author | Dan |
Wed, 09 Apr 2008 22:45:51 -0400 | |
changeset 528 | 43535769970b |
parent 525 | 3f2dfdb99be4 |
child 536 | 218a627eb53e |
permissions | -rw-r--r-- |
0 | 1 |
<?php |
519
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents:
517
diff
changeset
|
2 |
/**!info** |
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents:
517
diff
changeset
|
3 |
{ |
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents:
517
diff
changeset
|
4 |
"Plugin Name" : "plugin_specialuserfuncs_title", |
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents:
517
diff
changeset
|
5 |
"Plugin URI" : "http://enanocms.org/", |
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents:
517
diff
changeset
|
6 |
"Description" : "plugin_specialuserfuncs_desc", |
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents:
517
diff
changeset
|
7 |
"Author" : "Dan Fuhry", |
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents:
517
diff
changeset
|
8 |
"Version" : "1.1.3", |
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents:
517
diff
changeset
|
9 |
"Author URI" : "http://enanocms.org/" |
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents:
517
diff
changeset
|
10 |
} |
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents:
517
diff
changeset
|
11 |
**!*/ |
0 | 12 |
|
13 |
/* |
|
14 |
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
|
504
bc8e0e9ee01d
Added support for embedding language data into plugins; updated all version numbers on plugin files
Dan
parents:
472
diff
changeset
|
15 |
* Version 1.1.3 (Caoineag alpha 3) |
0 | 16 |
* Copyright (C) 2006-2007 Dan Fuhry |
17 |
* |
|
18 |
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
|
19 |
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
|
20 |
* |
|
21 |
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
|
22 |
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. |
|
23 |
*/ |
|
24 |
||
25 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
26 |
||
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
27 |
$plugins->attachHook('session_started', ' |
0 | 28 |
global $paths; |
29 |
$paths->add_page(Array( |
|
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
30 |
\'name\'=>\'specialpage_log_in\', |
0 | 31 |
\'urlname\'=>\'Login\', |
32 |
\'namespace\'=>\'Special\', |
|
33 |
\'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\', |
|
34 |
)); |
|
35 |
$paths->add_page(Array( |
|
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
36 |
\'name\'=>\'specialpage_log_out\', |
0 | 37 |
\'urlname\'=>\'Logout\', |
38 |
\'namespace\'=>\'Special\', |
|
39 |
\'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\', |
|
40 |
)); |
|
41 |
$paths->add_page(Array( |
|
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
42 |
\'name\'=>\'specialpage_register\', |
0 | 43 |
\'urlname\'=>\'Register\', |
44 |
\'namespace\'=>\'Special\', |
|
45 |
\'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\', |
|
46 |
)); |
|
47 |
$paths->add_page(Array( |
|
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
48 |
\'name\'=>\'specialpage_preferences\', |
0 | 49 |
\'urlname\'=>\'Preferences\', |
50 |
\'namespace\'=>\'Special\', |
|
51 |
\'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\', |
|
52 |
)); |
|
53 |
||
54 |
$paths->add_page(Array( |
|
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
55 |
\'name\'=>\'specialpage_contributions\', |
0 | 56 |
\'urlname\'=>\'Contributions\', |
57 |
\'namespace\'=>\'Special\', |
|
58 |
\'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\', |
|
59 |
)); |
|
60 |
||
61 |
$paths->add_page(Array( |
|
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
62 |
\'name\'=>\'specialpage_change_theme\', |
0 | 63 |
\'urlname\'=>\'ChangeStyle\', |
64 |
\'namespace\'=>\'Special\', |
|
65 |
\'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\', |
|
66 |
)); |
|
67 |
||
68 |
$paths->add_page(Array( |
|
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
69 |
\'name\'=>\'specialpage_activate_account\', |
0 | 70 |
\'urlname\'=>\'ActivateAccount\', |
71 |
\'namespace\'=>\'Special\', |
|
116
77c75179bb95
Made most special pages "visible"; fixup for non-existent special page redirect in paths.php; rewrote Special:AllPages to have pagination (WiP, Special:SpecialPages is possibly next, depending on whether paginate_array works or not)
Dan
parents:
115
diff
changeset
|
72 |
\'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\', |
0 | 73 |
)); |
74 |
||
75 |
$paths->add_page(Array( |
|
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
76 |
\'name\'=>\'specialpage_captcha\', |
0 | 77 |
\'urlname\'=>\'Captcha\', |
78 |
\'namespace\'=>\'Special\', |
|
116
77c75179bb95
Made most special pages "visible"; fixup for non-existent special page redirect in paths.php; rewrote Special:AllPages to have pagination (WiP, Special:SpecialPages is possibly next, depending on whether paginate_array works or not)
Dan
parents:
115
diff
changeset
|
79 |
\'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\', |
0 | 80 |
)); |
81 |
||
82 |
$paths->add_page(Array( |
|
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
83 |
\'name\'=>\'specialpage_password_reset\', |
0 | 84 |
\'urlname\'=>\'PasswordReset\', |
85 |
\'namespace\'=>\'Special\', |
|
86 |
\'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\', |
|
87 |
)); |
|
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
88 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
89 |
$paths->add_page(Array( |
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
90 |
\'name\'=>\'specialpage_member_list\', |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
91 |
\'urlname\'=>\'Memberlist\', |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
92 |
\'namespace\'=>\'Special\', |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
93 |
\'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\', |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
94 |
)); |
210
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
95 |
|
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
96 |
$paths->add_page(Array( |
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
97 |
\'name\'=>\'specialpage_language_export\', |
210
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
98 |
\'urlname\'=>\'LangExportJSON\', |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
99 |
\'namespace\'=>\'Special\', |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
100 |
\'special\'=>0,\'visible\'=>0,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\', |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
101 |
)); |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
102 |
|
0 | 103 |
'); |
104 |
||
105 |
// function names are IMPORTANT!!! The name pattern is: page_<namespace ID>_<page URLname, without namespace> |
|
106 |
||
107 |
$__login_status = ''; |
|
108 |
||
109 |
function page_Special_Login() |
|
110 |
{ |
|
111 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
112 |
global $__login_status; |
|
209 | 113 |
global $lang; |
0 | 114 |
|
115 |
$pubkey = $session->rijndael_genkey(); |
|
116 |
$challenge = $session->dss_rand(); |
|
117 |
||
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
118 |
$locked_out = false; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
119 |
// are we locked out? |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
120 |
$threshold = ( $_ = getConfig('lockout_threshold') ) ? intval($_) : 5; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
121 |
$duration = ( $_ = getConfig('lockout_duration') ) ? intval($_) : 15; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
122 |
// convert to minutes |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
123 |
$duration = $duration * 60; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
124 |
$policy = ( $x = getConfig('lockout_policy') && in_array(getConfig('lockout_policy'), array('lockout', 'disable', 'captcha')) ) ? getConfig('lockout_policy') : 'lockout'; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
125 |
if ( $policy != 'disable' ) |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
126 |
{ |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
127 |
$ipaddr = $db->escape($_SERVER['REMOTE_ADDR']); |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
128 |
$timestamp_cutoff = time() - $duration; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
129 |
$q = $session->sql('SELECT timestamp FROM '.table_prefix.'lockout WHERE timestamp > ' . $timestamp_cutoff . ' AND ipaddr = \'' . $ipaddr . '\' ORDER BY timestamp DESC;'); |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
130 |
$fails = $db->numrows(); |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
131 |
if ( $fails >= $threshold ) |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
132 |
{ |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
133 |
$row = $db->fetchrow(); |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
134 |
$locked_out = true; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
135 |
$lockdata = array( |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
136 |
'locked_out' => true, |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
137 |
'lockout_threshold' => $threshold, |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
138 |
'lockout_duration' => ( $duration / 60 ), |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
139 |
'lockout_fails' => $fails, |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
140 |
'lockout_policy' => $policy, |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
141 |
'lockout_last_time' => $row['timestamp'], |
182
c69730750be3
Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues
Dan
parents:
179
diff
changeset
|
142 |
'time_rem' => ( $duration / 60 ) - round( ( time() - $row['timestamp'] ) / 60 ), |
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
143 |
'captcha' => '' |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
144 |
); |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
145 |
if ( $policy == 'captcha' ) |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
146 |
{ |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
147 |
$lockdata['captcha'] = $session->make_captcha(); |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
148 |
} |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
149 |
} |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
150 |
$db->free_result(); |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
151 |
} |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
152 |
|
0 | 153 |
if ( isset($_GET['act']) && $_GET['act'] == 'getkey' ) |
154 |
{ |
|
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
155 |
header('Content-type: text/javascript'); |
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
parents:
57
diff
changeset
|
156 |
$username = ( $session->user_logged_in ) ? $session->username : false; |
0 | 157 |
$response = Array( |
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
parents:
57
diff
changeset
|
158 |
'username' => $username, |
0 | 159 |
'key' => $pubkey, |
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
160 |
'challenge' => $challenge, |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
161 |
'locked_out' => false |
0 | 162 |
); |
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
163 |
|
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
164 |
if ( $locked_out ) |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
165 |
{ |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
166 |
foreach ( $lockdata as $x => $y ) |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
167 |
{ |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
168 |
$response[$x] = $y; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
169 |
} |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
170 |
unset($x, $y); |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
171 |
} |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
172 |
|
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
173 |
// 1.1.3: generate diffie hellman key |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
174 |
require_once( ENANO_ROOT . '/includes/diffiehellman.php' ); |
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
175 |
global $dh_supported, $_math; |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
176 |
|
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
177 |
$response['dh_supported'] = $dh_supported; |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
178 |
if ( $dh_supported ) |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
179 |
{ |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
180 |
$dh_key_priv = dh_gen_private(); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
181 |
$dh_key_pub = dh_gen_public($dh_key_priv); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
182 |
$dh_key_priv = $_math->str($dh_key_priv); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
183 |
$dh_key_pub = $_math->str($dh_key_pub); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
184 |
$response['dh_public_key'] = $dh_key_pub; |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
185 |
// store the keys in the DB |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
186 |
$q = $db->sql_query('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );"); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
187 |
if ( !$q ) |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
188 |
$db->die_json(); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
189 |
} |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
190 |
|
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
191 |
$response = enano_json_encode($response); |
0 | 192 |
echo $response; |
193 |
return null; |
|
194 |
} |
|
195 |
||
196 |
$level = ( isset($_GET['level']) && in_array($_GET['level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) ) ? intval($_GET['level']) : USER_LEVEL_MEMBER; |
|
197 |
if ( isset($_POST['login']) ) |
|
198 |
{ |
|
199 |
if ( in_array($_POST['auth_level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) ) |
|
200 |
{ |
|
201 |
$level = intval($_POST['auth_level']); |
|
202 |
} |
|
203 |
} |
|
204 |
||
205 |
if ( $level > USER_LEVEL_MEMBER && !$session->user_logged_in ) |
|
206 |
{ |
|
207 |
$level = USER_LEVEL_MEMBER; |
|
208 |
} |
|
93
95c4d91bd954
Redirections to the main page use the redirect() function now
Dan
parents:
85
diff
changeset
|
209 |
if ( $level <= USER_LEVEL_MEMBER && $session->user_logged_in ) |
95c4d91bd954
Redirections to the main page use the redirect() function now
Dan
parents:
85
diff
changeset
|
210 |
$paths->main_page(); |
0 | 211 |
$template->header(); |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
212 |
echo '<form action="'.makeUrl($paths->nslist['Special'].'Login').'" method="post" name="loginform" onsubmit="try{runEncryption();}catch(e){};">'; |
209 | 213 |
$header = ( $level > USER_LEVEL_MEMBER ) ? $lang->get('user_login_message_short_elev') : $lang->get('user_login_message_short'); |
0 | 214 |
if ( isset($_POST['login']) ) |
215 |
{ |
|
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
216 |
$errstring = $__login_status['error']; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
217 |
switch($__login_status['error']) |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
218 |
{ |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
219 |
case 'key_not_found': |
209 | 220 |
$errstring = $lang->get('user_err_key_not_found'); |
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
221 |
break; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
222 |
case 'key_wrong_length': |
209 | 223 |
$errstring = $lang->get('user_err_key_wrong_length'); |
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
224 |
break; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
225 |
case 'too_big_for_britches': |
209 | 226 |
$errstring = $lang->get('user_err_too_big_for_britches'); |
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
227 |
break; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
228 |
case 'invalid_credentials': |
209 | 229 |
$errstring = $lang->get('user_err_invalid_credentials'); |
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
230 |
if ( $__login_status['lockout_policy'] == 'lockout' ) |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
231 |
{ |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
232 |
$errstring .= $lang->get('err_invalid_credentials_lockout', array('fails' => $__login_status['lockout_fails'])); |
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
233 |
} |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
234 |
else if ( $__login_status['lockout_policy'] == 'captcha' ) |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
235 |
{ |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
236 |
$errstring .= $lang->get('user_err_invalid_credentials_lockout_captcha', array('fails' => $__login_status['lockout_fails'])); |
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
237 |
} |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
238 |
break; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
239 |
case 'backend_fail': |
209 | 240 |
$errstring = $lang->get('user_err_backend_fail'); |
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
241 |
break; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
242 |
case 'locked_out': |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
243 |
$attempts = intval($__login_status['lockout_fails']); |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
244 |
if ( $attempts > $__login_status['lockout_threshold']) |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
245 |
$attempts = $__login_status['lockout_threshold']; |
182
c69730750be3
Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues
Dan
parents:
179
diff
changeset
|
246 |
|
c69730750be3
Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues
Dan
parents:
179
diff
changeset
|
247 |
$server_time = time(); |
209 | 248 |
$time_rem = ( $__login_status['lockout_last_time'] == time() ) ? $__login_status['lockout_duration'] : $__login_status['lockout_duration'] - round( ( $server_time - $__login_status['lockout_last_time'] ) / 60 ); |
249 |
if ( $time_rem < 1 ) |
|
250 |
$time_rem = $__login_status['lockout_duration']; |
|
182
c69730750be3
Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues
Dan
parents:
179
diff
changeset
|
251 |
|
209 | 252 |
$s = ( $time_rem == 1 ) ? '' : $lang->get('meta_plural'); |
253 |
||
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
254 |
$captcha_string = ( $__login_status['lockout_policy'] == 'captcha' ) ? $lang->get('user_err_locked_out_captcha_blurb') : ''; |
209 | 255 |
$errstring = $lang->get('user_err_locked_out', array('plural' => $s, 'captcha_blurb' => $captcha_string, 'time_rem' => $time_rem)); |
256 |
||
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
257 |
break; |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
258 |
} |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
259 |
echo '<div class="error-box-mini">'.$errstring.'</div>'; |
0 | 260 |
} |
261 |
if ( $p = $paths->getAllParams() ) |
|
262 |
{ |
|
263 |
echo '<input type="hidden" name="return_to" value="'.$p.'" />'; |
|
264 |
} |
|
265 |
else if ( isset($_POST['login']) && isset($_POST['return_to']) ) |
|
266 |
{ |
|
267 |
echo '<input type="hidden" name="return_to" value="'.htmlspecialchars($_POST['return_to']).'" />'; |
|
268 |
} |
|
269 |
?> |
|
270 |
<div class="tblholder"> |
|
271 |
<table border="0" style="width: 100%;" cellspacing="1" cellpadding="4"> |
|
272 |
<tr> |
|
273 |
<th colspan="3"><?php echo $header; ?></th> |
|
274 |
</tr> |
|
275 |
<tr> |
|
276 |
<td colspan="3" class="row1"> |
|
277 |
<?php |
|
278 |
if ( $level <= USER_LEVEL_MEMBER ) |
|
279 |
{ |
|
209 | 280 |
echo '<p>' . $lang->get('user_login_body', array('reg_link' => makeUrlNS('Special', 'Register'))) . '</p>'; |
0 | 281 |
} |
282 |
else |
|
283 |
{ |
|
209 | 284 |
echo '<p>' . $lang->get('user_login_body_elev') . '</p>'; |
0 | 285 |
} |
286 |
?> |
|
287 |
</td> |
|
288 |
</tr> |
|
289 |
<tr> |
|
290 |
<td class="row2"> |
|
209 | 291 |
<?php echo $lang->get('user_login_field_username'); ?>: |
0 | 292 |
</td> |
293 |
<td class="row1"> |
|
294 |
<input name="username" size="25" type="text" <?php |
|
295 |
if ( $level <= USER_LEVEL_MEMBER ) |
|
296 |
{ |
|
297 |
echo 'tabindex="1" '; |
|
298 |
} |
|
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
30
diff
changeset
|
299 |
else |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
30
diff
changeset
|
300 |
{ |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
30
diff
changeset
|
301 |
echo 'tabindex="3" '; |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
30
diff
changeset
|
302 |
} |
0 | 303 |
if ( $session->user_logged_in ) |
304 |
{ |
|
305 |
echo 'value="' . $session->username . '"'; |
|
306 |
} |
|
307 |
?> /> |
|
308 |
</td> |
|
309 |
<?php if ( $level <= USER_LEVEL_MEMBER ) { ?> |
|
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
310 |
<td rowspan="<?php echo ( ( $locked_out && $lockdata['lockout_policy'] == 'captcha' ) ) ? '4' : '2'; ?>" class="row3"> |
209 | 311 |
<small><?php echo $lang->get('user_login_forgotpass_blurb', array('forgotpass_link' => makeUrlNS('Special', 'PasswordReset'))); ?><br /> |
312 |
<?php echo $lang->get('user_login_createaccount_blurb', array('reg_link' => makeUrlNS('Special', 'Register'))); ?></small> |
|
0 | 313 |
</td> |
314 |
<?php } ?> |
|
315 |
</tr> |
|
316 |
<tr> |
|
209 | 317 |
<td class="row2"> |
318 |
<?php echo $lang->get('user_login_field_password'); ?>: |
|
319 |
</td><td class="row1"><input name="pass" size="25" type="password" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '2' : '1'; ?>" /></td> |
|
0 | 320 |
</tr> |
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
321 |
<?php |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
322 |
if ( $locked_out && $lockdata['lockout_policy'] == 'captcha' ) |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
323 |
{ |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
324 |
?> |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
325 |
<tr> |
209 | 326 |
<td class="row2" rowspan="2"><?php echo $lang->get('user_login_field_captcha'); ?>:<br /></td><td class="row1"><input type="hidden" name="captcha_hash" value="<?php echo $lockdata['captcha']; ?>" /><input name="captcha_code" size="25" type="text" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '4'; ?>" /></td> |
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
327 |
</tr> |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
328 |
<tr> |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
329 |
<td class="row3"> |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
330 |
<img src="<?php echo makeUrlNS('Special', 'Captcha/' . $lockdata['captcha']) ?>" onclick="this.src=this.src+'/a';" style="cursor: pointer;" /> |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
331 |
</td> |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
332 |
</tr> |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
333 |
<?php |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
334 |
} |
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
335 |
?> |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
336 |
<?php |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
337 |
if ( $level <= USER_LEVEL_MEMBER && ( !isset($_GET['use_crypt']) || ( isset($_GET['use_crypt']) && $_GET['use_crypt']!='0' ) ) ) |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
338 |
{ |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
339 |
echo '<tr> |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
340 |
<td class="row3" colspan="3">'; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
341 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
342 |
$returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : ''; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
343 |
$nocrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=0", true); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
344 |
echo '<p><b>' . $lang->get('user_login_nocrypt_title') . '</b> ' . $lang->get('user_login_nocrypt_body', array('nocrypt_link' => $nocrypt_link)) . '</p>'; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
345 |
echo '<p>' . $lang->get('user_login_nocrypt_countrylist') . '</p>'; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
346 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
347 |
echo ' </td> |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
348 |
</tr>'; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
349 |
} |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
350 |
else if ( $level <= USER_LEVEL_MEMBER && ( isset($_GET['use_crypt']) && $_GET['use_crypt']=='0' ) ) |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
351 |
{ |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
352 |
echo '<tr> |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
353 |
<td class="row3" colspan="3">'; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
354 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
355 |
$returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : ''; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
356 |
$usecrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=1", true); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
357 |
echo '<p><b>' . $lang->get('user_login_usecrypt_title') . '</b> ' . $lang->get('user_login_usecrypt_body', array('usecrypt_link' => $usecrypt_link)) . '</p>'; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
358 |
echo '<p>' . $lang->get('user_login_usecrypt_countrylist') . '</p>'; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
359 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
360 |
echo ' </td> |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
361 |
</tr>'; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
362 |
} |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
363 |
?> |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
364 |
|
0 | 365 |
<tr> |
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
30
diff
changeset
|
366 |
<th colspan="3" style="text-align: center" class="subhead"><input type="submit" name="login" value="Log in" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '2'; ?>" /></th> |
0 | 367 |
</tr> |
368 |
</table> |
|
369 |
</div> |
|
370 |
<input type="hidden" name="challenge_data" value="<?php echo $challenge; ?>" /> |
|
371 |
<input type="hidden" name="use_crypt" value="no" /> |
|
372 |
<input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" /> |
|
373 |
<input type="hidden" name="crypt_data" value="" /> |
|
374 |
<input type="hidden" name="auth_level" value="<?php echo (string)$level; ?>" /> |
|
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
30
diff
changeset
|
375 |
<?php if ( $level <= USER_LEVEL_MEMBER ): ?> |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
30
diff
changeset
|
376 |
<script type="text/javascript"> |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
30
diff
changeset
|
377 |
document.forms.loginform.username.focus(); |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
30
diff
changeset
|
378 |
</script> |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
30
diff
changeset
|
379 |
<?php else: ?> |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
30
diff
changeset
|
380 |
<script type="text/javascript"> |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
30
diff
changeset
|
381 |
document.forms.loginform.pass.focus(); |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
30
diff
changeset
|
382 |
</script> |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
30
diff
changeset
|
383 |
<?php endif; ?> |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
384 |
<?php |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
385 |
// 1.1.4 |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
386 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
387 |
require_once( ENANO_ROOT . '/includes/diffiehellman.php' ); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
388 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
389 |
global $dh_supported, $_math; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
390 |
if ( $dh_supported ) |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
391 |
{ |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
392 |
$dh_key_priv = dh_gen_private(); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
393 |
$dh_key_pub = dh_gen_public($dh_key_priv); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
394 |
$dh_key_priv = $_math->str($dh_key_priv); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
395 |
$dh_key_pub = $_math->str($dh_key_pub); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
396 |
// store the keys in the DB |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
397 |
$q = $db->sql_query('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );"); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
398 |
if ( !$q ) |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
399 |
$db->_die(); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
400 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
401 |
echo "<input type=\"hidden\" name=\"dh_supported\" value=\"true\" /> |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
402 |
<input type=\"hidden\" name=\"dh_public_key\" value=\"$dh_key_pub\" /> |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
403 |
<input type=\"hidden\" name=\"dh_client_public_key\" value=\"\" />"; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
404 |
} |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
405 |
else |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
406 |
{ |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
407 |
echo "<input type=\"hidden\" name=\"dh_supported\" value=\"false\" />"; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
408 |
} |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
409 |
?> |
0 | 410 |
</form> |
411 |
<?php |
|
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
412 |
echo $session->aes_javascript('loginform', 'pass', 'use_crypt', 'crypt_key', 'crypt_data', 'challenge_data', 'dh_supported', 'dh_public_key', 'dh_client_public_key'); |
0 | 413 |
?> |
414 |
<?php |
|
415 |
$template->footer(); |
|
416 |
} |
|
417 |
||
418 |
function page_Special_Login_preloader() // adding _preloader to the end of the function name calls the function before $session and $paths setup routines are called |
|
419 |
{ |
|
420 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
421 |
global $__login_status; |
|
210
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
422 |
global $lang; |
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
423 |
if ( $paths->getParam(0) === 'action.json' ) |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
424 |
{ |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
425 |
if ( !isset($_POST['r']) ) |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
426 |
die('No request.'); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
427 |
|
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
428 |
$request = $_POST['r']; |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
429 |
try |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
430 |
{ |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
431 |
$request = enano_json_decode($request); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
432 |
} |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
433 |
catch ( Exception $e ) |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
434 |
{ |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
435 |
die(enano_json_encode(array( |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
436 |
'mode' => 'error', |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
437 |
'error' => 'ERR_JSON_PARSE_FAILED' |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
438 |
))); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
439 |
} |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
440 |
|
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
441 |
echo enano_json_encode($session->process_login_request($request)); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
442 |
|
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
443 |
$db->close(); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
444 |
exit; |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
445 |
} |
0 | 446 |
if ( isset($_GET['act']) && $_GET['act'] == 'ajaxlogin' ) |
447 |
{ |
|
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
448 |
die('This version of the Enano LoginAPI is deprecated. Please use the action.json method instead.'); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
449 |
$db->close(); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
450 |
exit; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
451 |
} |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
452 |
if(isset($_POST['login'])) |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
453 |
{ |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
454 |
$captcha_hash = ( isset($_POST['captcha_hash']) ) ? $_POST['captcha_hash'] : false; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
455 |
$captcha_code = ( isset($_POST['captcha_code']) ) ? $_POST['captcha_code'] : false; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
456 |
if ( $_POST['use_crypt'] == 'yes' ) |
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
457 |
{ |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
458 |
$result = $session->login_with_crypto($_POST['username'], $_POST['crypt_data'], $_POST['crypt_key'], $_POST['challenge_data'], intval($_POST['auth_level']), $captcha_hash, $captcha_code); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
459 |
} |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
460 |
else if ( $_POST['use_crypt'] == 'yes_dh' ) |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
461 |
{ |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
462 |
// retrieve and decrypt the password using DiffieHellman |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
463 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
464 |
require_once( ENANO_ROOT . '/includes/diffiehellman.php' ); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
465 |
global $dh_supported, $_math; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
466 |
|
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
467 |
if ( !$dh_supported ) |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
468 |
{ |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
469 |
die_semicritical('DiffieHellman error', 'Server does not support DiffieHellman, denying logon request'); |
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
470 |
} |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
471 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
472 |
// Fetch private key |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
473 |
$dh_public = $_POST['dh_public_key']; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
474 |
if ( !preg_match('/^[0-9]+$/', $dh_public) ) |
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
475 |
{ |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
476 |
die_semicritical('DiffieHellman error', 'Public key not integer: ' . $dh_public); |
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
477 |
} |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
478 |
$q = $db->sql_query('SELECT private_key, key_id FROM ' . table_prefix . "diffiehellman WHERE public_key = '$dh_public';"); |
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
479 |
if ( !$q ) |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
480 |
$db->die_json(); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
481 |
|
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
482 |
if ( $db->numrows() < 1 ) |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
483 |
{ |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
484 |
die_semicritical('DiffieHellman error', 'ERR_DH_KEY_NOT_FOUND'); |
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
485 |
} |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
486 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
487 |
list($dh_private, $dh_key_id) = $db->fetchrow_num(); |
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
488 |
$db->free_result(); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
489 |
|
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
490 |
// We have the private key, now delete the key pair, we no longer need it |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
491 |
$q = $db->sql_query('DELETE FROM ' . table_prefix . "diffiehellman WHERE key_id = $dh_key_id;"); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
492 |
if ( !$q ) |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
493 |
$db->die_json(); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
494 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
495 |
// Generate the shared secret |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
496 |
$dh_secret = dh_gen_shared_secret($dh_private, $_POST['dh_client_public_key']); |
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
497 |
$dh_secret = $_math->str($dh_secret); |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
498 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
499 |
// Did we get all our math right? |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
500 |
$dh_secret_check = sha1($dh_secret); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
501 |
$dh_hash = $_POST['crypt_key']; |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
502 |
if ( $dh_secret_check !== $dh_hash ) |
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
503 |
{ |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
504 |
die_semicritical('DiffieHellman error', 'ERR_DH_HASH_NO_MATCH'); |
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
505 |
} |
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
506 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
507 |
// All good! Generate the AES key |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
508 |
$aes_key = substr(sha256($dh_secret), 0, ( AES_BITS / 4 )); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
509 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
510 |
// decrypt user info |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
511 |
$aes_key = hexdecode($aes_key); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
512 |
$aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
513 |
$password = $aes->decrypt($_POST['crypt_data'], $aes_key, ENC_HEX); |
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
514 |
|
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents:
504
diff
changeset
|
515 |
$result = $session->login_without_crypto($_POST['username'], $password, false, intval($_POST['auth_level']), $captcha_hash, $captcha_code); |
0 | 516 |
} |
517 |
else |
|
518 |
{ |
|
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
519 |
$result = $session->login_without_crypto($_POST['username'], $_POST['pass'], false, intval($_POST['auth_level']), $captcha_hash, $captcha_code); |
0 | 520 |
} |
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
parents:
371
diff
changeset
|
521 |
|
179
36b287f1d85c
[F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents:
133
diff
changeset
|
522 |
if($result['success']) |
0 | 523 |
{ |
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
parents:
371
diff
changeset
|
524 |
$session->start(); |
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
parents:
371
diff
changeset
|
525 |
|
0 | 526 |
$template->load_theme($session->theme, $session->style); |
527 |
if(isset($_POST['return_to'])) |
|
528 |
{ |
|
529 |
$name = ( isset($paths->pages[$_POST['return_to']]['name']) ) ? $paths->pages[$_POST['return_to']]['name'] : $_POST['return_to']; |
|
210
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
530 |
$subst = array( |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
531 |
'username' => $session->username, |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
532 |
'redir_target' => $name |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
533 |
); |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
534 |
redirect( makeUrl($_POST['return_to'], false, true), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) ); |
0 | 535 |
} |
536 |
else |
|
537 |
{ |
|
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
538 |
$subst = array( |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
539 |
'username' => $session->username, |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
540 |
'redir_target' => $lang->get('user_login_success_body_mainpage') |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
541 |
); |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
542 |
redirect( makeUrl(getConfig('main_page'), false, true), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) ); |
0 | 543 |
} |
544 |
} |
|
545 |
else |
|
546 |
{ |
|
521
d264784355e5
Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents:
517
diff
changeset
|
547 |
if ( $result['error'] === 'valid_reset' ) |
d264784355e5
Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents:
517
diff
changeset
|
548 |
{ |
d264784355e5
Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents:
517
diff
changeset
|
549 |
header('HTTP/1.1 302 Temporary Redirect'); |
d264784355e5
Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents:
517
diff
changeset
|
550 |
header('Location: ' . $result['redirect_url']); |
d264784355e5
Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents:
517
diff
changeset
|
551 |
|
d264784355e5
Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents:
517
diff
changeset
|
552 |
$db->close(); |
d264784355e5
Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents:
517
diff
changeset
|
553 |
exit(); |
d264784355e5
Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
Dan
parents:
517
diff
changeset
|
554 |
} |
0 | 555 |
$GLOBALS['__login_status'] = $result; |
556 |
} |
|
557 |
} |
|
558 |
} |
|
559 |
||
560 |
function SpecialLogin_SendResponse_PasswordReset($user_id, $passkey) |
|
561 |
{ |
|
562 |
||
563 |
$response = Array( |
|
564 |
'result' => 'success_reset', |
|
565 |
'user_id' => $user_id, |
|
566 |
'temppass' => $passkey |
|
567 |
); |
|
568 |
||
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
569 |
$response = enano_json_encode($response); |
0 | 570 |
echo $response; |
571 |
||
572 |
$db->close(); |
|
573 |
||
574 |
exit; |
|
575 |
} |
|
576 |
||
577 |
function page_Special_Logout() { |
|
578 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
210
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
579 |
global $lang; |
93
95c4d91bd954
Redirections to the main page use the redirect() function now
Dan
parents:
85
diff
changeset
|
580 |
if ( !$session->user_logged_in ) |
95c4d91bd954
Redirections to the main page use the redirect() function now
Dan
parents:
85
diff
changeset
|
581 |
$paths->main_page(); |
95c4d91bd954
Redirections to the main page use the redirect() function now
Dan
parents:
85
diff
changeset
|
582 |
|
0 | 583 |
$l = $session->logout(); |
93
95c4d91bd954
Redirections to the main page use the redirect() function now
Dan
parents:
85
diff
changeset
|
584 |
if ( $l == 'success' ) |
95c4d91bd954
Redirections to the main page use the redirect() function now
Dan
parents:
85
diff
changeset
|
585 |
{ |
436
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
586 |
$url = makeUrl(getConfig('main_page'), false, true); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
587 |
if ( $pi = $paths->getAllParams() ) |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
588 |
{ |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
589 |
list($pid, $ns) = RenderMan::strToPageID($pi); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
590 |
$perms = $session->fetch_page_acl($pid, $ns); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
591 |
if ( $perms->get_permissions('read') ) |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
592 |
{ |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
593 |
$url = makeUrl($pi, false, true); |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
594 |
} |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
595 |
} |
242353360e37
Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
430
diff
changeset
|
596 |
redirect($url, $lang->get('user_logout_success_title'), $lang->get('user_logout_success_body'), 4); |
93
95c4d91bd954
Redirections to the main page use the redirect() function now
Dan
parents:
85
diff
changeset
|
597 |
} |
0 | 598 |
$template->header(); |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
599 |
echo '<h3>' . $lang->get('user_logout_err_title') . '</h3>'; |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
600 |
echo '<p>' . $l . '</p>'; |
0 | 601 |
$template->footer(); |
602 |
} |
|
603 |
||
30 | 604 |
function page_Special_Register() |
605 |
{ |
|
0 | 606 |
global $db, $session, $paths, $template, $plugins; // Common objects |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
607 |
global $lang; |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
608 |
|
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
609 |
// form field trackers |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
610 |
$username = ''; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
611 |
$email = ''; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
612 |
$realname = ''; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
613 |
|
348
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
614 |
$terms = getConfig('register_tou'); |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
615 |
|
0 | 616 |
if(getConfig('account_activation') == 'disable' && ( ( $session->user_level >= USER_LEVEL_ADMIN && !isset($_GET['IWannaPlayToo']) ) || $session->user_level < USER_LEVEL_ADMIN || !$session->user_logged_in )) |
617 |
{ |
|
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
618 |
$s = ($session->user_level >= USER_LEVEL_ADMIN) ? '<p>' . $lang->get('user_reg_err_disabled_body_adminblurb', array( 'reg_link' => makeUrl($paths->page, 'IWannaPlayToo&coppa=no', true) )) . '</p>' : ''; |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
619 |
die_friendly($lang->get('user_reg_err_disabled_title'), '<p>' . $lang->get('user_reg_err_disabled_body') . '</p>' . $s); |
0 | 620 |
} |
93
95c4d91bd954
Redirections to the main page use the redirect() function now
Dan
parents:
85
diff
changeset
|
621 |
if ( $session->user_level < USER_LEVEL_ADMIN && $session->user_logged_in ) |
95c4d91bd954
Redirections to the main page use the redirect() function now
Dan
parents:
85
diff
changeset
|
622 |
{ |
95c4d91bd954
Redirections to the main page use the redirect() function now
Dan
parents:
85
diff
changeset
|
623 |
$paths->main_page(); |
95c4d91bd954
Redirections to the main page use the redirect() function now
Dan
parents:
85
diff
changeset
|
624 |
} |
30 | 625 |
if(isset($_POST['submit'])) |
626 |
{ |
|
627 |
$_GET['coppa'] = ( isset($_POST['coppa']) ) ? $_POST['coppa'] : 'x'; |
|
628 |
||
0 | 629 |
$captcharesult = $session->get_captcha($_POST['captchahash']); |
263
d57af0b0302e
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents:
192
diff
changeset
|
630 |
$session->kill_captcha(); |
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
631 |
if ( strtolower($captcharesult) != strtolower($_POST['captchacode']) ) |
30 | 632 |
{ |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
633 |
$s = $lang->get('user_reg_err_captcha'); |
30 | 634 |
} |
0 | 635 |
else |
30 | 636 |
{ |
637 |
if ( getConfig('enable_coppa') == '1' && ( !isset($_POST['coppa']) || ( isset($_POST['coppa']) && !in_array($_POST['coppa'], array('yes', 'no')) ) ) ) |
|
638 |
{ |
|
639 |
$s = 'Invalid COPPA input'; |
|
640 |
} |
|
348
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
641 |
else if ( !empty($terms) && !isset($_POST['tou_agreed']) ) |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
642 |
{ |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
643 |
$s = $lang->get('user_reg_err_accept_tou'); |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
644 |
} |
30 | 645 |
else |
646 |
{ |
|
647 |
$coppa = ( isset($_POST['coppa']) && $_POST['coppa'] == 'yes' ); |
|
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
648 |
$s = false; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
649 |
|
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
650 |
// decrypt password |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
651 |
// as with the change pass form, we aren't going to bother checking the confirmation code because if the passwords didn't match |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
652 |
// and yet the password got encrypted, that means the user screwed with the code, and if the user screwed with the code and thus |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
653 |
// forgot his password, that's his problem. |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
654 |
|
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
655 |
if ( $_POST['use_crypt'] == 'yes' ) |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
656 |
{ |
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
270
diff
changeset
|
657 |
$aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE); |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
658 |
$crypt_key = $session->fetch_public_key($_POST['crypt_key']); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
659 |
if ( !$crypt_key ) |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
660 |
{ |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
661 |
$s = $lang->get('user_reg_err_missing_key'); |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
662 |
} |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
663 |
else |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
664 |
{ |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
665 |
$data = $_POST['crypt_data']; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
666 |
$bin_key = hexdecode($crypt_key); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
667 |
//die("Decrypting with params: key $crypt_key, data $data"); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
668 |
$password = $aes->decrypt($data, $bin_key, ENC_HEX); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
669 |
} |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
670 |
} |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
671 |
else |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
672 |
{ |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
673 |
$password = $_POST['password']; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
674 |
} |
30 | 675 |
|
676 |
// CAPTCHA code was correct, create the account |
|
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
677 |
// ... and check for errors returned from the crypto API |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
678 |
if ( !$s ) |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
679 |
$s = $session->create_user($_POST['username'], $password, $_POST['email'], $_POST['real_name'], $coppa); |
30 | 680 |
} |
681 |
} |
|
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
682 |
if($s == 'success' && !$coppa) |
0 | 683 |
{ |
684 |
switch(getConfig('account_activation')) |
|
685 |
{ |
|
686 |
case "none": |
|
687 |
default: |
|
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
688 |
$str = $lang->get('user_reg_msg_success_activ_none', array('login_link' => makeUrlNS('Special', 'Login', false, true))); |
0 | 689 |
break; |
690 |
case "user": |
|
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
691 |
$str = $lang->get('user_reg_msg_success_activ_user'); |
0 | 692 |
break; |
693 |
case "admin": |
|
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
694 |
$str = $lang->get('user_reg_msg_success_activ_admin'); |
0 | 695 |
break; |
696 |
} |
|
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
697 |
die_friendly($lang->get('user_reg_msg_success_title'), '<p>' . $lang->get('user_reg_msg_success_body') . ' ' . $str . '</p>'); |
0 | 698 |
} |
30 | 699 |
else if ( $s == 'success' && $coppa ) |
700 |
{ |
|
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
701 |
$str = $lang->get('user_reg_msg_success_activ_coppa'); |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
702 |
die_friendly($lang->get('user_reg_msg_success_title'), '<p>' . $lang->get('user_reg_msg_success_body') . ' ' . $str . '</p>'); |
30 | 703 |
} |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
704 |
$username = htmlspecialchars($_POST['username']); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
705 |
$email = htmlspecialchars($_POST['email']); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
706 |
$realname = htmlspecialchars($_POST['real_name']); |
0 | 707 |
} |
708 |
$template->header(); |
|
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
709 |
echo $lang->get('user_reg_msg_greatercontrol'); |
30 | 710 |
|
711 |
if ( getConfig('enable_coppa') != '1' || ( isset($_GET['coppa']) && in_array($_GET['coppa'], array('yes', 'no')) ) ) |
|
712 |
{ |
|
713 |
$coppa = ( isset($_GET['coppa']) && $_GET['coppa'] == 'yes' ); |
|
714 |
$session->kill_captcha(); |
|
715 |
$captchacode = $session->make_captcha(); |
|
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
716 |
|
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
717 |
$pubkey = $session->rijndael_genkey(); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
718 |
$challenge = $session->dss_rand(); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
719 |
|
30 | 720 |
?> |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
721 |
<h3><?php echo $lang->get('user_reg_msg_table_title'); ?></h3> |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
722 |
<form name="regform" action="<?php echo makeUrl($paths->page); ?>" method="post" onsubmit="return runEncryption();"> |
30 | 723 |
<div class="tblholder"> |
724 |
<table border="0" width="100%" cellspacing="1" cellpadding="4"> |
|
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
725 |
<tr><th class="subhead" colspan="3"><?php echo $lang->get('user_reg_msg_table_subtitle'); ?></th></tr> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
726 |
|
30 | 727 |
<?php if(isset($_POST['submit'])) echo '<tr><td colspan="3" class="row2" style="color: red;">'.$s.'</td></tr>'; ?> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
728 |
|
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
729 |
<!-- FIELD: Username --> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
730 |
<tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
731 |
<td class="row1" style="width: 50%;"> |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
732 |
<?php echo $lang->get('user_reg_lbl_field_username'); ?> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
733 |
<span id="e_username"></span> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
734 |
</td> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
735 |
<td class="row1" style="width: 50%;"> |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
736 |
<input tabindex="1" type="text" name="username" size="30" value="<?php echo $username; ?>" onkeyup="namegood = false; validateForm(this);" onblur="checkUsername();" /> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
737 |
</td> |
404
fb4f9e6f378f
Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents:
402
diff
changeset
|
738 |
<td class="row1" style="width: 1px;"> |
fb4f9e6f378f
Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents:
402
diff
changeset
|
739 |
<img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_username" /> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
740 |
</td> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
741 |
</tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
742 |
|
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
743 |
<!-- FIELD: Password --> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
744 |
<tr> |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
745 |
<td class="row3" style="width: 50%;" rowspan="<?php echo ( getConfig('pw_strength_enable') == '1' ) ? '3' : '2'; ?>"> |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
746 |
<?php echo $lang->get('user_reg_lbl_field_password'); ?> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
747 |
<span id="e_password"></span> |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
748 |
<?php if ( getConfig('pw_strength_enable') == '1' && getConfig('pw_strength_minimum') > -10 ): ?> |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
749 |
<small><?php echo $lang->get('user_reg_msg_password_score'); ?></small> |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
750 |
<?php endif; ?> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
751 |
</td> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
752 |
<td class="row3" style="width: 50%;"> |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
753 |
<input tabindex="2" type="password" name="password" size="15" onkeyup="<?php if ( getConfig('pw_strength_enable') == '1' ): ?>password_score_field(this); <?php endif; ?>validateForm(this);" /><?php if ( getConfig('pw_strength_enable') == '1' ): ?><span class="password-checker" style="font-weight: bold; color: #aaaaaa;"> Loading...</span><?php endif; ?> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
754 |
</td> |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
755 |
<td rowspan="<?php echo ( getConfig('pw_strength_enable') == '1' ) ? '3' : '2'; ?>" class="row3" style="max-width: 24px;"> |
404
fb4f9e6f378f
Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents:
402
diff
changeset
|
756 |
<img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_password" /> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
757 |
</td> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
758 |
</tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
759 |
|
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
760 |
<!-- FIELD: Password confirmation --> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
761 |
<tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
762 |
<td class="row3" style="width: 50%;"> |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
763 |
<input tabindex="3" type="password" name="password_confirm" size="15" onkeyup="validateForm(this);" /> <small><?php echo $lang->get('user_reg_lbl_field_password_confirm'); ?></small> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
764 |
</td> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
765 |
</tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
766 |
|
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
767 |
<!-- FIELD: Password strength meter --> |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
768 |
|
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
769 |
<?php if ( getConfig('pw_strength_enable') == '1' ): ?> |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
770 |
<tr> |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
771 |
<td class="row3" style="width: 50%;"> |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
772 |
<div id="pwmeter"></div> |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
773 |
</td> |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
774 |
</tr> |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
775 |
<?php endif; ?> |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
776 |
|
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
777 |
<!-- FIELD: E-mail address --> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
778 |
<tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
779 |
<td class="row1" style="width: 50%;"> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
780 |
<?php |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
781 |
if ( $coppa ) |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
782 |
{ |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
783 |
echo $lang->get('user_reg_lbl_field_email_coppa'); |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
784 |
} |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
785 |
else |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
786 |
{ |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
787 |
echo $lang->get('user_reg_lbl_field_email'); |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
788 |
} |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
789 |
?> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
790 |
<?php |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
791 |
if ( ( $x = getConfig('account_activation') ) == 'user' ) |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
792 |
{ |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
793 |
echo '<br /><small>' . $lang->get('user_reg_msg_email_activuser') . '</small>'; |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
794 |
} |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
795 |
?> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
796 |
</td> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
797 |
<td class="row1" style="width: 50%;"> |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
798 |
<input tabindex="4" type="text" name="email" size="30" value="<?php echo $email; ?>" onkeyup="validateForm(this);" /> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
799 |
</td> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
800 |
<td class="row1" style="max-width: 24px;"> |
404
fb4f9e6f378f
Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents:
402
diff
changeset
|
801 |
<img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_email" /> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
802 |
</td> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
803 |
</tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
804 |
|
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
805 |
<!-- FIELD: Real name --> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
806 |
<tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
807 |
<td class="row3" style="width: 50%;"> |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
808 |
<?php echo $lang->get('user_reg_lbl_field_realname'); ?><br /> |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
809 |
<small><?php echo $lang->get('user_reg_msg_realname_optional'); ?></small> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
810 |
</td> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
811 |
<td class="row3" style="width: 50%;"> |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
812 |
<input tabindex="5" type="text" name="real_name" size="30" value="<?php echo $realname; ?>" /></td><td class="row3" style="max-width: 24px;"> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
813 |
</td> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
814 |
</tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
815 |
|
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
816 |
<!-- FIELD: CAPTCHA image --> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
817 |
<tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
818 |
<td class="row1" style="width: 50%;" rowspan="2"> |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
819 |
<?php echo $lang->get('user_reg_lbl_field_captcha'); ?><br /> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
820 |
<small> |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
821 |
<?php echo $lang->get('user_reg_msg_captcha_pleaseenter', array('regen_flags' => 'href="#" onclick="regenCaptcha(); return false;"')); ?><br /> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
822 |
<br /> |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
823 |
<?php echo $lang->get('user_reg_msg_captcha_blind'); ?> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
824 |
</small> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
825 |
</td> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
826 |
<td colspan="2" class="row1"> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
827 |
<img id="captchaimg" alt="CAPTCHA image" src="<?php echo makeUrlNS('Special', 'Captcha/'.$captchacode); ?>" /> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
828 |
<span id="b_username"></span> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
829 |
</td> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
830 |
</tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
831 |
|
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
832 |
<!-- FIELD: CAPTCHA input field --> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
833 |
<tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
834 |
<td class="row1" colspan="2"> |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
835 |
<?php echo $lang->get('user_reg_lbl_field_captcha_code'); ?> |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
836 |
<input tabindex="6" name="captchacode" type="text" size="10" /> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
837 |
<input type="hidden" name="captchahash" value="<?php echo $captchacode; ?>" /> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
838 |
</td> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
839 |
</tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
840 |
|
348
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
841 |
<!-- FIELD: TOU --> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
842 |
|
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
843 |
<?php |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
844 |
if ( !empty($terms) ): |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
845 |
?> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
846 |
|
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
847 |
<tr> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
848 |
<td class="row1" colspan="3"> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
849 |
<?php |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
850 |
echo $lang->get('user_reg_msg_please_read_tou'); |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
851 |
?> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
852 |
</td> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
853 |
</tr> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
854 |
|
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
855 |
<tr> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
856 |
<td class="row3" colspan="3"> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
857 |
<div style="border: 1px solid #000000; height: 75px; width: 60%; clip: rect(0px,auto,auto,0px); overflow: auto; background-color: #FFF; margin: 0 auto; padding: 4px;"> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
858 |
<?php |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
859 |
echo RenderMan::render($terms); |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
860 |
?> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
861 |
</div> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
862 |
<p style="text-align: center;"> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
863 |
<label> |
371
dc6026376919
Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files
Dan
parents:
359
diff
changeset
|
864 |
<input tabindex="7" type="checkbox" name="tou_agreed" /> |
348
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
865 |
<b><?php echo $lang->get('user_reg_lbl_field_tou'); ?></b> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
866 |
</label> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
867 |
</p> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
868 |
</td> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
869 |
</tr> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
870 |
|
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
871 |
<?php |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
872 |
endif; |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
873 |
?> |
87e08a6e4fec
Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents:
345
diff
changeset
|
874 |
|
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
875 |
<!-- FIELD: submit button --> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
876 |
<tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
877 |
<th class="subhead" colspan="3" style="text-align: center;"> |
371
dc6026376919
Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files
Dan
parents:
359
diff
changeset
|
878 |
<input tabindex="8" type="submit" name="submit" value="<?php echo $lang->get('user_reg_btn_create_account'); ?>" /> |
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
879 |
</td> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
880 |
</tr> |
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents:
93
diff
changeset
|
881 |
|
30 | 882 |
</table> |
883 |
</div> |
|
884 |
<?php |
|
885 |
$val = ( $coppa ) ? 'yes' : 'no'; |
|
886 |
echo '<input type="hidden" name="coppa" value="' . $val . '" />'; |
|
887 |
?> |
|
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
888 |
<input type="hidden" name="challenge_data" value="<?php echo $challenge; ?>" /> |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
889 |
<input type="hidden" name="use_crypt" value="no" /> |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
890 |
<input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" /> |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
891 |
<input type="hidden" name="crypt_data" value="" /> |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
892 |
<script type="text/javascript"> |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
893 |
// ENCRYPTION CODE |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
894 |
disableJSONExts(); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
895 |
str = ''; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
896 |
for(i=0;i<keySizeInBits/4;i++) str+='0'; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
897 |
var key = hexToByteArray(str); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
898 |
var pt = hexToByteArray(str); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
899 |
var ct = rijndaelEncrypt(pt, key, "ECB"); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
900 |
var ct = byteArrayToHex(ct); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
901 |
switch(keySizeInBits) |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
902 |
{ |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
903 |
case 128: |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
904 |
v = '66e94bd4ef8a2c3b884cfa59ca342b2e'; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
905 |
break; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
906 |
case 192: |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
907 |
v = 'aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7'; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
908 |
break; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
909 |
case 256: |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
910 |
v = 'dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087'; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
911 |
break; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
912 |
} |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
913 |
var aes_testpassed = ( ct == v && md5_vm_test() ); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
914 |
function runEncryption() |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
915 |
{ |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
916 |
var frm = document.forms.regform; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
917 |
if ( frm.password.value.length < 1 ) |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
918 |
return true; |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
919 |
pass1 = frm.password.value; |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
920 |
pass2 = frm.password_confirm.value; |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
921 |
if ( pass1 != pass2 ) |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
922 |
{ |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
923 |
alert($lang.get('user_reg_err_alert_password_nomatch')); |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
924 |
return false; |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
925 |
} |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
926 |
if ( pass1.length < 6 && pass1.length > 0 ) |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
927 |
{ |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
928 |
alert($lang.get('user_reg_err_alert_password_tooshort')); |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
929 |
return false; |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
930 |
} |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
931 |
if(aes_testpassed) |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
932 |
{ |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
933 |
frm.use_crypt.value = 'yes'; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
934 |
var cryptkey = frm.crypt_key.value; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
935 |
frm.crypt_key.value = hex_md5(cryptkey); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
936 |
cryptkey = hexToByteArray(cryptkey); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
937 |
if(!cryptkey || ( ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 ) |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
938 |
{ |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
939 |
frm.submit.disabled = true; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
940 |
len = ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : ''; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
941 |
alert('The key is messed up\nType: '+typeof(cryptkey)+len); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
942 |
} |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
943 |
pass = frm.password.value; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
944 |
pass = stringToByteArray(pass); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
945 |
cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB'); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
946 |
if(!cryptstring) |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
947 |
{ |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
948 |
return false; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
949 |
} |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
950 |
cryptstring = byteArrayToHex(cryptstring); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
951 |
frm.crypt_data.value = cryptstring; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
952 |
frm.password.value = ""; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
953 |
frm.password_confirm.value = ""; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
954 |
} |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
955 |
return true; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
956 |
} |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
957 |
</script> |
30 | 958 |
</form> |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
959 |
<!-- Don't optimize this script, it fails when compressed --> |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
960 |
<enano:no-opt> |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
961 |
<script type="text/javascript"> |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
962 |
// <![CDATA[ |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
963 |
var namegood = false; |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
964 |
function validateForm(field) |
0 | 965 |
{ |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
966 |
if ( typeof(field) != 'object' ) |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
967 |
{ |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
968 |
field = { |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
969 |
name: '_nil', |
459
31c23016ab62
Upgraded tinyMCE to 3.0.1 in hopes of fixing IE race conditions. Fixed a couple minor syntax errors in Javascript objects declared in various places.
Dan
parents:
458
diff
changeset
|
970 |
value: '_nil' |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
971 |
} |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
972 |
} |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
973 |
// wait until $lang is initted |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
974 |
if ( typeof($lang) != 'object' ) |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
975 |
{ |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
976 |
setTimeout('validateForm();', 200); |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
977 |
return false; |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
978 |
} |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
979 |
var frm = document.forms.regform; |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
980 |
failed = false; |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
981 |
|
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
982 |
// Username |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
983 |
if(!namegood && ( field.name == 'username' || field.name == '_nil' ) ) |
30 | 984 |
{ |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
985 |
//if(frm.username.value.match(/^([A-z0-9 \!@\-\(\)]+){2,}$/ig)) |
270
5bcdee999015
Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Dan
parents:
263
diff
changeset
|
986 |
var regex = new RegExp('^([^<>&\?]+){2,}$', 'ig'); |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
987 |
if ( frm.username.value.match(regex) ) |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
988 |
{ |
404
fb4f9e6f378f
Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents:
402
diff
changeset
|
989 |
document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkunk.png'; |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
990 |
document.getElementById('e_username').innerHTML = ' '; |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
991 |
} else { |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
992 |
failed = true; |
404
fb4f9e6f378f
Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents:
402
diff
changeset
|
993 |
document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png'; |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
994 |
document.getElementById('e_username').innerHTML = '<br /><small>' + $lang.get('user_reg_err_username_invalid') + '</small>'; |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
995 |
} |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
996 |
} |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
997 |
document.getElementById('b_username').innerHTML = ''; |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
998 |
if(hex_md5(frm.real_name.value) == '5a397df72678128cf0e8147a2befd5f1') |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
999 |
{ |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1000 |
document.getElementById('b_username').innerHTML = '<br /><br />Hey...I know you!<br /><img alt="" src="http://upload.wikimedia.org/wikipedia/commons/thumb/7/7f/Bill_Gates_2004_cr.jpg/220px-Bill_Gates_2004_cr.jpg" />'; |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1001 |
} |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1002 |
|
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1003 |
// Password |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1004 |
if ( field.name == 'password' || field.name == 'password_confirm' || field.name == '_nil' ) |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1005 |
{ |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1006 |
if(frm.password.value.match(/^(.+){6,}$/ig) && frm.password_confirm.value.match(/^(.+){6,}$/ig) && frm.password.value == frm.password_confirm.value ) |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1007 |
{ |
404
fb4f9e6f378f
Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents:
402
diff
changeset
|
1008 |
document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/check.png'; |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1009 |
document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_err_password_good') + '</small>'; |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1010 |
} else { |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1011 |
failed = true; |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1012 |
if(frm.password.value.length < 6) |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1013 |
{ |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1014 |
document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_msg_password_length') + '</small>'; |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1015 |
} |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1016 |
else if(frm.password.value != frm.password_confirm.value) |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1017 |
{ |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1018 |
document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_msg_password_needmatch') + '</small>'; |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1019 |
} |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1020 |
else |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1021 |
{ |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1022 |
document.getElementById('e_password').innerHTML = ''; |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1023 |
} |
404
fb4f9e6f378f
Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents:
402
diff
changeset
|
1024 |
document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/checkbad.png'; |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1025 |
} |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1026 |
} |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1027 |
|
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1028 |
// E-mail address |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1029 |
|
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1030 |
// workaround for idiot jEdit bug |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1031 |
if ( validateEmail(frm.email.value) && ( field.name == 'email' || field.name == '_nil' ) ) |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1032 |
{ |
404
fb4f9e6f378f
Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents:
402
diff
changeset
|
1033 |
document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/check.png'; |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1034 |
} else { |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1035 |
failed = true; |
404
fb4f9e6f378f
Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents:
402
diff
changeset
|
1036 |
document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/checkbad.png'; |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1037 |
} |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1038 |
if(failed) |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1039 |
{ |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1040 |
frm.submit.disabled = 'disabled'; |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1041 |
} else { |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1042 |
frm.submit.disabled = false; |
30 | 1043 |
} |
1044 |
} |
|
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1045 |
function checkUsername() |
30 | 1046 |
{ |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1047 |
var frm = document.forms.regform; |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1048 |
|
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1049 |
if(!namegood) |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1050 |
{ |
270
5bcdee999015
Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Dan
parents:
263
diff
changeset
|
1051 |
var regex = new RegExp('^([^<>&\?]+){2,}$', 'ig'); |
5bcdee999015
Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Dan
parents:
263
diff
changeset
|
1052 |
if ( frm.username.value.match(regex) ) |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1053 |
{ |
404
fb4f9e6f378f
Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents:
402
diff
changeset
|
1054 |
document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkunk.png'; |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1055 |
document.getElementById('e_username').innerHTML = ' '; |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1056 |
} else { |
404
fb4f9e6f378f
Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents:
402
diff
changeset
|
1057 |
document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png'; |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1058 |
document.getElementById('e_username').innerHTML = '<br /><small>' + $lang.get('user_reg_err_username_invalid') + '</small>'; |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1059 |
return false; |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1060 |
} |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1061 |
} |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1062 |
|
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1063 |
document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_checking') + '</b></small>'; |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1064 |
ajaxGet('<?php echo scriptPath; ?>/ajax.php?title=null&_mode=checkusername&name='+escape(frm.username.value), function() { |
407
35d94240a197
Mass-fixed all AJAX functions to also check the HTTP status code before parsing the response
Dan
parents:
404
diff
changeset
|
1065 |
if ( ajax.readyState == 4 && ajax.status == 200 ) |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1066 |
if(ajax.responseText == 'good') |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1067 |
{ |
404
fb4f9e6f378f
Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents:
402
diff
changeset
|
1068 |
document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/check.png'; |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1069 |
document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_available') + '</b></small>'; |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1070 |
namegood = true; |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1071 |
} else if(ajax.responseText == 'bad') { |
404
fb4f9e6f378f
Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents:
402
diff
changeset
|
1072 |
document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png'; |
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1073 |
document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_unavailable') + '</b></small>'; |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1074 |
namegood = false; |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1075 |
} else { |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1076 |
document.getElementById('e_username').innerHTML = ajax.responseText; |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1077 |
} |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1078 |
}); |
0 | 1079 |
} |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1080 |
function regenCaptcha() |
30 | 1081 |
{ |
448 | 1082 |
var frm = document.forms.regform; |
517 | 1083 |
document.getElementById('captchaimg').src = '<?php echo makeUrlNS("Special", "Captcha/$captchacode"); ?>/'+Math.floor(Math.random() * 100000); |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1084 |
return false; |
30 | 1085 |
} |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1086 |
<?php if ( getConfig('pw_strength_enable') == '1' ): ?> |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1087 |
var frm = document.forms.regform; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1088 |
password_score_field(frm.password); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1089 |
<?php endif; ?> |
125
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1090 |
validateForm(); |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1091 |
setTimeout('checkUsername();', 1000); |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1092 |
// ]]> |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1093 |
</script> |
fb31c951d3a2
Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents:
116
diff
changeset
|
1094 |
</enano:no-opt> |
30 | 1095 |
<?php |
1096 |
} |
|
1097 |
else |
|
1098 |
{ |
|
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
1099 |
$year = intval( enano_date('Y') ); |
30 | 1100 |
$year = $year - 13; |
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
1101 |
$month = enano_date('F'); |
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
1102 |
$day = enano_date('d'); |
30 | 1103 |
|
1104 |
$yo13_date = "$month $day, $year"; |
|
1105 |
$link_coppa_yes = makeUrlNS('Special', 'Register', 'coppa=yes', true); |
|
1106 |
$link_coppa_no = makeUrlNS('Special', 'Register', 'coppa=no', true); |
|
1107 |
||
1108 |
// COPPA enabled, ask age |
|
1109 |
echo '<div class="tblholder">'; |
|
1110 |
echo '<table border="0" cellspacing="1" cellpadding="4">'; |
|
1111 |
echo '<tr> |
|
1112 |
<td class="row1"> |
|
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1113 |
' . $lang->get('user_reg_coppa_title') . ' |
30 | 1114 |
</td> |
1115 |
</tr> |
|
1116 |
<tr> |
|
1117 |
<td class="row3"> |
|
221
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1118 |
<a href="' . $link_coppa_no . '">' . $lang->get('user_reg_coppa_link_atleast13', array( 'yo13_date' => $yo13_date )) . '</a><br /> |
e5302cb1945c
Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents:
210
diff
changeset
|
1119 |
<a href="' . $link_coppa_yes . '">' . $lang->get('user_reg_coppa_link_not13', array( 'yo13_date' => $yo13_date )) . '</a> |
30 | 1120 |
</td> |
1121 |
</tr>'; |
|
1122 |
echo '</table>'; |
|
1123 |
echo '</div>'; |
|
1124 |
} |
|
0 | 1125 |
$template->footer(); |
1126 |
} |
|
1127 |
||
1128 |
function page_Special_Contributions() { |
|
1129 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1130 |
global $lang; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1131 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1132 |
// This is a vast improvement over the old Special:Contributions in 1.0.x. |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1133 |
|
0 | 1134 |
$template->header(); |
1135 |
$user = $paths->getParam(); |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1136 |
if ( !$user && isset($_GET['user']) ) |
0 | 1137 |
{ |
1138 |
$user = $_GET['user']; |
|
1139 |
} |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1140 |
else if ( !$user && !isset($_GET['user']) ) |
0 | 1141 |
{ |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1142 |
echo '<p>' . $lang->get('userfuncs_contribs_err_no_user') . '</p>'; |
0 | 1143 |
$template->footer(); |
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents:
60
diff
changeset
|
1144 |
return; |
0 | 1145 |
} |
1146 |
||
1147 |
$user = $db->escape($user); |
|
414
818b4cd12b8b
Added "is_draft != 1" where appropriate in SQL queries to prevent drafts from being treated as real revisions.
Dan
parents:
411
diff
changeset
|
1148 |
$q = 'SELECT log_type, time_id, action, date_string, page_id, namespace, author, edit_summary, minor_edit, page_id, namespace, ( action = \'edit\' ) AS is_edit FROM '.table_prefix.'logs WHERE author=\''.$user.'\' AND log_type=\'page\' AND is_draft != 1 ORDER BY is_edit DESC, time_id DESC;'; |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1149 |
$q = $db->sql_query($q); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1150 |
if ( !$q ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1151 |
$db->_die('SpecialUserFuncs selecting contribution data'); |
0 | 1152 |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1153 |
echo '<h3>' . $lang->get('userfuncs_contribs_heading_edits') . '</h3>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1154 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1155 |
$cnt_edits = 0; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1156 |
$cnt_other = 0; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1157 |
$current = 'cnt_edits'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1158 |
$cls = 'row2'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1159 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1160 |
while ( $row = $db->fetchrow($q) ) |
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents:
60
diff
changeset
|
1161 |
{ |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1162 |
if ( $current == 'cnt_edits' && $row['is_edit'] != 1 ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1163 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1164 |
// No longer processing page edits - split the table |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1165 |
if ( $cnt_edits == 0 ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1166 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1167 |
echo '<p>' . $lang->get('userfuncs_contribs_msg_no_edits') . '</p>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1168 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1169 |
else |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1170 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1171 |
echo '</table></div>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1172 |
echo '<h3>' . $lang->get('userfuncs_contribs_heading_other') . '</h3>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1173 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1174 |
$current = 'cnt_other'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1175 |
$cls = 'row2'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1176 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1177 |
if ( $$current == 0 ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1178 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1179 |
echo '<div class="tblholder"> |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1180 |
<table border="0" cellspacing="1" cellpadding="4">'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1181 |
echo ' <tr> |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1182 |
<th>' . $lang->get('history_col_datetime') . '</th>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1183 |
echo ' <th>' . $lang->get('history_col_page') . '</th>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1184 |
if ( $current == 'cnt_edits' ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1185 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1186 |
echo ' <th>' . $lang->get('history_col_summary') . '</th>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1187 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1188 |
echo ' <th>' . $lang->get('history_col_minor') . '</th>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1189 |
if ( $current == 'cnt_other' ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1190 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1191 |
echo ' <th>' . $lang->get('history_col_action_taken') . '</th> |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1192 |
<th>' . $lang->get('history_col_extra') . '</th> |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1193 |
'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1194 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1195 |
echo ' <th>' . $lang->get('history_col_actions') . '</th> |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1196 |
</tr>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1197 |
} |
377
bb3e6c3bd4f4
Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
Dan
parents:
372
diff
changeset
|
1198 |
$$current++; |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1199 |
$cls = ( $cls == 'row1' ) ? 'row2' : 'row1'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1200 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1201 |
echo '<tr>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1202 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1203 |
// date & time |
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
1204 |
echo ' <td class="' . $cls . '">' . enano_date('d M Y h:i a', $row['time_id']) . '</td>'; |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1205 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1206 |
// page & link to said page |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1207 |
echo ' <td class="' . $cls . '"><a href="' . makeUrlNS($row['namespace'], $row['page_id']) . '">' . get_page_title_ns($row['page_id'], $row['namespace']) . '</a></td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1208 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1209 |
switch ( $row['action'] ) |
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents:
60
diff
changeset
|
1210 |
{ |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1211 |
case 'edit': |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1212 |
if ( $row['edit_summary'] == 'Automatic backup created when logs were purged' ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1213 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1214 |
$row['edit_summary'] = $lang->get('history_summary_clearlogs'); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1215 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1216 |
else if ( empty($row['edit_summary']) ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1217 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1218 |
$row['edit_summary'] = '<span style="color: #808080">' . $lang->get('history_summary_none_given') . '</span>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1219 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1220 |
echo ' <td class="' . $cls . '">' . $row['edit_summary'] . '</td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1221 |
if ( $row['minor_edit'] == 1 ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1222 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1223 |
echo '<td class="' . $cls . '"><b>M</b></td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1224 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1225 |
else |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1226 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1227 |
echo '<td class="' . $cls . '"></td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1228 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1229 |
break; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1230 |
case 'prot': |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1231 |
echo ' <td class="' . $cls . '"></td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1232 |
echo ' <td class="' . $cls . '">' . $lang->get('history_log_protect') . '</td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1233 |
echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1234 |
break; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1235 |
case 'unprot': |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1236 |
echo ' <td class="' . $cls . '"></td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1237 |
echo ' <td class="' . $cls . '">' . $lang->get('history_log_unprotect') . '</td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1238 |
echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1239 |
break; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1240 |
case 'semiprot': |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1241 |
echo ' <td class="' . $cls . '"></td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1242 |
echo ' <td class="' . $cls . '">' . $lang->get('history_log_semiprotect') . '</td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1243 |
echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1244 |
break; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1245 |
case 'rename': |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1246 |
echo ' <td class="' . $cls . '"></td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1247 |
echo ' <td class="' . $cls . '">' . $lang->get('history_log_rename') . '</td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1248 |
echo ' <td class="' . $cls . '">' . $lang->get('history_extra_oldtitle') . ' ' . htmlspecialchars($row['edit_summary']) . '</td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1249 |
break; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1250 |
case 'create': |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1251 |
echo ' <td class="' . $cls . '"></td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1252 |
echo ' <td class="' . $cls . '">' . $lang->get('history_log_create') . '</td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1253 |
echo ' <td class="' . $cls . '"></td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1254 |
break; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1255 |
case 'delete': |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1256 |
echo ' <td class="' . $cls . '"></td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1257 |
echo ' <td class="' . $cls . '">' . $lang->get('history_log_delete') . '</td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1258 |
echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1259 |
break; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1260 |
case 'reupload': |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1261 |
echo ' <td class="' . $cls . '"></td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1262 |
echo ' <td class="' . $cls . '">' . $lang->get('history_log_uploadnew') . '</td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1263 |
echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1264 |
break; |
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents:
60
diff
changeset
|
1265 |
} |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1266 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1267 |
// actions column |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1268 |
echo ' <td class="' . $cls . '" style="text-align: center;">'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1269 |
if ( $row['is_edit'] == 1 ) |
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents:
60
diff
changeset
|
1270 |
{ |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1271 |
echo ' <a href="' . makeUrlNS($row['namespace'], $row['page_id'], "oldid={$row['time_id']}", true) . '">' . $lang->get('history_action_view') . '</a> | '; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1272 |
echo ' <a href="' . makeUrlNS($row['namespace'], $row['page_id'], "do=rollback&id={$row['time_id']}", true) . '">' . $lang->get('history_action_restore') . '</a>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1273 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1274 |
else |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1275 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1276 |
echo ' <a href="' . makeUrlNS($row['namespace'], $row['page_id'], "do=rollback&id={$row['time_id']}", true) . '">' . $lang->get('history_action_revert') . '</a>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1277 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1278 |
echo ' </td>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1279 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1280 |
if ( $current == 'cnt_other' && $cnt_edits + $cnt_other >= $db->numrows($q) ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1281 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1282 |
echo '</table></div>'; |
0 | 1283 |
} |
1284 |
} |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1285 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1286 |
if ( $current == 'cnt_edits' ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1287 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1288 |
// no "other" edits, close the table |
377
bb3e6c3bd4f4
Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
Dan
parents:
372
diff
changeset
|
1289 |
if ( $cnt_edits > 0 ) |
bb3e6c3bd4f4
Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
Dan
parents:
372
diff
changeset
|
1290 |
echo '</table></div>'; |
bb3e6c3bd4f4
Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
Dan
parents:
372
diff
changeset
|
1291 |
else |
bb3e6c3bd4f4
Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
Dan
parents:
372
diff
changeset
|
1292 |
echo '<p>' . $lang->get('userfuncs_contribs_msg_no_edits') . '</p>'; |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1293 |
echo '<h3>' . $lang->get('userfuncs_contribs_heading_other') . '</h3>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1294 |
echo '<p>' . $lang->get('userfuncs_contribs_msg_no_other') . '</p>'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1295 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1296 |
|
0 | 1297 |
$db->free_result(); |
1298 |
$template->footer(); |
|
1299 |
} |
|
1300 |
||
1301 |
function page_Special_ChangeStyle() |
|
1302 |
{ |
|
1303 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1304 |
global $lang; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1305 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1306 |
if ( !$session->user_logged_in ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1307 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1308 |
die_friendly('Access denied', '<p>You must be logged in to change your style. Spoofer.</p>'); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1309 |
} |
0 | 1310 |
if(isset($_POST['theme']) && isset($_POST['style']) && isset($_POST['return_to'])) |
1311 |
{ |
|
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents:
60
diff
changeset
|
1312 |
if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['theme']) ) |
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents:
60
diff
changeset
|
1313 |
die('Hacking attempt'); |
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents:
60
diff
changeset
|
1314 |
if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['style']) ) |
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents:
60
diff
changeset
|
1315 |
die('Hacking attempt'); |
0 | 1316 |
$d = ENANO_ROOT . '/themes/' . $_POST['theme']; |
1317 |
$f = ENANO_ROOT . '/themes/' . $_POST['theme'] . '/css/' . $_POST['style'] . '.css'; |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1318 |
if ( !file_exists($d) || !is_dir($d) ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1319 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1320 |
die('The directory "'.$d.'" does not exist.'); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1321 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1322 |
if ( !file_exists($f) ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1323 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1324 |
die('The file "'.$f.'" does not exist.'); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1325 |
} |
0 | 1326 |
$d = $db->escape($_POST['theme']); |
1327 |
$f = $db->escape($_POST['style']); |
|
1328 |
$q = 'UPDATE '.table_prefix.'users SET theme=\''.$d.'\',style=\''.$f.'\' WHERE username=\''.$session->username.'\''; |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1329 |
if ( !$db->sql_query($q) ) |
0 | 1330 |
{ |
1331 |
$db->_die('Your theme/style preferences were not updated.'); |
|
1332 |
} |
|
1333 |
else |
|
1334 |
{ |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1335 |
redirect(makeUrl($_POST['return_to']), $lang->get('userfuncs_changetheme_success_title'), $lang->get('userfuncs_changetheme_success_body'), 3); |
0 | 1336 |
} |
1337 |
} |
|
1338 |
else |
|
1339 |
{ |
|
1340 |
$template->header(); |
|
1341 |
$ret = ( isset($_POST['return_to']) ) ? $_POST['return_to'] : $paths->getParam(0); |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1342 |
if ( !$ret ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1343 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1344 |
$ret = getConfig('main_page'); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1345 |
} |
0 | 1346 |
?> |
1347 |
<form action="<?php echo makeUrl($paths->page); ?>" method="post"> |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1348 |
<?php if ( !isset($_POST['themeselected']) ) { ?> |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1349 |
<h3><?php echo $lang->get('userfuncs_changetheme_heading_theme'); ?></h3> |
0 | 1350 |
<p> |
1351 |
<select name="theme"> |
|
1352 |
<?php |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1353 |
foreach ( $template->theme_list as $t ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1354 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1355 |
if ( $t['enabled'] ) |
0 | 1356 |
{ |
1357 |
echo '<option value="'.$t['theme_id'].'"'; |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1358 |
if ( $t['theme_id'] == $session->theme ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1359 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1360 |
echo ' selected="selected"'; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1361 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1362 |
echo '>' . $t['theme_name'] . '</option>'; |
0 | 1363 |
} |
1364 |
} |
|
1365 |
?> |
|
1366 |
</select> |
|
1367 |
</p> |
|
1368 |
<p><input type="hidden" name="return_to" value="<?php echo $ret; ?>" /> |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1369 |
<input type="submit" name="themeselected" value="<?php echo $lang->get('userfuncs_changetheme_btn_continue'); ?>" /></p> |
0 | 1370 |
<?php } else { |
1371 |
$theme = $_POST['theme']; |
|
1372 |
if ( !preg_match('/^([0-9A-z_-]+)$/i', $theme ) ) |
|
1373 |
die('Hacking attempt'); |
|
1374 |
?> |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1375 |
<h3><?php echo $lang->get('userfuncs_changetheme_heading_style'); ?></h3> |
0 | 1376 |
<p> |
1377 |
<select name="style"> |
|
1378 |
<?php |
|
1379 |
$dir = './themes/'.$theme.'/css/'; |
|
1380 |
$list = Array(); |
|
1381 |
// Open a known directory, and proceed to read its contents |
|
1382 |
if (is_dir($dir)) { |
|
1383 |
if ($dh = opendir($dir)) { |
|
1384 |
while (($file = readdir($dh)) !== false) { |
|
1385 |
if(preg_match('#^(.*?)\.css$#is', $file) && $file != '_printable.css') { |
|
1386 |
$list[] = substr($file, 0, strlen($file)-4); |
|
1387 |
} |
|
1388 |
} |
|
1389 |
closedir($dh); |
|
1390 |
} |
|
1391 |
} else die($dir.' is not a dir'); |
|
1392 |
foreach ( $list as $l ) |
|
1393 |
{ |
|
1394 |
echo '<option value="'.$l.'">'.capitalize_first_letter($l).'</option>'; |
|
1395 |
} |
|
1396 |
?> |
|
1397 |
</select> |
|
1398 |
</p> |
|
1399 |
<p><input type="hidden" name="return_to" value="<?php echo $ret; ?>" /> |
|
1400 |
<input type="hidden" name="theme" value="<?php echo $theme; ?>" /> |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1401 |
<input type="submit" name="allclear" value="<?php echo $lang->get('userfuncs_changetheme_btn_allclear'); ?>" /></p> |
0 | 1402 |
<?php } ?> |
1403 |
</form> |
|
1404 |
<?php |
|
1405 |
$template->footer(); |
|
1406 |
} |
|
1407 |
} |
|
1408 |
||
1409 |
function page_Special_ActivateAccount() |
|
1410 |
{ |
|
1411 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1412 |
global $lang; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1413 |
|
0 | 1414 |
$user = $paths->getParam(0); |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1415 |
if ( !$user ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1416 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1417 |
die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_badlink_body') . '</p>'); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1418 |
} |
0 | 1419 |
$key = $paths->getParam(1); |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1420 |
if ( !$key ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1421 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1422 |
die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_badlink_body') . '</p>'); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1423 |
} |
0 | 1424 |
$s = $session->activate_account(str_replace('_', ' ', $user), $key); |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1425 |
if ( $s > 0 ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1426 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1427 |
die_friendly($lang->get('userfuncs_activate_success_title'), '<p>' . $lang->get('userfuncs_activate_success_body') . '</p>'); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1428 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1429 |
else |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1430 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1431 |
die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_bad_key') . '</p>'); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1432 |
} |
0 | 1433 |
} |
1434 |
||
1435 |
function page_Special_Captcha() |
|
1436 |
{ |
|
1437 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
263
d57af0b0302e
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents:
192
diff
changeset
|
1438 |
if ( $paths->getParam(0) == 'make' ) |
0 | 1439 |
{ |
1440 |
$session->kill_captcha(); |
|
1441 |
echo $session->make_captcha(); |
|
1442 |
return; |
|
1443 |
} |
|
263
d57af0b0302e
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents:
192
diff
changeset
|
1444 |
|
0 | 1445 |
$hash = $paths->getParam(0); |
401
6ae6e387a0e3
Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents:
387
diff
changeset
|
1446 |
if ( !$hash || !preg_match('#^([0-9a-f]*){32,40}$#i', $hash) ) |
263
d57af0b0302e
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents:
192
diff
changeset
|
1447 |
{ |
d57af0b0302e
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents:
192
diff
changeset
|
1448 |
$paths->main_page(); |
d57af0b0302e
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents:
192
diff
changeset
|
1449 |
} |
402
d907601ccad2
Fixed some captcha bugs and made all captcha fields case-insensitive
Dan
parents:
401
diff
changeset
|
1450 |
|
d907601ccad2
Fixed some captcha bugs and made all captcha fields case-insensitive
Dan
parents:
401
diff
changeset
|
1451 |
$session->make_captcha(7, $hash); |
401
6ae6e387a0e3
Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents:
387
diff
changeset
|
1452 |
$code = $session->generate_captcha_code(); |
6ae6e387a0e3
Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents:
387
diff
changeset
|
1453 |
$q = $db->sql_query('UPDATE ' . table_prefix . "captcha SET code = '$code' WHERE session_id = '$hash';"); |
263
d57af0b0302e
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents:
192
diff
changeset
|
1454 |
if ( !$q ) |
401
6ae6e387a0e3
Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents:
387
diff
changeset
|
1455 |
$db->_die(); |
263
d57af0b0302e
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents:
192
diff
changeset
|
1456 |
|
d57af0b0302e
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents:
192
diff
changeset
|
1457 |
require ( ENANO_ROOT.'/includes/captcha.php' ); |
401
6ae6e387a0e3
Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents:
387
diff
changeset
|
1458 |
$captcha = captcha_object($hash, 'freecap'); |
472
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
parents:
459
diff
changeset
|
1459 |
// $captcha->debug = true; |
0 | 1460 |
$captcha->make_image(); |
401
6ae6e387a0e3
Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents:
387
diff
changeset
|
1461 |
|
0 | 1462 |
exit; |
1463 |
} |
|
1464 |
||
1465 |
function page_Special_PasswordReset() |
|
1466 |
{ |
|
1467 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1468 |
global $lang; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1469 |
|
0 | 1470 |
$template->header(); |
1471 |
if($paths->getParam(0) == 'stage2') |
|
1472 |
{ |
|
1473 |
$user_id = intval($paths->getParam(1)); |
|
1474 |
$encpass = $paths->getParam(2); |
|
1475 |
if ( $user_id < 2 ) |
|
1476 |
{ |
|
1477 |
echo '<p>Hacking attempt</p>'; |
|
1478 |
$template->footer(); |
|
1479 |
return false; |
|
1480 |
} |
|
1481 |
if(!preg_match('#^([a-f0-9]+)$#i', $encpass)) |
|
1482 |
{ |
|
1483 |
echo '<p>Hacking attempt</p>'; |
|
1484 |
$template->footer(); |
|
1485 |
return false; |
|
1486 |
} |
|
1487 |
||
1488 |
$q = $db->sql_query('SELECT username,temp_password_time FROM '.table_prefix.'users WHERE user_id='.$user_id.' AND temp_password=\'' . $encpass . '\';'); |
|
1489 |
if($db->numrows() < 1) |
|
1490 |
{ |
|
1491 |
echo '<p>Invalid credentials</p>'; |
|
1492 |
$template->footer(); |
|
1493 |
return false; |
|
1494 |
} |
|
1495 |
$row = $db->fetchrow(); |
|
1496 |
$db->free_result(); |
|
1497 |
||
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1498 |
if ( ( intval($row['temp_password_time']) + ( 3600 * 24 ) ) < time() ) |
0 | 1499 |
{ |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1500 |
echo '<p>' . $lang->get('userfuncs_passreset_err_pass_expired', array('reset_url' => makeUrlNS('Special', 'PasswordReset'))) . '</p>'; |
0 | 1501 |
$template->footer(); |
1502 |
return false; |
|
1503 |
} |
|
1504 |
||
1505 |
if ( isset($_POST['do_stage2']) ) |
|
1506 |
{ |
|
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
270
diff
changeset
|
1507 |
$aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE); |
0 | 1508 |
if($_POST['use_crypt'] == 'yes') |
1509 |
{ |
|
1510 |
$crypt_key = $session->fetch_public_key($_POST['crypt_key']); |
|
1511 |
if(!$crypt_key) |
|
1512 |
{ |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1513 |
echo $lang->get('user_err_key_not_found'); |
0 | 1514 |
$template->footer(); |
1515 |
return false; |
|
1516 |
} |
|
1517 |
$crypt_key = hexdecode($crypt_key); |
|
1518 |
$data = $aes->decrypt($_POST['crypt_data'], $crypt_key, ENC_HEX); |
|
1519 |
if(strlen($data) < 6) |
|
1520 |
{ |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1521 |
echo $lang->get('userfuncs_passreset_err_too_short'); |
0 | 1522 |
$template->footer(); |
1523 |
return false; |
|
1524 |
} |
|
1525 |
} |
|
1526 |
else |
|
1527 |
{ |
|
1528 |
$data = $_POST['pass']; |
|
1529 |
$conf = $_POST['pass_confirm']; |
|
1530 |
if($data != $conf) |
|
1531 |
{ |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1532 |
echo $lang->get('userfuncs_passreset_err_no_match'); |
0 | 1533 |
$template->footer(); |
1534 |
return false; |
|
1535 |
} |
|
1536 |
if(strlen($data) < 6) |
|
1537 |
{ |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1538 |
echo $lang->get('userfuncs_passreset_err_too_short'); |
0 | 1539 |
$template->footer(); |
1540 |
return false; |
|
1541 |
} |
|
1542 |
} |
|
1543 |
if(empty($data)) |
|
1544 |
{ |
|
1545 |
echo 'ERROR: Sanity check failed!'; |
|
1546 |
$template->footer(); |
|
1547 |
return false; |
|
1548 |
} |
|
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1549 |
if ( getConfig('pw_strength_enable') == '1' ) |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1550 |
{ |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1551 |
$min_score = intval(getConfig('pw_strength_minimum')); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1552 |
$inp_score = password_score($data); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1553 |
if ( $inp_score < $min_score ) |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1554 |
{ |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1555 |
$url = makeUrl($paths->fullpage); |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1556 |
echo "<p>" . $lang->get('userfuncs_passreset_err_failed_score', array('inp_score' => $inp_score, 'url' => $url)) . "</p>"; |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1557 |
$template->footer(); |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1558 |
return false; |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1559 |
} |
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1560 |
} |
0 | 1561 |
$encpass = $aes->encrypt($data, $session->private_key, ENC_HEX); |
1562 |
$q = $db->sql_query('UPDATE '.table_prefix.'users SET password=\'' . $encpass . '\',temp_password=\'\',temp_password_time=0 WHERE user_id='.$user_id.';'); |
|
1563 |
||
1564 |
if($q) |
|
1565 |
{ |
|
1566 |
$session->login_without_crypto($row['username'], $data); |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1567 |
echo '<p>' . $lang->get('userfuncs_passreset_stage2_success', array('url_mainpage' => makeUrl(getConfig('main_page')))) . '</p>'; |
0 | 1568 |
} |
1569 |
else |
|
1570 |
{ |
|
1571 |
echo $db->get_error(); |
|
1572 |
} |
|
1573 |
||
1574 |
$template->footer(); |
|
1575 |
return false; |
|
1576 |
} |
|
1577 |
||
1578 |
// Password reset form |
|
1579 |
$pubkey = $session->rijndael_genkey(); |
|
1580 |
||
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1581 |
$evt_get_score = ( getConfig('pw_strength_enable') == '1' ) ? 'onkeyup="password_score_field(this);" ' : ''; |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1582 |
$pw_meter = ( getConfig('pw_strength_enable') == '1' ) ? '<tr><td class="row1">' . $lang->get('userfuncs_passreset_stage2_lbl_strength') . '</td><td class="row1"><div id="pwmeter"></div><script type="text/javascript">password_score_field(document.forms.resetform.pass);</script></td></tr>' : ''; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1583 |
$pw_blurb = ( getConfig('pw_strength_enable') == '1' && intval(getConfig('pw_strength_minimum')) > -10 ) ? '<br /><small>' . $lang->get('userfuncs_passreset_stage2_blurb_strength') . '</small>' : ''; |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1584 |
|
0 | 1585 |
?> |
1586 |
<form action="<?php echo makeUrl($paths->fullpage); ?>" method="post" name="resetform" onsubmit="return runEncryption();"> |
|
1587 |
<br /> |
|
1588 |
<div class="tblholder"> |
|
1589 |
<table border="0" style="width: 100%;" cellspacing="1" cellpadding="4"> |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1590 |
<tr><th colspan="2"><?php echo $lang->get('userfuncs_passreset_stage2_th'); ?></th></tr> |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1591 |
<tr><td class="row1"><?php echo $lang->get('userfuncs_passreset_stage2_lbl_password'); ?> <?php echo $pw_blurb; ?></td><td class="row1"><input name="pass" type="password" <?php echo $evt_get_score; ?>/></td></tr> |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1592 |
<tr><td class="row2"><?php echo $lang->get('userfuncs_passreset_stage2_lbl_confirm'); ?> </td><td class="row2"><input name="pass_confirm" type="password" /></td></tr> |
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents:
126
diff
changeset
|
1593 |
<?php echo $pw_meter; ?> |
0 | 1594 |
<tr> |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1595 |
<td colspan="2" class="row3" style="text-align: center;"> |
0 | 1596 |
<input type="hidden" name="use_crypt" value="no" /> |
1597 |
<input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" /> |
|
1598 |
<input type="hidden" name="crypt_data" value="" /> |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1599 |
<input type="submit" name="do_stage2" value="<?php echo $lang->get('userfuncs_passreset_stage2_btn_submit'); ?>" /> |
0 | 1600 |
</td> |
1601 |
</tr> |
|
1602 |
</table> |
|
1603 |
</div> |
|
1604 |
</form> |
|
1605 |
<script type="text/javascript"> |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
32
diff
changeset
|
1606 |
if ( !KILL_SWITCH ) |
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
32
diff
changeset
|
1607 |
{ |
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
32
diff
changeset
|
1608 |
disableJSONExts(); |
0 | 1609 |
str = ''; |
1610 |
for(i=0;i<keySizeInBits/4;i++) str+='0'; |
|
1611 |
var key = hexToByteArray(str); |
|
1612 |
var pt = hexToByteArray(str); |
|
1613 |
var ct = rijndaelEncrypt(pt, key, "ECB"); |
|
1614 |
var ct = byteArrayToHex(ct); |
|
1615 |
switch(keySizeInBits) |
|
1616 |
{ |
|
1617 |
case 128: |
|
1618 |
v = '66e94bd4ef8a2c3b884cfa59ca342b2e'; |
|
1619 |
break; |
|
1620 |
case 192: |
|
1621 |
v = 'aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7'; |
|
1622 |
break; |
|
1623 |
case 256: |
|
1624 |
v = 'dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087'; |
|
1625 |
break; |
|
1626 |
} |
|
1627 |
var testpassed = ( ct == v && md5_vm_test() ); |
|
1628 |
var frm = document.forms.resetform; |
|
1629 |
if(testpassed) |
|
1630 |
{ |
|
1631 |
frm.use_crypt.value = 'yes'; |
|
1632 |
var cryptkey = frm.crypt_key.value; |
|
1633 |
frm.crypt_key.value = hex_md5(cryptkey); |
|
1634 |
cryptkey = hexToByteArray(cryptkey); |
|
1635 |
if(!cryptkey || ( ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 ) |
|
1636 |
{ |
|
1637 |
frm._login.disabled = true; |
|
1638 |
len = ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : ''; |
|
1639 |
alert('The key is messed up\nType: '+typeof(cryptkey)+len); |
|
1640 |
} |
|
1641 |
} |
|
1642 |
function runEncryption() |
|
1643 |
{ |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
32
diff
changeset
|
1644 |
var frm = document.forms.resetform; |
0 | 1645 |
pass1 = frm.pass.value; |
1646 |
pass2 = frm.pass_confirm.value; |
|
1647 |
if ( pass1 != pass2 ) |
|
1648 |
{ |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1649 |
alert($lang.get('userfuncs_passreset_err_no_match')); |
0 | 1650 |
return false; |
1651 |
} |
|
1652 |
if ( pass1.length < 6 ) |
|
1653 |
{ |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1654 |
alert($lang.get('userfuncs_passreset_err_too_short')); |
0 | 1655 |
return false; |
1656 |
} |
|
1657 |
if(testpassed) |
|
1658 |
{ |
|
1659 |
pass = frm.pass.value; |
|
1660 |
pass = stringToByteArray(pass); |
|
1661 |
cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB'); |
|
1662 |
if(!cryptstring) |
|
1663 |
{ |
|
1664 |
return false; |
|
1665 |
} |
|
1666 |
cryptstring = byteArrayToHex(cryptstring); |
|
1667 |
frm.crypt_data.value = cryptstring; |
|
1668 |
frm.pass.value = ""; |
|
1669 |
frm.pass_confirm.value = ""; |
|
1670 |
} |
|
1671 |
return true; |
|
1672 |
} |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
32
diff
changeset
|
1673 |
} |
0 | 1674 |
</script> |
1675 |
<?php |
|
1676 |
$template->footer(); |
|
1677 |
return true; |
|
1678 |
} |
|
1679 |
if(isset($_POST['do_reset'])) |
|
1680 |
{ |
|
1681 |
if($session->mail_password_reset($_POST['username'])) |
|
1682 |
{ |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1683 |
echo '<p>' . $lang->get('userfuncs_passreset_stage1_success') . '</p>'; |
0 | 1684 |
} |
1685 |
else |
|
1686 |
{ |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1687 |
echo '<p>' . $lang->get('userfuncs_passreset_stage1_error') . '</p>'; |
0 | 1688 |
} |
1689 |
$template->footer(); |
|
1690 |
return true; |
|
1691 |
} |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1692 |
echo '<p>' . $lang->get('userfuncs_passreset_blurb_line1') . '</p> |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1693 |
<p>' . $lang->get('userfuncs_passreset_blurb_line2') . '</p> |
0 | 1694 |
<form action="'.makeUrl($paths->page).'" method="post" onsubmit="if(!submitAuthorized) return false;"> |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1695 |
<p>' . $lang->get('userfuncs_passreset_lbl_username') . ' '.$template->username_field('username').'</p> |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1696 |
<p><input type="submit" name="do_reset" value="' . $lang->get('userfuncs_passreset_btn_mailpasswd') . '" /></p> |
0 | 1697 |
</form>'; |
1698 |
$template->footer(); |
|
1699 |
} |
|
1700 |
||
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1701 |
function page_Special_Memberlist() |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1702 |
{ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1703 |
global $db, $session, $paths, $template, $plugins; // Common objects |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1704 |
global $lang; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
334
diff
changeset
|
1705 |
|
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1706 |
$template->header(); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1707 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1708 |
$startletters = 'abcdefghijklmnopqrstuvwxyz'; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1709 |
$startletters = enano_str_split($startletters); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1710 |
$startletter = ( isset($_GET['letter']) ) ? strtolower($_GET['letter']) : ''; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1711 |
if ( !in_array($startletter, $startletters) && $startletter != 'chr' ) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1712 |
{ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1713 |
$startletter = ''; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1714 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1715 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1716 |
$startletter_sql = $startletter; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1717 |
if ( $startletter == 'chr' ) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1718 |
{ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1719 |
$startletter_sql = '([^a-z])'; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1720 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1721 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1722 |
// offset |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1723 |
$offset = ( isset($_GET['offset']) && strval(intval($_GET['offset'])) === $_GET['offset']) ? intval($_GET['offset']) : 0; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1724 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1725 |
// sort order |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1726 |
$sortkeys = array( |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1727 |
'uid' => 'u.user_id', |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1728 |
'username' => 'u.username', |
111 | 1729 |
'email' => 'u.email', |
1730 |
'regist' => 'u.reg_time' |
|
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1731 |
); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1732 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1733 |
$sortby = ( isset($_GET['sort']) && isset($sortkeys[$_GET['sort']]) ) ? $_GET['sort'] : 'username'; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1734 |
$sort_sqllet = $sortkeys[$sortby]; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1735 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1736 |
$target_order = ( isset($_GET['orderby']) && in_array($_GET['orderby'], array('ASC', 'DESC')) )? $_GET['orderby'] : 'ASC'; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1737 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1738 |
$sortorders = array(); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1739 |
foreach ( $sortkeys as $k => $_unused ) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1740 |
{ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1741 |
$sortorders[$k] = ( $sortby == $k ) ? ( $target_order == 'ASC' ? 'DESC' : 'ASC' ) : 'ASC'; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1742 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1743 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1744 |
// Why 3.3714%? 100 percent / 28 cells, minus a little (0.2% / cell) to account for cell spacing |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1745 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1746 |
echo '<div class="tblholder"> |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1747 |
<table border="0" cellspacing="1" cellpadding="4" style="text-align: center;"> |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1748 |
<tr>'; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1749 |
echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=&sort=' . $sortby . '&orderby=' . $target_order, true) . '">All</a></td>'; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1750 |
echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=chr&sort=' . $sortby . '&orderby=' . $target_order, true) . '">#</a></td>'; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1751 |
foreach ( $startletters as $letter ) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1752 |
{ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1753 |
echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=' . $letter . '&sort=' . $sortby . '&orderby=' . $target_order, true) . '">' . strtoupper($letter) . '</a></td>'; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1754 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1755 |
echo ' </tr> |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1756 |
</table> |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1757 |
</div>'; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1758 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1759 |
// formatter parameters |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1760 |
$formatter = new MemberlistFormatter(); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1761 |
$formatters = array( |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1762 |
'username' => array($formatter, 'username'), |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1763 |
'user_level' => array($formatter, 'user_level'), |
111 | 1764 |
'email' => array($formatter, 'email'), |
1765 |
'reg_time' => array($formatter, 'reg_time') |
|
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1766 |
); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1767 |
|
105 | 1768 |
// User search |
1769 |
if ( isset($_GET['finduser']) ) |
|
1770 |
{ |
|
1771 |
$finduser = str_replace(array( '%', '_'), |
|
1772 |
array('\\%', '\\_'), |
|
1773 |
$_GET['finduser']); |
|
1774 |
$finduser = str_replace(array('*', '?'), |
|
1775 |
array('%', '_'), |
|
1776 |
$finduser); |
|
1777 |
$finduser = $db->escape($finduser); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
317
diff
changeset
|
1778 |
$username_where = ENANO_SQLFUNC_LOWERCASE . '(u.username) LIKE \'%' . strtolower($finduser) . '%\''; |
105 | 1779 |
$finduser_url = 'finduser=' . rawurlencode($_GET['finduser']) . '&'; |
1780 |
} |
|
1781 |
else |
|
1782 |
{ |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
317
diff
changeset
|
1783 |
if ( ENANO_DBLAYER == 'MYSQL' ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
317
diff
changeset
|
1784 |
$username_where = 'lcase(u.username) REGEXP lcase("^' . $startletter_sql . '")'; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
317
diff
changeset
|
1785 |
else if ( ENANO_DBLAYER == 'PGSQL' ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
317
diff
changeset
|
1786 |
$username_where = 'lower(u.username) ~ lower(\'^' . $startletter_sql . '\')'; |
105 | 1787 |
$finduser_url = ''; |
1788 |
} |
|
1789 |
||
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1790 |
// Column markers |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1791 |
$headings = '<tr> |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1792 |
<th style="max-width: 50px;"> |
105 | 1793 |
<a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=uid&orderby=' . $sortorders['uid'], true) . '">#</a> |
1794 |
</th> |
|
1795 |
<th> |
|
342 | 1796 |
<a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=username&orderby=' . $sortorders['username'], true) . '">' . $lang->get('userfuncs_ml_column_username') . '</a> |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1797 |
</th> |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1798 |
<th> |
342 | 1799 |
' . $lang->get('userfuncs_ml_column_userlevel') . ' |
111 | 1800 |
</th> |
1801 |
<th> |
|
342 | 1802 |
<a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=email&orderby=' . $sortorders['email'], true) . '">' . $lang->get('userfuncs_ml_column_email') . '</a> |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1803 |
</th> |
111 | 1804 |
<th> |
342 | 1805 |
<a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=regist&orderby=' . $sortorders['regist'], true) . '">' . $lang->get('userfuncs_ml_column_regtime') . '</a> |
111 | 1806 |
</th> |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1807 |
</tr>'; |
105 | 1808 |
|
1809 |
// determine number of rows |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
317
diff
changeset
|
1810 |
$q = $db->sql_query('SELECT u.user_id FROM '.table_prefix.'users AS u WHERE ' . $username_where . ' AND u.username != \'Anonymous\';'); |
105 | 1811 |
if ( !$q ) |
1812 |
$db->_die(); |
|
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1813 |
|
105 | 1814 |
$num_rows = $db->numrows(); |
1815 |
$db->free_result(); |
|
1816 |
||
1817 |
if ( !empty($finduser_url) ) |
|
1818 |
{ |
|
342 | 1819 |
switch ( $num_rows ) |
1820 |
{ |
|
1821 |
case 0: |
|
1822 |
$str = $lang->get('userfuncs_ml_msg_matches_zero'); break; |
|
1823 |
case 1: |
|
1824 |
$str = $lang->get('userfuncs_ml_msg_matches_one'); break; |
|
1825 |
default: |
|
1826 |
$str = $lang->get('userfuncs_ml_msg_matches', array('matches' => $num_rows)); break; |
|
1827 |
} |
|
1828 |
echo "<h3>$str</h3>"; |
|
105 | 1829 |
} |
1830 |
||
1831 |
// main selector |
|
111 | 1832 |
$q = $db->sql_unbuffered_query('SELECT u.user_id, u.username, u.reg_time, u.email, u.user_level, u.reg_time, x.email_public FROM '.table_prefix.'users AS u |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1833 |
LEFT JOIN '.table_prefix.'users_extra AS x |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1834 |
ON ( u.user_id = x.user_id ) |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
317
diff
changeset
|
1835 |
WHERE ' . $username_where . ' AND u.username != \'Anonymous\' |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1836 |
ORDER BY ' . $sort_sqllet . ' ' . $target_order . ';'); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1837 |
if ( !$q ) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1838 |
$db->_die(); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1839 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1840 |
$html = paginate( |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1841 |
$q, // MySQL result resource |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1842 |
'<tr> |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1843 |
<td class="{_css_class}">{user_id}</td> |
111 | 1844 |
<td class="{_css_class}" style="text-align: left;">{username}</td> |
1845 |
<td class="{_css_class}">{user_level}</td> |
|
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1846 |
<td class="{_css_class}">{email}</small></td> |
111 | 1847 |
<td class="{_css_class}">{reg_time}</td> |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1848 |
</tr> |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1849 |
', // TPL code for rows |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1850 |
$num_rows, // Number of results |
105 | 1851 |
makeUrlNS('Special', 'Memberlist', ( str_replace('%', '%%', $finduser_url) ) . 'letter=' . $startletter . '&offset=%s&sort=' . $sortby . '&orderby=' . $target_order ), // Result URL |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1852 |
$offset, // Start at this number |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1853 |
25, // Results per page |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1854 |
$formatters, // Formatting hooks |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1855 |
'<div class="tblholder"> |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1856 |
<table border="0" cellspacing="1" cellpadding="4" style="text-align: center;"> |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1857 |
' . $headings . ' |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1858 |
', // Header (printed before rows) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1859 |
' ' . $headings . ' |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1860 |
</table> |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1861 |
</div> |
105 | 1862 |
' . |
1863 |
'<div style="float: left;"> |
|
1864 |
<form action="' . makeUrlNS('Special', 'Memberlist') . '" method="get" onsubmit="if ( !submitAuthorized ) return false;">' |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
317
diff
changeset
|
1865 |
. ( urlSeparator == '&' ? '<input type="hidden" name="title" value="' . htmlspecialchars( $paths->page ) . '" />' : '' ) |
115
261f367623af
Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
Dan
parents:
111
diff
changeset
|
1866 |
. ( $session->sid_super ? '<input type="hidden" name="auth" value="' . $session->sid_super . '" />' : '') |
342 | 1867 |
. '<p>' . $lang->get('userfuncs_ml_lbl_finduser') . ' ' . $template->username_field('finduser') . ' <input type="submit" value="' . $lang->get('userfuncs_ml_btn_go') . '" /><br /> |
1868 |
<small>' . $lang->get('userfuncs_ml_tip_wildcard') . '</small></p>' |
|
105 | 1869 |
. '</form> |
1870 |
</div>' // Footer (printed after rows) |
|
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1871 |
); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1872 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1873 |
if ( $num_rows < 1 ) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1874 |
{ |
342 | 1875 |
echo ( isset($_GET['finduser']) ) ? '<p>' . $lang->get('userfuncs_ml_err_nousers_find') . '</p>' : |
1876 |
'<p>' . $lang->get('userfuncs_ml_err_nousers') . '</p>'; |
|
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1877 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1878 |
else |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1879 |
{ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1880 |
echo $html; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1881 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1882 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1883 |
$template->footer(); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1884 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1885 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1886 |
/** |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1887 |
* Class for formatting results for the memberlist. |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1888 |
* @access private |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1889 |
*/ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1890 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1891 |
class MemberlistFormatter |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1892 |
{ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1893 |
function username($username, $row) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1894 |
{ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1895 |
global $db, $session, $paths, $template, $plugins; // Common objects |
342 | 1896 |
global $lang; |
1897 |
||
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1898 |
$userpage = $paths->nslist['User'] . sanitize_page_id($username); |
342 | 1899 |
$class = ( isPage($userpage) ) ? ' title="' . $lang->get('userfuncs_ml_tip_userpage') . '"' : ' class="wikilink-nonexistent" title="' . $lang->get('userfuncs_ml_tip_nouserpage') . '"'; |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1900 |
$anchor = '<a href="' . makeUrlNS('User', sanitize_page_id($username)) . '"' . $class . '>' . htmlspecialchars($username) . '</a>'; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1901 |
if ( $session->user_level >= USER_LEVEL_ADMIN ) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1902 |
{ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1903 |
$anchor .= ' <small>- <a href="' . makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'UserManager&src=get&username=' . urlencode($username), true) . '" |
342 | 1904 |
onclick="ajaxAdminUser(\'' . addslashes(htmlspecialchars($username)) . '\'); return false;">' . $lang->get('userfuncs_ml_btn_adminuser') . '</a></small>'; |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1905 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1906 |
return $anchor; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1907 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1908 |
function user_level($level, $row) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1909 |
{ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1910 |
global $db, $session, $paths, $template, $plugins; // Common objects |
342 | 1911 |
global $lang; |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1912 |
switch ( $level ) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1913 |
{ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1914 |
case USER_LEVEL_GUEST: |
342 | 1915 |
$s_level = $lang->get('userfuncs_ml_level_guest'); break; |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1916 |
case USER_LEVEL_MEMBER: |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1917 |
case USER_LEVEL_CHPREF: |
342 | 1918 |
$s_level = $lang->get('userfuncs_ml_level_member'); break; |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1919 |
case USER_LEVEL_MOD: |
342 | 1920 |
$s_level = $lang->get('userfuncs_ml_level_mod'); break; |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1921 |
case USER_LEVEL_ADMIN: |
342 | 1922 |
$s_level = $lang->get('userfuncs_ml_level_admin'); break; |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1923 |
default: |
342 | 1924 |
$s_level = $lang->get('userfuncs_ml_level_unknown', array( 'level' => $level )); |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1925 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1926 |
return $s_level; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1927 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1928 |
function email($addy, $row) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1929 |
{ |
342 | 1930 |
global $lang; |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1931 |
if ( $row['email_public'] == '1' ) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1932 |
{ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1933 |
global $email; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1934 |
$addy = $email->encryptEmail($addy); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1935 |
return $addy; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1936 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1937 |
else |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1938 |
{ |
342 | 1939 |
return '<small><' . $lang->get('userfuncs_ml_email_nonpublic') . '></small>'; |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1940 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1941 |
} |
111 | 1942 |
/** |
1943 |
* Format a time as a reference to a day, with user-friendly "X days ago"/"Today"/"Yesterday" returned when relevant. |
|
1944 |
* @param int UNIX timestamp |
|
1945 |
* @return string |
|
1946 |
*/ |
|
1947 |
||
1948 |
function format_date($time) |
|
1949 |
{ |
|
342 | 1950 |
global $lang; |
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
1951 |
// Our formattting string to pass to enano_date() |
111 | 1952 |
// This should not include minute/second info, only today's date in whatever format suits your fancy |
1953 |
$formatstring = 'F j, Y'; |
|
1954 |
// Today's date |
|
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
1955 |
$today = enano_date($formatstring); |
111 | 1956 |
// Yesterday's date |
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
1957 |
$yesterday = enano_date($formatstring, (time() - (24*60*60))); |
111 | 1958 |
// Date on the input |
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
1959 |
$then = enano_date($formatstring, $time); |
111 | 1960 |
// "X days ago" logic |
1961 |
for ( $i = 2; $i <= 6; $i++ ) |
|
1962 |
{ |
|
1963 |
// hours_in_day * minutes_in_hour * seconds_in_minute * num_days |
|
1964 |
$offset = 24 * 60 * 60 * $i; |
|
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
1965 |
$days_ago = enano_date($formatstring, (time() - $offset)); |
111 | 1966 |
// so does the input timestamp match the date from $i days ago? |
1967 |
if ( $then == $days_ago ) |
|
1968 |
{ |
|
1969 |
// yes, return $i |
|
342 | 1970 |
return $lang->get('userfuncs_ml_date_daysago', array('days_ago' => $i)); |
111 | 1971 |
} |
1972 |
} |
|
1973 |
// either yesterday, today, or before 6 days ago |
|
1974 |
switch($then) |
|
1975 |
{ |
|
1976 |
case $today: |
|
342 | 1977 |
return $lang->get('userfuncs_ml_date_today'); |
111 | 1978 |
case $yesterday: |
342 | 1979 |
return $lang->get('userfuncs_ml_date_yesterday'); |
111 | 1980 |
default: |
1981 |
return $then; |
|
1982 |
} |
|
1983 |
// .--. |
|
1984 |
// |o_o | |
|
1985 |
// |!_/ | |
|
1986 |
// // \ \ |
|
1987 |
// (| | ) |
|
1988 |
// /'\_ _/`\ |
|
1989 |
// \___)=(___/ |
|
1990 |
return 'Linux rocks!'; |
|
1991 |
} |
|
1992 |
function reg_time($time, $row) |
|
1993 |
{ |
|
1994 |
return $this->format_date($time); |
|
1995 |
} |
|
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1996 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
101
diff
changeset
|
1997 |
|
210
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
1998 |
function page_Special_LangExportJSON() |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
1999 |
{ |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2000 |
global $db, $session, $paths, $template, $plugins; // Common objects |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2001 |
global $lang; |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2002 |
|
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2003 |
$lang_id = ( $x = $paths->getParam(0) ) ? intval($x) : $lang->lang_id; |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2004 |
|
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2005 |
if ( $lang->lang_id == $lang_id ) |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2006 |
$lang_local =& $lang; |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2007 |
else |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2008 |
$lang_local = new Language($lang_id); |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2009 |
|
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2010 |
|
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
2011 |
$timestamp = enano_date('D, j M Y H:i:s T', $lang_local->lang_timestamp); |
210
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2012 |
header("Last-Modified: $timestamp"); |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2013 |
header("Date: $timestamp"); |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2014 |
header('Content-type: text/javascript'); |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2015 |
|
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2016 |
$lang_local->fetch(); |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2017 |
echo "if ( typeof(enano_lang) != 'object' ) |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2018 |
var enano_lang = new Object(); |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2019 |
|
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
2020 |
enano_lang[{$lang->lang_id}] = " . enano_json_encode($lang_local->strings) . ";"; |
210
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2021 |
|
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2022 |
} |
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents:
209
diff
changeset
|
2023 |
|
0 | 2024 |
?> |