $cls . '">' . $lang->get('history_extra_oldtitle') . ' ' . htmlspecialchars($row['edit_summary']) . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1249
        break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1250
      case 'create':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1251
        echo '  <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1252
        echo '  <td class="' . $cls . '">' . $lang->get('history_log_create') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1253
        echo '  <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1254
        break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1255
      case 'delete':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1256
        echo '  <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1257
        echo '  <td class="' . $cls . '">' . $lang->get('history_log_delete') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1258
        echo '  <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1259
        break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1260
      case 'reupload':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1261
        echo '  <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1262
        echo '  <td class="' . $cls . '">' . $lang->get('history_log_uploadnew') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1263
        echo '  <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1264
        break;
81
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1265
    }
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1266
    
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1267
    // actions column
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1268
    echo '    <td class="' . $cls . '" style="text-align: center;">';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1269
    if ( $row['is_edit'] == 1 )
81
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1270
    {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1271
      echo '    <a href="' . makeUrlNS($row['namespace'], $row['page_id'], "oldid={$row['time_id']}", true) . '">' . $lang->get('history_action_view') . '</a> | ';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1272
      echo '      <a href="' . makeUrlNS($row['namespace'], $row['page_id'], "do=rollback&id={$row['time_id']}", true) . '">' . $lang->get('history_action_restore') . '</a>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1273
    }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1274
    else
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1275
    {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1276
      echo '      <a href="' . makeUrlNS($row['namespace'], $row['page_id'], "do=rollback&id={$row['time_id']}", true) . '">' . $lang->get('history_action_revert') . '</a>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1277
    }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1278
    echo '    </td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1279
    
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1280
    if ( $current == 'cnt_other' && $cnt_edits + $cnt_other >= $db->numrows($q) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1281
    {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1282
      echo '</table></div>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1283
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1284
  }
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1285
  
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1286
  if ( $current == 'cnt_edits' )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1287
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1288
    // no "other" edits, close the table
377
bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
Dan
parents: 372
diff changeset
  1289
    if ( $cnt_edits > 0 )
bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
Dan
parents: 372
diff changeset
  1290
      echo '</table></div>';
bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
Dan
parents: 372
diff changeset
  1291
    else
bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
Dan
parents: 372
diff changeset
  1292
      echo '<p>' . $lang->get('userfuncs_contribs_msg_no_edits') . '</p>';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1293
    echo '<h3>' . $lang->get('userfuncs_contribs_heading_other') . '</h3>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1294
    echo '<p>' . $lang->get('userfuncs_contribs_msg_no_other') . '</p>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1295
  }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1296
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1297
  $db->free_result();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1298
  $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1299
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1300
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1301
function page_Special_ChangeStyle()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1302
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1303
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1304
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1305
  
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1306
  if ( !$session->user_logged_in )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1307
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1308
    die_friendly('Access denied', '<p>You must be logged in to change your style. Spoofer.</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1309
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1310
  if(isset($_POST['theme']) && isset($_POST['style']) && isset($_POST['return_to']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1311
  {
81
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1312
    if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['theme']) )
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1313
      die('Hacking attempt');
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1314
    if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['style']) )
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1315
      die('Hacking attempt');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1316
    $d = ENANO_ROOT . '/themes/' . $_POST['theme'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1317
    $f = ENANO_ROOT . '/themes/' . $_POST['theme'] . '/css/' . $_POST['style'] . '.css';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1318
    if ( !file_exists($d) || !is_dir($d) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1319
    {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1320
      die('The directory "'.$d.'" does not exist.');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1321
    }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1322
    if ( !file_exists($f) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1323
    {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1324
      die('The file "'.$f.'" does not exist.');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1325
    }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1326
    $d = $db->escape($_POST['theme']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1327
    $f = $db->escape($_POST['style']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1328
    $q = 'UPDATE '.table_prefix.'users SET theme=\''.$d.'\',style=\''.$f.'\' WHERE username=\''.$session->username.'\'';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1329
    if ( !$db->sql_query($q) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1330
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1331
      $db->_die('Your theme/style preferences were not updated.');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1332
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1333
    else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1334
    {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1335
      redirect(makeUrl($_POST['return_to']), $lang->get('userfuncs_changetheme_success_title'), $lang->get('userfuncs_changetheme_success_body'), 3);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1336
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1337
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1338
  else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1339
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1340
    $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1341
      $ret = ( isset($_POST['return_to']) ) ? $_POST['return_to'] : $paths->getParam(0);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1342
      if ( !$ret )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1343
      {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1344
        $ret = getConfig('main_page');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1345
      }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1346
      ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1347
        <form action="<?php echo makeUrl($paths->page); ?>" method="post">
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1348
          <?php if ( !isset($_POST['themeselected']) ) { ?>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1349
            <h3><?php echo $lang->get('userfuncs_changetheme_heading_theme'); ?></h3>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1350
            <p>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1351
              <select name="theme">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1352
               <?php
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1353
                foreach ( $template->theme_list as $t )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1354
                {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1355
                  if ( $t['enabled'] )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1356
                  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1357
                    echo '<option value="'.$t['theme_id'].'"';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1358
                    if ( $t['theme_id'] == $session->theme )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1359
                    {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1360
                      echo ' selected="selected"';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1361
                    }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1362
                    echo '>' . $t['theme_name'] . '</option>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1363
                  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1364
                }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1365
               ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1366
              </select>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1367
            </p>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1368
            <p><input type="hidden" name="return_to" value="<?php echo $ret; ?>" />
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1369
               <input type="submit" name="themeselected" value="<?php echo $lang->get('userfuncs_changetheme_btn_continue'); ?>" /></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1370
          <?php } else { 
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1371
            $theme = $_POST['theme'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1372
            if ( !preg_match('/^([0-9A-z_-]+)$/i', $theme ) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1373
              die('Hacking attempt');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1374
            ?>
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1375
            <h3><?php echo $lang->get('userfuncs_changetheme_heading_style'); ?></h3>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1376
            <p>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1377
              <select name="style">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1378
                <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1379
                  $dir = './themes/'.$theme.'/css/';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1380
                  $list = Array();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1381
                  // Open a known directory, and proceed to read its contents
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1382
                  if (is_dir($dir)) {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1383
                    if ($dh = opendir($dir)) {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1384
                      while (($file = readdir($dh)) !== false) {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1385
                        if(preg_match('#^(.*?)\.css$#is', $file) && $file != '_printable.css') {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1386
                          $list[] = substr($file, 0, strlen($file)-4);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1387
                        }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1388
                      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1389
                      closedir($dh);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1390
                    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1391
                  } else die($dir.' is not a dir');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1392
                  foreach ( $list as $l )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1393
                  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1394
                    echo '<option value="'.$l.'">'.capitalize_first_letter($l).'</option>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1395
                  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1396
                ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1397
              </select>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1398
            </p>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1399
            <p><input type="hidden" name="return_to" value="<?php echo $ret; ?>" />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1400
               <input type="hidden" name="theme" value="<?php echo $theme; ?>" />
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1401
               <input type="submit" name="allclear" value="<?php echo $lang->get('userfuncs_changetheme_btn_allclear'); ?>" /></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1402
          <?php } ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1403
        </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1404
      <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1405
    $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1406
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1407
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1408
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1409
function page_Special_ActivateAccount()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1410
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1411
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1412
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1413
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1414
  $user = $paths->getParam(0);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1415
  if ( !$user )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1416
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1417
    die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_badlink_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1418
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1419
  $key = $paths->getParam(1);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1420
  if ( !$key )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1421
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1422
    die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_badlink_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1423
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1424
  $s = $session->activate_account(str_replace('_', ' ', $user), $key);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1425
  if ( $s > 0 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1426
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1427
    die_friendly($lang->get('userfuncs_activate_success_title'), '<p>' . $lang->get('userfuncs_activate_success_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1428
  }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1429
  else
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1430
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1431
    die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_bad_key') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1432
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1433
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1434
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1435
function page_Special_Captcha()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1436
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1437
  global $db, $session, $paths, $template, $plugins; // Common objects
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1438
  if ( $paths->getParam(0) == 'make' )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1439
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1440
    $session->kill_captcha();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1441
    echo $session->make_captcha();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1442
    return;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1443
  }
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1444
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1445
  $hash = $paths->getParam(0);
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1446
  if ( !$hash || !preg_match('#^([0-9a-f]*){32,40}$#i', $hash) )
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1447
  {
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1448
    $paths->main_page();
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1449
  }
402
d907601ccad2 Fixed some captcha bugs and made all captcha fields case-insensitive
Dan
parents: 401
diff changeset
  1450
d907601ccad2 Fixed some captcha bugs and made all captcha fields case-insensitive
Dan
parents: 401
diff changeset
  1451
  $session->make_captcha(7, $hash);  
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1452
  $code = $session->generate_captcha_code();
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1453
  $q = $db->sql_query('UPDATE ' . table_prefix . "captcha SET code = '$code' WHERE session_id = '$hash';");
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1454
  if ( !$q )
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1455
    $db->_die();
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1456
  
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1457
  require ( ENANO_ROOT.'/includes/captcha.php' );
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1458
  $captcha = captcha_object($hash, 'freecap');
472
bc4b58034f4d Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
parents: 459
diff changeset
  1459
  // $captcha->debug = true;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1460
  $captcha->make_image();
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1461
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1462
  exit;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1463
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1464
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1465
function page_Special_PasswordReset()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1466
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1467
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1468
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1469
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1470
  $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1471
  if($paths->getParam(0) == 'stage2')
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1472
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1473
    $user_id = intval($paths->getParam(1));
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1474
    $encpass = $paths->getParam(2);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1475
    if ( $user_id < 2 )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1476
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1477
      echo '<p>Hacking attempt</p>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1478
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1479
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1480
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1481
    if(!preg_match('#^([a-f0-9]+)$#i', $encpass))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1482
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1483
      echo '<p>Hacking attempt</p>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1484
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1485
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1486
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1487
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1488
    $q = $db->sql_query('SELECT username,temp_password_time FROM '.table_prefix.'users WHERE user_id='.$user_id.' AND temp_password=\'' . $encpass . '\';');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1489
    if($db->numrows() < 1)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1490
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1491
      echo '<p>Invalid credentials</p>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1492
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1493
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1494
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1495
    $row = $db->fetchrow();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1496
    $db->free_result();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1497
    
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1498
    if ( ( intval($row['temp_password_time']) + ( 3600 * 24 ) ) < time() )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1499
    {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1500
      echo '<p>' . $lang->get('userfuncs_passreset_err_pass_expired', array('reset_url' => makeUrlNS('Special', 'PasswordReset'))) . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1501
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1502
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1503
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1504
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1505
    if ( isset($_POST['do_stage2']) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1506
    {
286
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 270
diff changeset
  1507
      $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1508
      if($_POST['use_crypt'] == 'yes')
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1509
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1510
        $crypt_key = $session->fetch_public_key($_POST['crypt_key']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1511
        if(!$crypt_key)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1512
        {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1513
          echo $lang->get('user_err_key_not_found');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1514
          $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1515
          return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1516
        }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1517
        $crypt_key = hexdecode($crypt_key);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1518
        $data = $aes->decrypt($_POST['crypt_data'], $crypt_key, ENC_HEX);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1519
        if(strlen($data) < 6)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1520
        {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1521
          echo $lang->get('userfuncs_passreset_err_too_short');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1522
          $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1523
          return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1524
        }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1525
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1526
      else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1527
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1528
        $data = $_POST['pass'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1529
        $conf = $_POST['pass_confirm'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1530
        if($data != $conf)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1531
        {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1532
          echo $lang->get('userfuncs_passreset_err_no_match');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1533
          $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1534
          return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1535
        }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1536
        if(strlen($data) < 6)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1537
        {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1538
          echo $lang->get('userfuncs_passreset_err_too_short');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1539
          $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1540
          return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1541
        }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1542
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1543
      if(empty($data))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1544
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1545
        echo 'ERROR: Sanity check failed!';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1546
        $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1547
        return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1548
      }
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1549
      if ( getConfig('pw_strength_enable') == '1' )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1550
      {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1551
        $min_score = intval(getConfig('pw_strength_minimum'));
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1552
        $inp_score = password_score($data);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1553
        if ( $inp_score < $min_score )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1554
        {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1555
          $url = makeUrl($paths->fullpage);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1556
          echo "<p>" . $lang->get('userfuncs_passreset_err_failed_score', array('inp_score' => $inp_score, 'url' => $url)) . "</p>";
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1557
          $template->footer();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1558
          return false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1559
        }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1560
      }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1561
      $encpass = $aes->encrypt($data, $session->private_key, ENC_HEX);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1562
      $q = $db->sql_query('UPDATE '.table_prefix.'users SET password=\'' . $encpass . '\',temp_password=\'\',temp_password_time=0 WHERE user_id='.$user_id.';');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1563
      
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1564
      if($q)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1565
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1566
        $session->login_without_crypto($row['username'], $data);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1567
        echo '<p>' . $lang->get('userfuncs_passreset_stage2_success', array('url_mainpage' => makeUrl(getConfig('main_page')))) . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1568
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1569
      else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1570
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1571
        echo $db->get_error();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1572
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1573
      
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1574
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1575
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1576
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1577
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1578
    // Password reset form
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1579
    $pubkey = $session->rijndael_genkey();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1580
    
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1581
    $evt_get_score = ( getConfig('pw_strength_enable') == '1' ) ? 'onkeyup="password_score_field(this);" ' : '';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1582
    $pw_meter =      ( getConfig('pw_strength_enable') == '1' ) ? '<tr><td class="row1">' . $lang->get('userfuncs_passreset_stage2_lbl_strength') . '</td><td class="row1"><div id="pwmeter"></div><script type="text/javascript">password_score_field(document.forms.resetform.pass);</script></td></tr>' : '';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1583
    $pw_blurb =      ( getConfig('pw_strength_enable') == '1' && intval(getConfig('pw_strength_minimum')) > -10 ) ? '<br /><small>' . $lang->get('userfuncs_passreset_stage2_blurb_strength') . '</small>' : '';
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1584
    
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1585
    ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1586
    <form action="<?php echo makeUrl($paths->fullpage); ?>" method="post" name="resetform" onsubmit="return runEncryption();">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1587
      <br />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1588
      <div class="tblholder">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1589
        <table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1590
          <tr><th colspan="2"><?php echo $lang->get('userfuncs_passreset_stage2_th'); ?></th></tr>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1591
          <tr><td class="row1"><?php echo $lang->get('userfuncs_passreset_stage2_lbl_password'); ?> <?php echo $pw_blurb; ?></td><td class="row1"><input name="pass" type="password" <?php echo $evt_get_score; ?>/></td></tr>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1592
          <tr><td class="row2"><?php echo $lang->get('userfuncs_passreset_stage2_lbl_confirm'); ?> </td><td class="row2"><input name="pass_confirm" type="password" /></td></tr>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1593
          <?php echo $pw_meter; ?>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1594
          <tr>
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1595
            <td colspan="2" class="row3" style="text-align: center;">
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1596
              <input type="hidden" name="use_crypt" value="no" />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1597
              <input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1598
              <input type="hidden" name="crypt_data" value="" />
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1599
              <input type="submit" name="do_stage2" value="<?php echo $lang->get('userfuncs_passreset_stage2_btn_submit'); ?>" />
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1600
            </td>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1601
          </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1602
        </table>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1603
      </div>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1604
    </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1605
    <script type="text/javascript">
57
b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents: 32
diff changeset
  1606
    if ( !KILL_SWITCH )
b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents: 32
diff changeset
  1607
    {
b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents: 32
diff changeset
  1608
      disableJSONExts();
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1609
      str = '';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1610
      for(i=0;i<keySizeInBits/4;i++) str+='0';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1611
      var key = hexToByteArray(str);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1612
      var pt = hexToByteArray(str);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1613
      var ct = rijndaelEncrypt(pt, key, "ECB");
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1614
      var ct = byteArrayToHex(ct);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1615
      switch(keySizeInBits)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1616
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1617
        case 128:
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1618
          v = '66e94bd4ef8a2c3b884cfa59ca342b2e';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1619
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1620
        case 192:
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1621
          v = 'aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1622
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1623
        case 256:
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1624
          v = 'dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1625
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1626
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1627
      var testpassed = ( ct == v && md5_vm_test() );
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1628
      var frm = document.forms.resetform;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1629
      if(testpassed)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1630
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1631
        frm.use_crypt.value = 'yes';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1632
        var cryptkey = frm.crypt_key.value;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1633
        frm.crypt_key.value = hex_md5(cryptkey);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1634
        cryptkey = hexToByteArray(cryptkey);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1635
        if(!cryptkey || ( ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1636
        {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1637
          frm._login.disabled = true;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1638
          len = ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : '';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1639
          alert('The key is messed up\nType: '+typeof(cryptkey)+len);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1640
        }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1641
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1642
      function runEncryption()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1643
      {
57
b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents: 32
diff changeset
  1644
        var frm = document.forms.resetform;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1645
        pass1 = frm.pass.value;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1646
        pass2 = frm.pass_confirm.value;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1647
        if ( pass1 != pass2 )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1648
        {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1649
          alert($lang.get('userfuncs_passreset_err_no_match'));
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1650
          return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1651
        }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1652
        if ( pass1.length < 6 )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1653
        {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1654
          alert($lang.get('userfuncs_passreset_err_too_short'));
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1655
          return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1656
        }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1657
        if(testpassed)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1658
        {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1659
          pass = frm.pass.value;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1660
          pass = stringToByteArray(pass);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1661
          cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1662
          if(!cryptstring)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1663
          {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1664
            return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1665
          }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1666
          cryptstring = byteArrayToHex(cryptstring);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1667
          frm.crypt_data.value = cryptstring;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1668
          frm.pass.value = "";
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1669
          frm.pass_confirm.value = "";
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1670
        }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1671
        return true;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1672
      }
57
b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents: 32
diff changeset
  1673
    }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1674
    </script>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1675
    <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1676
    $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1677
    return true;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1678
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1679
  if(isset($_POST['do_reset']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1680
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1681
    if($session->mail_password_reset($_POST['username']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1682
    {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1683
      echo '<p>' . $lang->get('userfuncs_passreset_stage1_success') . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1684
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1685
    else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1686
    {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1687
      echo '<p>' . $lang->get('userfuncs_passreset_stage1_error') . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1688
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1689
    $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1690
    return true;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1691
  }
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1692
  echo '<p>' . $lang->get('userfuncs_passreset_blurb_line1') . '</p>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1693
        <p>' . $lang->get('userfuncs_passreset_blurb_line2') . '</p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1694
        <form action="'.makeUrl($paths->page).'" method="post" onsubmit="if(!submitAuthorized) return false;">
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1695
          <p>' . $lang->get('userfuncs_passreset_lbl_username') . '  '.$template->username_field('username').'</p>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1696
          <p><input type="submit" name="do_reset" value="' . $lang->get('userfuncs_passreset_btn_mailpasswd') . '" /></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1697
        </form>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1698
  $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1699
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1700
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1701
function page_Special_Memberlist()
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1702
{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1703
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1704
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1705
  
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1706
  $template->header();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1707
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1708
  $startletters = 'abcdefghijklmnopqrstuvwxyz';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1709
  $startletters = enano_str_split($startletters);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1710
  $startletter = ( isset($_GET['letter']) ) ? strtolower($_GET['letter']) : '';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1711
  if ( !in_array($startletter, $startletters) && $startletter != 'chr' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1712
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1713
    $startletter = '';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1714
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1715
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1716
  $startletter_sql = $startletter;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1717
  if ( $startletter == 'chr' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1718
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1719
    $startletter_sql = '([^a-z])';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1720
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1721
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1722
  // offset
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1723
  $offset = ( isset($_GET['offset']) && strval(intval($_GET['offset'])) === $_GET['offset']) ? intval($_GET['offset']) : 0;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1724
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1725
  // sort order
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1726
  $sortkeys = array(
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1727
      'uid' => 'u.user_id',
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1728
      'username' => 'u.username',
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1729
      'email' => 'u.email',
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1730
      'regist' => 'u.reg_time'
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1731
    );
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1732
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1733
  $sortby = ( isset($_GET['sort']) && isset($sortkeys[$_GET['sort']]) ) ? $_GET['sort'] : 'username';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1734
  $sort_sqllet = $sortkeys[$sortby];
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1735
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1736
  $target_order = ( isset($_GET['orderby']) && in_array($_GET['orderby'], array('ASC', 'DESC')) )? $_GET['orderby'] : 'ASC';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1737
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1738
  $sortorders = array();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1739
  foreach ( $sortkeys as $k => $_unused )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1740
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1741
    $sortorders[$k] = ( $sortby == $k ) ? ( $target_order == 'ASC' ? 'DESC' : 'ASC' ) : 'ASC';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1742
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1743
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1744
  // Why 3.3714%? 100 percent / 28 cells, minus a little (0.2% / cell) to account for cell spacing
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1745
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1746
  echo '<div class="tblholder">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1747
          <table border="0" cellspacing="1" cellpadding="4" style="text-align: center;">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1748
            <tr>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1749
  echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=&sort=' . $sortby . '&orderby=' . $target_order, true) . '">All</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1750
  echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=chr&sort=' . $sortby . '&orderby=' . $target_order, true) . '">#</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1751
  foreach ( $startletters as $letter )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1752
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1753
    echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=' . $letter . '&sort=' . $sortby . '&orderby=' . $target_order, true) . '">' . strtoupper($letter) . '</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1754
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1755
  echo '    </tr>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1756
          </table>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1757
        </div>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1758
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1759
  // formatter parameters
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1760
  $formatter = new MemberlistFormatter();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1761
  $formatters = array(
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1762
    'username' => array($formatter, 'username'),
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1763
    'user_level' => array($formatter, 'user_level'),
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1764
    'email' => array($formatter, 'email'),
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1765
    'reg_time' => array($formatter, 'reg_time')
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1766
    );
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1767
  
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1768
  // User search             
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1769
  if ( isset($_GET['finduser']) )
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1770
  {
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1771
    $finduser = str_replace(array(  '%',   '_'),
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1772
                            array('\\%', '\\_'),
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1773
                            $_GET['finduser']);
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1774
    $finduser = str_replace(array('*', '?'),
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1775
                            array('%', '_'),
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1776
                            $finduser);
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1777
    $finduser = $db->escape($finduser);
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1778
    $username_where = ENANO_SQLFUNC_LOWERCASE . '(u.username) LIKE \'%' . strtolower($finduser) . '%\'';
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1779
    $finduser_url = 'finduser=' . rawurlencode($_GET['finduser']) . '&';
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1780
  }
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1781
  else
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1782
  {
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1783
    if ( ENANO_DBLAYER == 'MYSQL' )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1784
      $username_where = 'lcase(u.username) REGEXP lcase("^' . $startletter_sql . '")';
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1785
    else if ( ENANO_DBLAYER == 'PGSQL' )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1786
      $username_where = 'lower(u.username) ~ lower(\'^' . $startletter_sql . '\')';
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1787
    $finduser_url = '';
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1788
  }
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1789
  
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1790
  // Column markers
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1791
  $headings = '<tr>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1792
                 <th style="max-width: 50px;">
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1793
                   <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=uid&orderby=' . $sortorders['uid'], true) . '">#</a>
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1794
                 </th>
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1795
                 <th>
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1796
                   <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=username&orderby=' . $sortorders['username'], true) . '">' . $lang->get('userfuncs_ml_column_username') . '</a>
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1797
                 </th>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1798
                 <th>
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1799
                   ' . $lang->get('userfuncs_ml_column_userlevel') . '
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1800
                 </th>
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1801
                 <th>
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1802
                   <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=email&orderby=' . $sortorders['email'], true) . '">' . $lang->get('userfuncs_ml_column_email') . '</a>
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1803
                 </th>
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1804
                 <th>
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1805
                   <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=regist&orderby=' . $sortorders['regist'], true) . '">' . $lang->get('userfuncs_ml_column_regtime') . '</a>
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1806
                 </th>
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1807
               </tr>';
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1808
               
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1809
  // determine number of rows
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1810
  $q = $db->sql_query('SELECT u.user_id FROM '.table_prefix.'users AS u WHERE ' . $username_where . ' AND u.username != \'Anonymous\';');
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1811
  if ( !$q )
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1812
    $db->_die();
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1813
  
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1814
  $num_rows = $db->numrows();
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1815
  $db->free_result();
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1816
  
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1817
  if ( !empty($finduser_url) )
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1818
  {
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1819
    switch ( $num_rows )
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1820
    {
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1821
      case 0:
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1822
        $str = $lang->get('userfuncs_ml_msg_matches_zero'); break;
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1823
      case 1:
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1824
        $str = $lang->get('userfuncs_ml_msg_matches_one'); break;
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1825
      default:
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1826
        $str = $lang->get('userfuncs_ml_msg_matches', array('matches' => $num_rows)); break;
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1827
    }
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1828
    echo "<h3>$str</h3>";
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1829
  }
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1830
  
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1831
  // main selector
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1832
  $q = $db->sql_unbuffered_query('SELECT u.user_id, u.username, u.reg_time, u.email, u.user_level, u.reg_time, x.email_public FROM '.table_prefix.'users AS u
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1833
                                    LEFT JOIN '.table_prefix.'users_extra AS x
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1834
                                      ON ( u.user_id = x.user_id )
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1835
                                    WHERE ' . $username_where . ' AND u.username != \'Anonymous\'
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1836
                                    ORDER BY ' . $sort_sqllet . ' ' . $target_order . ';');
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1837
  if ( !$q )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1838
    $db->_die();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1839
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1840
  $html = paginate(
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1841
            $q,                                                                                                       // MySQL result resource
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1842
            '<tr>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1843
               <td class="{_css_class}">{user_id}</td>
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1844
               <td class="{_css_class}" style="text-align: left;">{username}</td>
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1845
               <td class="{_css_class}">{user_level}</td>
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1846
               <td class="{_css_class}">{email}</small></td>
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1847
               <td class="{_css_class}">{reg_time}</td>
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1848
             </tr>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1849
             ',                                                                                                       // TPL code for rows
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1850
             $num_rows,                                                                                               // Number of results
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1851
             makeUrlNS('Special', 'Memberlist', ( str_replace('%', '%%', $finduser_url) ) . 'letter=' . $startletter . '&offset=%s&sort=' . $sortby . '&orderby=' . $target_order ), // Result URL
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1852
             $offset,                                                                                                 // Start at this number
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1853
             25,                                                                                                      // Results per page
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1854
             $formatters,                                                                                             // Formatting hooks
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1855
             '<div class="tblholder">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1856
                <table border="0" cellspacing="1" cellpadding="4" style="text-align: center;">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1857
                  ' . $headings . '
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1858
                 ',                                                                                                   // Header (printed before rows)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1859
             '  ' . $headings . '
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1860
                 </table>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1861
              </div>
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1862
              ' .
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1863
              '<div style="float: left;">
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1864
                <form action="' . makeUrlNS('Special', 'Memberlist') . '" method="get" onsubmit="if ( !submitAuthorized ) return false;">'
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1865
               . ( urlSeparator == '&' ? '<input type="hidden" name="title" value="' . htmlspecialchars( $paths->page ) . '" />' : '' )
115
261f367623af Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
Dan
parents: 111
diff changeset
  1866
               . ( $session->sid_super ? '<input type="hidden" name="auth"  value="' . $session->sid_super . '" />' : '')
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1867
               . '<p>' . $lang->get('userfuncs_ml_lbl_finduser') . ' ' . $template->username_field('finduser') . ' <input type="submit" value="' . $lang->get('userfuncs_ml_btn_go') . '" /><br />
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1868
                  <small>' . $lang->get('userfuncs_ml_tip_wildcard') . '</small></p>'
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1869
               . '</form>
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1870
               </div>'                                                                                                // Footer (printed after rows)
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1871
          );
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1872
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1873
  if ( $num_rows < 1 )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1874
  {
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1875
    echo ( isset($_GET['finduser']) ) ? '<p>' . $lang->get('userfuncs_ml_err_nousers_find') . '</p>' :
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1876
                                        '<p>' . $lang->get('userfuncs_ml_err_nousers') . '</p>';
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1877
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1878
  else
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1879
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1880
    echo $html;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1881
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1882
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1883
  $template->footer();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1884
}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1885
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1886
/**
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1887
 * Class for formatting results for the memberlist.
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1888
 * @access private
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1889
 */
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1890
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1891
class MemberlistFormatter
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1892
{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1893
  function username($username, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1894
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1895
    global $db, $session, $paths, $template, $plugins; // Common objects
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1896
    global $lang;
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1897
    
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1898
    $userpage = $paths->nslist['User'] . sanitize_page_id($username);
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1899
    $class = ( isPage($userpage) ) ? ' title="' . $lang->get('userfuncs_ml_tip_userpage') . '"' : ' class="wikilink-nonexistent" title="' . $lang->get('userfuncs_ml_tip_nouserpage') . '"';
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1900
    $anchor = '<a href="' . makeUrlNS('User', sanitize_page_id($username)) . '"' . $class . '>' . htmlspecialchars($username) . '</a>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1901
    if ( $session->user_level >= USER_LEVEL_ADMIN )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1902
    {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1903
      $anchor .= ' <small>- <a href="' . makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'UserManager&src=get&username=' . urlencode($username), true) . '"
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1904
                               onclick="ajaxAdminUser(\'' . addslashes(htmlspecialchars($username)) . '\'); return false;">' . $lang->get('userfuncs_ml_btn_adminuser') . '</a></small>';
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1905
    }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1906
    return $anchor;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1907
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1908
  function user_level($level, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1909
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1910
    global $db, $session, $paths, $template, $plugins; // Common objects
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1911
    global $lang;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1912
    switch ( $level )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1913
    {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1914
      case USER_LEVEL_GUEST:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1915
        $s_level = $lang->get('userfuncs_ml_level_guest'); break;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1916
      case USER_LEVEL_MEMBER:
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1917
      case USER_LEVEL_CHPREF:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1918
        $s_level = $lang->get('userfuncs_ml_level_member'); break;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1919
      case USER_LEVEL_MOD:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1920
        $s_level = $lang->get('userfuncs_ml_level_mod'); break;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1921
      case USER_LEVEL_ADMIN:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1922
        $s_level = $lang->get('userfuncs_ml_level_admin'); break;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1923
      default:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1924
        $s_level = $lang->get('userfuncs_ml_level_unknown', array( 'level' => $level ));
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1925
    }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1926
    return $s_level;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1927
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1928
  function email($addy, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1929
  {
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1930
    global $lang;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1931
    if ( $row['email_public'] == '1' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1932
    {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1933
      global $email;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1934
      $addy = $email->encryptEmail($addy);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1935
      return $addy;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1936
    }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1937
    else
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1938
    {
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1939
      return '<small>&lt;' . $lang->get('userfuncs_ml_email_nonpublic') . '&gt;</small>';
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1940
    }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1941
  }
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1942
  /**
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1943
   * Format a time as a reference to a day, with user-friendly "X days ago"/"Today"/"Yesterday" returned when relevant.
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1944
   * @param int UNIX timestamp
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1945
   * @return string
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1946
   */
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1947
  
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1948
  function format_date($time)
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1949
  {
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1950
    global $lang;
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1951
    // Our formattting string to pass to enano_date()
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1952
    // This should not include minute/second info, only today's date in whatever format suits your fancy
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1953
    $formatstring = 'F j, Y';
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1954
    // Today's date
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1955
    $today = enano_date($formatstring);
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1956
    // Yesterday's date
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1957
    $yesterday = enano_date($formatstring, (time() - (24*60*60)));
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1958
    // Date on the input
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1959
    $then = enano_date($formatstring, $time);
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1960
    // "X days ago" logic
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1961
    for ( $i = 2; $i <= 6; $i++ )
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1962
    {
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1963
      // hours_in_day * minutes_in_hour * seconds_in_minute * num_days
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1964
      $offset = 24 * 60 * 60 * $i;
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1965
      $days_ago = enano_date($formatstring, (time() - $offset));
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1966
      // so does the input timestamp match the date from $i days ago?
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1967
      if ( $then == $days_ago )
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1968
      {
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1969
        // yes, return $i
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1970
        return $lang->get('userfuncs_ml_date_daysago', array('days_ago' => $i));
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1971
      }
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1972
    }
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1973
    // either yesterday, today, or before 6 days ago
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1974
    switch($then)
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1975
    {
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1976
      case $today:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1977
        return $lang->get('userfuncs_ml_date_today');
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1978
      case $yesterday:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1979
        return $lang->get('userfuncs_ml_date_yesterday');
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1980
      default:
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1981
        return $then;
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1982
    }
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1983
    //     .--.
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1984
    //    |o_o |
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1985
    //    |!_/ |
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1986
    //   //   \ \
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1987
    //  (|     | )
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1988
    // /'\_   _/`\
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1989
    // \___)=(___/
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1990
    return 'Linux rocks!';
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1991
  }
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1992
  function reg_time($time, $row)
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1993
  {
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1994
    return $this->format_date($time);
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1995
  }
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1996
}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1997
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1998
function page_Special_LangExportJSON()
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1999
{
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2000
  global $db, $session, $paths, $template, $plugins; // Common objects
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2001
  global $lang;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2002
  
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2003
  $lang_id = ( $x = $paths->getParam(0) ) ? intval($x) : $lang->lang_id;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2004
  
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2005
  if ( $lang->lang_id == $lang_id )
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2006
    $lang_local =& $lang;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2007
  else
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2008
    $lang_local = new Language($lang_id);
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2009
  
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2010
  
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  2011
  $timestamp = enano_date('D, j M Y H:i:s T', $lang_local->lang_timestamp);
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2012
  header("Last-Modified: $timestamp");
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2013
  header("Date: $timestamp");
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2014
  header('Content-type: text/javascript');
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2015
  
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2016
  $lang_local->fetch();
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2017
  echo "if ( typeof(enano_lang) != 'object' )
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2018
  var enano_lang = new Object();
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2019
334
c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents: 326
diff changeset
  2020
enano_lang[{$lang->lang_id}] = " . enano_json_encode($lang_local->strings) . ";";
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2021
  
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2022
}
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  2023
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  2024
?>