author | Dan |
Wed, 11 Jul 2007 14:28:34 -0400 | |
changeset 64 | 60e450d2e8c3 |
parent 60 | 71b50f8c8f85 |
child 68 | eb34257a6377 |
permissions | -rw-r--r-- |
1 | 1 |
<?php |
2 |
||
3 |
/* |
|
4 |
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
5 |
* Version 1.0 (Banshee) |
1 | 6 |
* Copyright (C) 2006-2007 Dan Fuhry |
7 |
* |
|
8 |
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
|
9 |
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
|
10 |
* |
|
11 |
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
|
12 |
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. |
|
13 |
*/ |
|
14 |
||
15 |
class template { |
|
16 |
var $tpl_strings, $tpl_bool, $theme, $style, $no_headers, $additional_headers, $sidebar_extra, $sidebar_widgets, $toolbar_menu, $theme_list, $named_theme_list, $default_theme, $default_style, $plugin_blocks, $namespace_string, $style_list, $theme_loaded; |
|
30 | 17 |
|
18 |
/** |
|
19 |
* Set to true if the site is disabled and thus a message needs to be shown. This should ONLY be changed by common.php. |
|
20 |
* @var bool |
|
21 |
* @access private |
|
22 |
*/ |
|
23 |
||
24 |
var $site_disabled = false; |
|
25 |
||
53 | 26 |
/** |
27 |
* One of the absolute best parts of Enano :-P |
|
28 |
* @var string |
|
29 |
*/ |
|
30 |
||
54
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
parents:
53
diff
changeset
|
31 |
var $fading_button = ''; |
53 | 32 |
|
1 | 33 |
function __construct() |
34 |
{ |
|
35 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
36 |
dc_here('template: initializing all class variables'); |
|
37 |
$this->tpl_bool = Array(); |
|
38 |
$this->tpl_strings = Array(); |
|
39 |
$this->sidebar_extra = ''; |
|
40 |
$this->toolbar_menu = ''; |
|
41 |
$this->additional_headers = ''; |
|
42 |
$this->plugin_blocks = Array(); |
|
43 |
$this->theme_loaded = false; |
|
44 |
||
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
45 |
$fading_button = '<a href="http://enanocms.org" onclick="if ( !KILL_SWITCH ) { window.open(this.href); return false; }" style="text-align: center; margin: 0 auto; display: table; background-image: none;"> |
54
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
parents:
53
diff
changeset
|
46 |
<img alt="Powered by Enano CMS" style="border-width: 0; position: absolute;" |
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
parents:
53
diff
changeset
|
47 |
src="' . scriptPath . '/images/about-powered-enano.png" id="enanoFader" onmouseover="domOpacity(this, 100, 0, 500);" |
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
parents:
53
diff
changeset
|
48 |
onmouseout="opacity(this.id, 0, 100, 500);" /> |
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
parents:
53
diff
changeset
|
49 |
<img alt="Powered by Enano CMS" style="border-width: 0px;" src="' . scriptPath . '/images/about-powered-enano-hover.png" /> |
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
parents:
53
diff
changeset
|
50 |
</a>'; |
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
parents:
53
diff
changeset
|
51 |
|
1 | 52 |
$this->theme_list = Array(); |
53 |
$this->named_theme_list = Array(); |
|
54 |
$e = $db->sql_query('SELECT theme_id,theme_name,enabled,default_style FROM '.table_prefix.'themes WHERE enabled=1 ORDER BY theme_order;'); |
|
55 |
if(!$e) $db->_die('The list of themes could not be selected.'); |
|
56 |
for($i=0;$i < $db->numrows(); $i++) |
|
57 |
{ |
|
58 |
$this->theme_list[$i] = $db->fetchrow(); |
|
59 |
$this->named_theme_list[$this->theme_list[$i]['theme_id']] = $this->theme_list[$i]; |
|
60 |
} |
|
61 |
$db->free_result(); |
|
62 |
$this->default_theme = $this->theme_list[0]['theme_id']; |
|
63 |
$dir = ENANO_ROOT.'/themes/'.$this->default_theme.'/css/'; |
|
64 |
$list = Array(); |
|
65 |
// Open a known directory, and proceed to read its contents |
|
66 |
if (is_dir($dir)) { |
|
67 |
if ($dh = opendir($dir)) { |
|
68 |
while (($file = readdir($dh)) !== false) { |
|
69 |
if(preg_match('#^(.*?)\.css$#i', $file) && $file != '_printable.css') { |
|
70 |
$list[] = substr($file, 0, strlen($file)-4); |
|
71 |
} |
|
72 |
} |
|
73 |
closedir($dh); |
|
74 |
} |
|
75 |
} |
|
76 |
||
77 |
$def = ENANO_ROOT.'/themes/'.$this->default_theme.'/css/'.$this->named_theme_list[$this->default_theme]['default_style']; |
|
78 |
if(file_exists($def)) |
|
79 |
{ |
|
80 |
$this->default_style = substr($this->named_theme_list[$this->default_theme]['default_style'], 0, strlen($this->named_theme_list[$this->default_theme]['default_style'])-4); |
|
81 |
} else { |
|
82 |
$this->default_style = $list[0]; |
|
83 |
} |
|
84 |
||
85 |
$this->style_list = $list; |
|
86 |
||
87 |
} |
|
88 |
function template() |
|
89 |
{ |
|
90 |
$this->__construct(); |
|
91 |
} |
|
92 |
function sidebar_widget($t, $h) |
|
93 |
{ |
|
94 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
95 |
if(!defined('ENANO_TEMPLATE_LOADED')) |
|
96 |
{ |
|
97 |
$this->load_theme($session->theme, $session->style); |
|
98 |
} |
|
99 |
if(!$this->sidebar_widgets) |
|
100 |
$this->sidebar_widgets = ''; |
|
101 |
$tplvars = $this->extract_vars('elements.tpl'); |
|
102 |
$parser = $this->makeParserText($tplvars['sidebar_section_raw']); |
|
103 |
$parser->assign_vars(Array('TITLE'=>$t,'CONTENT'=>$h)); |
|
104 |
$this->plugin_blocks[$t] = $h; |
|
105 |
$this->sidebar_widgets .= $parser->run(); |
|
106 |
} |
|
107 |
function add_header($html) |
|
108 |
{ |
|
109 |
$this->additional_headers .= "\n" . $html; |
|
110 |
} |
|
111 |
function get_css($s = false) |
|
112 |
{ |
|
113 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
114 |
if(!defined('ENANO_TEMPLATE_LOADED')) |
|
115 |
$this->load_theme($session->theme, $session->style); |
|
116 |
$path = ( $s ) ? 'css/'.$s : 'css/'.$this->style.'.css'; |
|
117 |
if ( !file_exists(ENANO_ROOT . '/themes/' . $this->theme . '/' . $path) ) |
|
118 |
{ |
|
119 |
echo "/* WARNING: Falling back to default file because file $path does not exist */\n"; |
|
120 |
$path = 'css/' . $this->style_list[0] . '.css'; |
|
121 |
} |
|
122 |
return $this->process_template($path); |
|
123 |
} |
|
124 |
function load_theme($name = false, $css = false) |
|
125 |
{ |
|
126 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
127 |
$this->theme = ( $name ) ? $name : $session->theme; |
|
128 |
$this->style = ( $css ) ? $css : $session->style; |
|
129 |
if ( !$this->theme ) |
|
130 |
{ |
|
131 |
$this->theme = $this->theme_list[0]['theme_id']; |
|
132 |
$this->style = substr($this->theme_list[0]['default_style'], 0, strlen($this->theme_list[0]['default_style'])-4); |
|
133 |
} |
|
134 |
$this->theme_loaded = true; |
|
135 |
} |
|
136 |
||
137 |
function init_vars() |
|
138 |
{ |
|
139 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
140 |
global $email; |
|
141 |
||
142 |
dc_here("template: initializing all variables"); |
|
143 |
||
144 |
if(!$this->theme || !$this->style) |
|
145 |
{ |
|
146 |
$this->load_theme(); |
|
147 |
} |
|
148 |
||
149 |
if(defined('ENANO_TEMPLATE_LOADED')) |
|
150 |
{ |
|
151 |
dc_here('template: access denied to call template::init_vars(), bailing out'); |
|
152 |
die_semicritical('Illegal call', '<p>$template->load_theme was called multiple times, this is not supposed to happen. Exiting with fatal error.</p>'); |
|
153 |
} |
|
154 |
||
155 |
define('ENANO_TEMPLATE_LOADED', ''); |
|
156 |
||
157 |
$tplvars = $this->extract_vars('elements.tpl'); |
|
158 |
||
159 |
dc_here('template: setting all template vars'); |
|
160 |
||
161 |
if(isset($_SERVER['HTTP_USER_AGENT']) && strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE')) |
|
162 |
{ |
|
163 |
$this->add_header(' |
|
164 |
<!--[if lt IE 7]> |
|
165 |
<script language="JavaScript"> |
|
166 |
function correctPNG() // correctly handle PNG transparency in Win IE 5.5 & 6. |
|
167 |
{ |
|
168 |
var arVersion = navigator.appVersion.split("MSIE") |
|
169 |
var version = parseFloat(arVersion[1]) |
|
170 |
if (version >= 5.5 && typeof(document.body.filters) == "object") |
|
171 |
{ |
|
172 |
for(var i=0; i<document.images.length; i++) |
|
173 |
{ |
|
174 |
var img = document.images[i]; |
|
175 |
continue; |
|
176 |
var imgName = img.src.toUpperCase(); |
|
177 |
if (imgName.substring(imgName.length-3, imgName.length) == "PNG") |
|
178 |
{ |
|
179 |
var imgID = (img.id) ? "id=\'" + img.id + "\' " : ""; |
|
180 |
var imgClass = (img.className) ? "class=\'" + img.className + "\' " : ""; |
|
181 |
var imgTitle = (img.title) ? "title=\'" + img.title + "\' " : "title=\'" + img.alt + "\' "; |
|
182 |
var imgStyle = "display:inline-block;" + img.style.cssText; |
|
183 |
if (img.align == "left") imgStyle = "float:left;" + imgStyle; |
|
184 |
if (img.align == "right") imgStyle = "float:right;" + imgStyle; |
|
185 |
if (img.parentElement.href) imgStyle = "cursor:hand;" + imgStyle; |
|
186 |
var strNewHTML = "<span " + imgID + imgClass + imgTitle + " style=\\"" + "width:" + img.width + "px; height:" + img.height + "px;" + imgStyle + ";" + "filter:progid:DXImageTransform.Microsoft.AlphaImageLoader" + "(src=\\\'" + img.src + "\\\', sizingMethod=\'scale\');\\"></span>"; |
|
187 |
img.outerHTML = strNewHTML; |
|
188 |
i = i-1; |
|
189 |
} |
|
190 |
} |
|
191 |
} |
|
192 |
} |
|
193 |
window.attachEvent("onload", correctPNG); |
|
194 |
</script> |
|
195 |
<![endif]--> |
|
196 |
'); |
|
197 |
} |
|
198 |
||
199 |
// Get the "article" button text (depends on namespace) |
|
200 |
switch($paths->namespace) { |
|
201 |
case "Article": |
|
202 |
default: |
|
203 |
$ns = 'article'; |
|
204 |
break; |
|
205 |
case "Admin": |
|
206 |
$ns = 'administration page'; |
|
207 |
break; |
|
208 |
case "System": |
|
209 |
$ns = 'system message'; |
|
210 |
break; |
|
211 |
case "File": |
|
212 |
$ns = 'uploaded file'; |
|
213 |
break; |
|
214 |
case "Help": |
|
215 |
$ns = 'documentation page'; |
|
216 |
break; |
|
217 |
case "User": |
|
218 |
$ns = 'user page'; |
|
219 |
break; |
|
220 |
case "Special": |
|
221 |
$ns = 'special page'; |
|
222 |
break; |
|
223 |
case "Template": |
|
224 |
$ns = 'template'; |
|
225 |
break; |
|
226 |
case "Project": |
|
227 |
$ns = 'project page'; |
|
228 |
break; |
|
229 |
case "Category": |
|
230 |
$ns = 'category'; |
|
231 |
break; |
|
232 |
} |
|
233 |
$this->namespace_string = $ns; |
|
234 |
$code = $plugins->setHook('page_type_string_set'); |
|
235 |
foreach ( $code as $cmd ) |
|
236 |
{ |
|
237 |
eval($cmd); |
|
238 |
} |
|
239 |
$ns =& $this->namespace_string; |
|
240 |
||
241 |
// Initialize the toolbar |
|
242 |
$tb = ''; |
|
243 |
||
244 |
// Create "xx page" button |
|
245 |
||
246 |
$btn_selected = ( isset($tplvars['toolbar_button_selected'])) ? $tplvars['toolbar_button_selected'] : $tplvars['toolbar_button']; |
|
247 |
$parser = $this->makeParserText($btn_selected); |
|
248 |
||
249 |
$parser->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
250 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxReset()); return false; }" title="View the page contents, all of the page contents, and nothing but the page contents (alt-a)" accesskey="a"', |
1 | 251 |
'PARENTFLAGS' => 'id="mdgToolbar_article"', |
252 |
'HREF' => makeUrl($paths->page, null, true), |
|
253 |
'TEXT' => $this->namespace_string |
|
254 |
)); |
|
255 |
||
256 |
$tb .= $parser->run(); |
|
257 |
||
258 |
$button = $this->makeParserText($tplvars['toolbar_button']); |
|
259 |
||
260 |
// Page toolbar |
|
261 |
// Comments button |
|
262 |
if ( $session->get_permissions('read') && getConfig('enable_comments')=='1' && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $paths->cpage['comments_on'] == 1 ) |
|
263 |
{ |
|
264 |
||
265 |
$e = $db->sql_query('SELECT approved FROM '.table_prefix.'comments WHERE page_id=\''.$paths->cpage['urlname_nons'].'\' AND namespace=\''.$paths->namespace.'\';'); |
|
266 |
if ( !$e ) |
|
267 |
{ |
|
268 |
$db->_die(); |
|
269 |
} |
|
270 |
$nc = $db->numrows(); |
|
271 |
$nu = 0; |
|
272 |
$na = 0; |
|
273 |
||
274 |
while ( $r = $db->fetchrow() ) |
|
275 |
{ |
|
276 |
if ( !$r['approved'] ) |
|
277 |
{ |
|
278 |
$nu++; |
|
279 |
} |
|
280 |
else |
|
281 |
{ |
|
282 |
$na++; |
|
283 |
} |
|
284 |
} |
|
285 |
||
286 |
$db->free_result(); |
|
287 |
$n = ( $session->get_permissions('mod_comments') ) ? (string)$nc : (string)$na; |
|
288 |
if ( $session->get_permissions('mod_comments') && $nu > 0 ) |
|
289 |
{ |
|
290 |
$n .= ' total/'.$nu.' unapp.'; |
|
291 |
} |
|
292 |
||
293 |
$button->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
294 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxComments()); return false; }" title="View the comments that other users have posted about this page (alt-c)" accesskey="c"', |
1 | 295 |
'PARENTFLAGS' => 'id="mdgToolbar_discussion"', |
296 |
'HREF' => makeUrl($paths->page, 'do=comments', true), |
|
297 |
'TEXT' => 'discussion ('.$n.')', |
|
298 |
)); |
|
299 |
||
300 |
$tb .= $button->run(); |
|
301 |
} |
|
302 |
// Edit button |
|
303 |
if($session->get_permissions('read') && ($paths->namespace != 'Special' && $paths->namespace != 'Admin') && ( $session->get_permissions('edit_page') && ( ( $paths->page_protected && $session->get_permissions('even_when_protected') ) || !$paths->page_protected ) ) ) |
|
304 |
{ |
|
305 |
$button->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
306 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxEditor()); return false; }" title="Edit the contents of this page (alt-e)" accesskey="e"', |
1 | 307 |
'PARENTFLAGS' => 'id="mdgToolbar_edit"', |
308 |
'HREF' => makeUrl($paths->page, 'do=edit', true), |
|
309 |
'TEXT' => 'edit this page' |
|
310 |
)); |
|
311 |
$tb .= $button->run(); |
|
312 |
// View source button |
|
313 |
} |
|
314 |
else if($session->get_permissions('view_source') && ( !$session->get_permissions('edit_page') || !$session->get_permissions('even_when_protected') && $paths->page_protected ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin') |
|
315 |
{ |
|
316 |
$button->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
317 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxViewSource()); return false; }" title="View the source code (wiki markup) that this page uses (alt-e)" accesskey="e"', |
1 | 318 |
'PARENTFLAGS' => 'id="mdgToolbar_edit"', |
319 |
'HREF' => makeUrl($paths->page, 'do=viewsource', true), |
|
320 |
'TEXT' => 'view source' |
|
321 |
)); |
|
322 |
$tb .= $button->run(); |
|
323 |
} |
|
324 |
// History button |
|
325 |
if ( $session->get_permissions('read') /* && $paths->wiki_mode */ && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('history_view') ) |
|
326 |
{ |
|
327 |
$button->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
328 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxHistory()); return false; }" title="View a log of actions taken on this page (alt-h)" accesskey="h"', |
1 | 329 |
'PARENTFLAGS' => 'id="mdgToolbar_history"', |
330 |
'HREF' => makeUrl($paths->page, 'do=history', true), |
|
331 |
'TEXT' => 'history' |
|
332 |
)); |
|
333 |
$tb .= $button->run(); |
|
334 |
} |
|
335 |
||
336 |
$menubtn = $this->makeParserText($tplvars['toolbar_menu_button']); |
|
337 |
||
338 |
// Additional actions menu |
|
339 |
// Rename button |
|
340 |
if ( $session->get_permissions('read') && $paths->page_exists && ( $session->get_permissions('rename') && ( $paths->page_protected && $session->get_permissions('even_when_protected') || !$paths->page_protected ) ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin' ) |
|
341 |
{ |
|
342 |
$menubtn->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
343 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxRename()); return false; }" title="Change the display name of this page (alt-r)" accesskey="r"', |
1 | 344 |
'HREF' => makeUrl($paths->page, 'do=rename', true), |
345 |
'TEXT' => 'rename', |
|
346 |
)); |
|
347 |
$this->toolbar_menu .= $menubtn->run(); |
|
348 |
} |
|
349 |
||
350 |
// Vote-to-delete button |
|
351 |
if ( $paths->wiki_mode && $session->get_permissions('vote_delete') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin') |
|
352 |
{ |
|
353 |
$menubtn->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
354 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxDelVote()); return false; }" title="Vote to have this page deleted (alt-d)" accesskey="d"', |
1 | 355 |
'HREF' => makeUrl($paths->page, 'do=delvote', true), |
356 |
'TEXT' => 'vote to delete this page', |
|
357 |
)); |
|
358 |
$this->toolbar_menu .= $menubtn->run(); |
|
359 |
} |
|
360 |
||
361 |
// Clear-votes button |
|
362 |
if ( $session->get_permissions('read') && $paths->wiki_mode && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('vote_reset') && $paths->cpage['delvotes'] > 0) |
|
363 |
{ |
|
364 |
$menubtn->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
365 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxResetDelVotes()); return false; }" title="Vote to have this page deleted (alt-y)" accesskey="y"', |
1 | 366 |
'HREF' => makeUrl($paths->page, 'do=resetvotes', true), |
367 |
'TEXT' => 'reset deletion votes', |
|
368 |
)); |
|
369 |
$this->toolbar_menu .= $menubtn->run(); |
|
370 |
} |
|
371 |
||
372 |
// Printable page button |
|
373 |
if ( $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' ) |
|
374 |
{ |
|
375 |
$menubtn->assign_vars(array( |
|
376 |
'FLAGS' => 'title="View a version of this page that is suitable for printing"', |
|
377 |
'HREF' => makeUrl($paths->page, 'printable=yes', true), |
|
378 |
'TEXT' => 'view printable version', |
|
379 |
)); |
|
380 |
$this->toolbar_menu .= $menubtn->run(); |
|
381 |
} |
|
382 |
||
383 |
// Protect button |
|
384 |
if($session->get_permissions('read') && $paths->wiki_mode && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('protect')) |
|
385 |
{ |
|
386 |
||
387 |
$label = $this->makeParserText($tplvars['toolbar_label']); |
|
388 |
$label->assign_vars(array('TEXT' => 'protection:')); |
|
389 |
$t0 = $label->run(); |
|
390 |
||
391 |
$ctmp = ''; |
|
392 |
if ( $paths->cpage['protected'] == 1 ) |
|
393 |
{ |
|
394 |
$ctmp=' style="text-decoration: underline;"'; |
|
395 |
} |
|
396 |
$menubtn->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
397 |
'FLAGS' => 'accesskey="i" onclick="if ( !KILL_SWITCH ) { ajaxProtect(1); return false; }" id="protbtn_1" title="Prevents all non-administrators from editing this page. [alt-i]"'.$ctmp, |
1 | 398 |
'HREF' => makeUrl($paths->page, 'do=protect&level=1', true), |
399 |
'TEXT' => 'on' |
|
400 |
)); |
|
401 |
$t1 = $menubtn->run(); |
|
402 |
||
403 |
$ctmp = ''; |
|
404 |
if ( $paths->cpage['protected'] == 0 ) |
|
405 |
{ |
|
406 |
$ctmp=' style="text-decoration: underline;"'; |
|
407 |
} |
|
408 |
$menubtn->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
409 |
'FLAGS' => 'accesskey="o" onclick="if ( !KILL_SWITCH ) { ajaxProtect(0); return false; }" id="protbtn_0" title="Allows everyone to edit this page. [alt-o]"'.$ctmp, |
1 | 410 |
'HREF' => makeUrl($paths->page, 'do=protect&level=0', true), |
411 |
'TEXT' => 'off' |
|
412 |
)); |
|
413 |
$t2 = $menubtn->run(); |
|
414 |
||
415 |
$ctmp = ''; |
|
416 |
if ( $paths->cpage['protected'] == 2 ) |
|
417 |
{ |
|
418 |
$ctmp = ' style="text-decoration: underline;"'; |
|
419 |
} |
|
420 |
$menubtn->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
421 |
'FLAGS' => 'accesskey="p" onclick="if ( !KILL_SWITCH ) { ajaxProtect(2); return false; }" id="protbtn_2" title="Allows only users who have been registered for 4 days to edit this page. [alt-p]"'.$ctmp, |
1 | 422 |
'HREF' => makeUrl($paths->page, 'do=protect&level=2', true), |
423 |
'TEXT' => 'semi' |
|
424 |
)); |
|
425 |
$t3 = $menubtn->run(); |
|
426 |
||
427 |
$this->toolbar_menu .= ' <table border="0" cellspacing="0" cellpadding="0"> |
|
428 |
<tr> |
|
429 |
<td>'.$t0.'</td> |
|
430 |
<td>'.$t1.'</td> |
|
431 |
<td>'.$t2.'</td> |
|
432 |
<td>'.$t3.'</td> |
|
433 |
</tr> |
|
434 |
</table>'; |
|
435 |
} |
|
436 |
||
437 |
// Wiki mode button |
|
438 |
if($session->get_permissions('read') && $paths->page_exists && $session->get_permissions('set_wiki_mode') && $paths->namespace != 'Special' && $paths->namespace != 'Admin') |
|
439 |
{ |
|
440 |
// label at start |
|
441 |
$label = $this->makeParserText($tplvars['toolbar_label']); |
|
442 |
$label->assign_vars(array('TEXT' => 'page wiki mode:')); |
|
443 |
$t0 = $label->run(); |
|
444 |
||
445 |
// on button |
|
446 |
$ctmp = ''; |
|
447 |
if ( $paths->cpage['wiki_mode'] == 1 ) |
|
448 |
{ |
|
449 |
$ctmp = ' style="text-decoration: underline;"'; |
|
450 |
} |
|
451 |
$menubtn->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
452 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(1); return false; }" id="wikibtn_1" title="Forces wiki functions to be allowed on this page."'.$ctmp, |
1 | 453 |
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=1', true), |
454 |
'TEXT' => 'on' |
|
455 |
)); |
|
456 |
$t1 = $menubtn->run(); |
|
457 |
||
458 |
// off button |
|
459 |
$ctmp = ''; |
|
460 |
if ( $paths->cpage['wiki_mode'] == 0 ) |
|
461 |
{ |
|
462 |
$ctmp=' style="text-decoration: underline;"'; |
|
463 |
} |
|
464 |
$menubtn->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
465 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(0); return false; }" id="wikibtn_0" title="Forces wiki functions to be disabled on this page."'.$ctmp, |
1 | 466 |
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=0', true), |
467 |
'TEXT' => 'off' |
|
468 |
)); |
|
469 |
$t2 = $menubtn->run(); |
|
470 |
||
471 |
// global button |
|
472 |
$ctmp = ''; |
|
473 |
if ( $paths->cpage['wiki_mode'] == 2 ) |
|
474 |
{ |
|
475 |
$ctmp=' style="text-decoration: underline;"'; |
|
476 |
} |
|
477 |
$menubtn->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
478 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(2); return false; }" id="wikibtn_2" title="Causes this page to use the global wiki mode setting (default)"'.$ctmp, |
1 | 479 |
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=2', true), |
480 |
'TEXT' => 'global' |
|
481 |
)); |
|
482 |
$t3 = $menubtn->run(); |
|
483 |
||
484 |
// Tack it onto the list of buttons that are already there... |
|
485 |
$this->toolbar_menu .= ' <table border="0" cellspacing="0" cellpadding="0"> |
|
486 |
<tr> |
|
487 |
<td>'.$t0.'</td> |
|
488 |
<td>'.$t1.'</td> |
|
489 |
<td>'.$t2.'</td> |
|
490 |
<td>'.$t3.'</td> |
|
491 |
</tr> |
|
492 |
</table>'; |
|
493 |
} |
|
494 |
||
495 |
// Clear logs button |
|
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
13
diff
changeset
|
496 |
if ( $session->get_permissions('read') && $session->get_permissions('clear_logs') && $paths->namespace != 'Special' && $paths->namespace != 'Admin' ) |
1 | 497 |
{ |
498 |
$menubtn->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
499 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxClearLogs()); return false; }" title="Remove all edit and action logs for this page from the database. IRREVERSIBLE! (alt-l)" accesskey="l"', |
1 | 500 |
'HREF' => makeUrl($paths->page, 'do=flushlogs', true), |
501 |
'TEXT' => 'clear page logs', |
|
502 |
)); |
|
503 |
$this->toolbar_menu .= $menubtn->run(); |
|
504 |
} |
|
505 |
||
506 |
// Delete page button |
|
507 |
if ( $session->get_permissions('read') && $session->get_permissions('delete_page') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' ) |
|
508 |
{ |
|
509 |
$s = 'delete this page'; |
|
510 |
if ( $paths->cpage['delvotes'] == 1 ) |
|
511 |
{ |
|
512 |
$s .= ' (<b>'.$paths->cpage['delvotes'].'</b> vote)'; |
|
513 |
} |
|
514 |
else if ( $paths->cpage['delvotes'] > 1 ) |
|
515 |
{ |
|
516 |
$s .= ' (<b>'.$paths->cpage['delvotes'].'</b> votes)'; |
|
517 |
} |
|
518 |
||
519 |
$menubtn->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
520 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxDeletePage()); return false; }" title="Delete this page. This is always reversible unless the logs are cleared. (alt-k)" accesskey="k"', |
1 | 521 |
'HREF' => makeUrl($paths->page, 'do=deletepage', true), |
522 |
'TEXT' => $s, |
|
523 |
)); |
|
524 |
$this->toolbar_menu .= $menubtn->run(); |
|
525 |
||
526 |
} |
|
527 |
||
528 |
// Password-protect button |
|
529 |
if(isset($paths->cpage['password'])) |
|
530 |
{ |
|
531 |
if ( $paths->cpage['password'] == '' ) |
|
532 |
{ |
|
533 |
$a = $session->get_permissions('password_set'); |
|
534 |
} |
|
535 |
else |
|
536 |
{ |
|
537 |
$a = $session->get_permissions('password_reset'); |
|
538 |
} |
|
539 |
} |
|
540 |
else |
|
541 |
{ |
|
542 |
$a = $session->get_permissions('password_set'); |
|
543 |
} |
|
544 |
if ( $a && $session->get_permissions('read') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' ) |
|
545 |
{ |
|
546 |
// label at start |
|
547 |
$label = $this->makeParserText($tplvars['toolbar_label']); |
|
13
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
parents:
1
diff
changeset
|
548 |
$label->assign_vars(array('TEXT' => 'page password:')); |
1 | 549 |
$t0 = $label->run(); |
550 |
||
551 |
$menubtn->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
552 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxSetPassword()); return false; }" title="Require a password in order for this page to be viewed"', |
1 | 553 |
'HREF' => '#', |
554 |
'TEXT' => 'set', |
|
555 |
)); |
|
556 |
$t = $menubtn->run(); |
|
557 |
||
558 |
$this->toolbar_menu .= '<table border="0" cellspacing="0" cellpadding="0"><tr><td>'.$t0.'</td><td><input type="password" id="mdgPassSetField" size="10" /></td><td>'.$t.'</td></tr></table>'; |
|
559 |
} |
|
560 |
||
561 |
// Manage ACLs button |
|
562 |
if($session->get_permissions('edit_acl') || $session->user_level >= USER_LEVEL_ADMIN) |
|
563 |
{ |
|
564 |
$menubtn->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
565 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { return ajaxOpenACLManager(); }" title="Manage who can do what with this page (alt-m)" accesskey="m"', |
1 | 566 |
'HREF' => makeUrl($paths->page, 'do=aclmanager', true), |
567 |
'TEXT' => 'manage page access', |
|
568 |
)); |
|
569 |
$this->toolbar_menu .= $menubtn->run(); |
|
570 |
} |
|
571 |
||
572 |
// Administer page button |
|
573 |
if ( $session->user_level >= USER_LEVEL_ADMIN && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' ) |
|
574 |
{ |
|
575 |
$menubtn->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
576 |
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxAdminPage()); return false; }" title="Administrative options for this page" accesskey="g"', |
1 | 577 |
'HREF' => makeUrlNS('Special', 'Administration', 'module='.$paths->nslist['Admin'].'PageManager', true), |
578 |
'TEXT' => 'administrative options', |
|
579 |
)); |
|
580 |
$this->toolbar_menu .= $menubtn->run(); |
|
581 |
} |
|
582 |
||
583 |
if ( strlen($this->toolbar_menu) > 0 ) |
|
584 |
{ |
|
585 |
$button->assign_vars(array( |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
586 |
'FLAGS' => 'id="mdgToolbar_moreoptions" onclick="if ( !KILL_SWITCH ) { return false; }" title="Additional options for working with this page"', |
1 | 587 |
'PARENTFLAGS' => '', |
588 |
'HREF' => makeUrl($paths->page, 'do=moreoptions', true), |
|
589 |
'TEXT' => 'more options' |
|
590 |
)); |
|
591 |
$tb .= $button->run(); |
|
592 |
} |
|
593 |
||
594 |
$is_opera = (isset($_SERVER['HTTP_USER_AGENT']) && strstr($_SERVER['HTTP_USER_AGENT'], 'Opera')) ? true : false; |
|
595 |
||
596 |
$this->tpl_bool = Array( |
|
597 |
'auth_admin'=>$session->user_level >= USER_LEVEL_ADMIN ? true : false, |
|
598 |
'user_logged_in'=>$session->user_logged_in, |
|
599 |
'opera'=>$is_opera, |
|
600 |
); |
|
601 |
||
602 |
if($session->sid_super) { $ash = '&auth='.$session->sid_super; $asq = "?auth=".$session->sid_super; $asa = "&auth=".$session->sid_super; $as2 = htmlspecialchars(urlSeparator).'auth='.$session->sid_super; } |
|
603 |
else { $asq=''; $asa=''; $as2 = ''; $ash = ''; } |
|
604 |
||
605 |
$code = $plugins->setHook('compile_template'); |
|
606 |
foreach ( $code as $cmd ) |
|
607 |
{ |
|
608 |
eval($cmd); |
|
609 |
} |
|
610 |
||
611 |
// Some additional sidebar processing |
|
612 |
if($this->sidebar_extra != '') { |
|
613 |
$se = $this->sidebar_extra; |
|
614 |
$parser = $this->makeParserText($tplvars['sidebar_section_raw']); |
|
615 |
$parser->assign_vars(Array('TITLE'=>'Links','CONTENT'=>$se)); |
|
616 |
$this->sidebar_extra = $parser->run(); |
|
617 |
} |
|
618 |
||
619 |
$this->sidebar_extra = $this->sidebar_extra.$this->sidebar_widgets; |
|
620 |
||
621 |
$this->tpl_bool['fixed_menus'] = false; |
|
622 |
/* if($this->sidebar_extra == '') $this->tpl_bool['right_sidebar'] = false; |
|
623 |
else */ $this->tpl_bool['right_sidebar'] = true; |
|
624 |
||
625 |
$this->tpl_bool['auth_rename'] = ( $paths->page_exists && ( $session->get_permissions('rename') && ( $paths->page_protected && $session->get_permissions('even_when_protected') || !$paths->page_protected ) ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin'); |
|
626 |
||
627 |
$this->tpl_bool['enable_uploads'] = ( getConfig('enable_uploads') == '1' && $session->get_permissions('upload_files') ) ? true : false; |
|
628 |
||
629 |
$this->tpl_bool['stupid_mode'] = false; |
|
630 |
||
631 |
if($paths->page == $paths->nslist['Special'].'Administration') $this->tpl_bool['in_admin'] = true; |
|
632 |
else $this->tpl_bool['in_admin'] = false; |
|
633 |
||
634 |
$p = ( isset($_GET['printable']) ) ? '/printable' : ''; |
|
635 |
||
636 |
// Add the e-mail address client code to the header |
|
637 |
$this->add_header($email->jscode()); |
|
638 |
||
639 |
// Generate the code for the Log out and Change theme sidebar buttons |
|
640 |
// Once again, the new template parsing system can be used here |
|
641 |
||
642 |
$parser = $this->makeParserText($tplvars['sidebar_button']); |
|
643 |
||
644 |
$parser->assign_vars(Array( |
|
645 |
'HREF'=>makeUrlNS('Special', 'Logout'), |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
646 |
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { mb_logout(); return false; }"', |
1 | 647 |
'TEXT'=>'Log out', |
648 |
)); |
|
649 |
||
650 |
$logout_link = $parser->run(); |
|
651 |
||
652 |
$parser->assign_vars(Array( |
|
653 |
'HREF'=>makeUrlNS('Special', 'Login/' . $paths->page), |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
654 |
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { ajaxStartLogin(); return false; }"', |
1 | 655 |
'TEXT'=>'Log in', |
656 |
)); |
|
657 |
||
658 |
$login_link = $parser->run(); |
|
659 |
||
660 |
$parser->assign_vars(Array( |
|
661 |
'HREF'=>makeUrlNS('Special', 'ChangeStyle/'.$paths->page), |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
662 |
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { ajaxChangeStyle(); return false; }"', |
1 | 663 |
'TEXT'=>'Change theme', |
664 |
)); |
|
665 |
||
666 |
$theme_link = $parser->run(); |
|
667 |
||
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
parents:
59
diff
changeset
|
668 |
$parser->assign_vars(Array( |
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
parents:
59
diff
changeset
|
669 |
'HREF'=>makeUrlNS('Special', 'Administration'), |
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
parents:
59
diff
changeset
|
670 |
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { void(ajaxStartAdminLogin()); return false; }"', |
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
parents:
59
diff
changeset
|
671 |
'TEXT'=>'Administration', |
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
parents:
59
diff
changeset
|
672 |
)); |
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
parents:
59
diff
changeset
|
673 |
|
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
parents:
59
diff
changeset
|
674 |
$admin_link = $parser->run(); |
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
parents:
59
diff
changeset
|
675 |
|
1 | 676 |
$SID = ($session->sid_super) ? $session->sid_super : ''; |
677 |
||
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
13
diff
changeset
|
678 |
$urlname_clean = str_replace('\'', '\\\'', str_replace('\\', '\\\\', dirtify_page_id($paths->fullpage))); |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
13
diff
changeset
|
679 |
$urlname_clean = strtr( $urlname_clean, array( '<' => '<', '>' => '>' ) ); |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
13
diff
changeset
|
680 |
|
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
681 |
$urlname_jssafe = sanitize_page_id($paths->fullpage); |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
682 |
|
1 | 683 |
// Generate the dynamic javascript vars |
684 |
$js_dynamic = ' <script type="text/javascript">// <![CDATA[ |
|
685 |
// This section defines some basic and very important variables that are used later in the static Javascript library. |
|
686 |
// SKIN DEVELOPERS: The template variable for this code block is {JS_DYNAMIC_VARS}. This MUST be inserted BEFORE the tag that links to the main Javascript lib. |
|
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
687 |
var title=\''. $urlname_jssafe .'\'; |
1 | 688 |
var page_exists='. ( ( $paths->page_exists) ? 'true' : 'false' ) .'; |
689 |
var scriptPath=\''. scriptPath .'\'; |
|
690 |
var contentPath=\''.contentPath.'\'; |
|
691 |
var ENANO_SID =\'' . $SID . '\'; |
|
692 |
var auth_level=' . $session->auth_level . '; |
|
693 |
var USER_LEVEL_GUEST = ' . USER_LEVEL_GUEST . '; |
|
694 |
var USER_LEVEL_MEMBER = ' . USER_LEVEL_MEMBER . '; |
|
695 |
var USER_LEVEL_CHPREF = ' . USER_LEVEL_CHPREF . '; |
|
696 |
var USER_LEVEL_MOD = ' . USER_LEVEL_MOD . '; |
|
697 |
var USER_LEVEL_ADMIN = ' . USER_LEVEL_ADMIN . '; |
|
698 |
var editNotice = \'' . ( (getConfig('wiki_edit_notice')=='1') ? str_replace("\n", "\\\n", RenderMan::render(getConfig('wiki_edit_notice_text'))) : '' ) . '\'; |
|
699 |
var prot = ' . ( ($paths->page_protected && !$session->get_permissions('even_when_protected')) ? 'true' : 'false' ) .'; // No, hacking this var won\'t work, it\'s re-checked on the server |
|
700 |
var ENANO_SPECIAL_CREATEPAGE = \''. makeUrl($paths->nslist['Special'].'CreatePage') .'\'; |
|
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
13
diff
changeset
|
701 |
var ENANO_CREATEPAGE_PARAMS = \'_do=&pagename='. $urlname_clean .'&namespace=' . $paths->namespace . '\'; |
1 | 702 |
var ENANO_SPECIAL_CHANGESTYLE = \''. makeUrlNS('Special', 'ChangeStyle') .'\'; |
703 |
var namespace_list = new Array(); |
|
704 |
var AES_BITS = '.AES_BITS.'; |
|
705 |
var AES_BLOCKSIZE = '.AES_BLOCKSIZE.'; |
|
706 |
var pagepass = \''. ( ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '' ) .'\'; |
|
707 |
var ENANO_THEME_LIST = \''; |
|
708 |
foreach($this->theme_list as $t) { |
|
709 |
if($t['enabled']) |
|
710 |
{ |
|
711 |
$js_dynamic .= '<option value="'.$t['theme_id'].'"'; |
|
29
e5484a9e0818
Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents:
27
diff
changeset
|
712 |
// if($t['theme_id'] == $session->theme) $js_dynamic .= ' selected="selected"'; |
1 | 713 |
$js_dynamic .= '>'.$t['theme_name'].'</option>'; |
714 |
} |
|
715 |
} |
|
716 |
$js_dynamic .= '\'; |
|
717 |
var ENANO_CURRENT_THEME = \''. $session->theme .'\';'; |
|
718 |
foreach($paths->nslist as $k => $c) |
|
719 |
{ |
|
720 |
$js_dynamic .= "namespace_list['{$k}'] = '$c';"; |
|
721 |
} |
|
722 |
$js_dynamic .= "\n //]]>\n </script>"; |
|
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
13
diff
changeset
|
723 |
|
1 | 724 |
$tpl_strings = Array( |
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
13
diff
changeset
|
725 |
'PAGE_NAME'=>htmlspecialchars($paths->cpage['name']), |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
13
diff
changeset
|
726 |
'PAGE_URLNAME'=> $urlname_clean, |
40
723bb7acf914
Fixed a lot of bugs with Safari and Konqueror; improved Opera compatibility
Dan
parents:
36
diff
changeset
|
727 |
'SITE_NAME'=>htmlspecialchars(getConfig('site_name')), |
1 | 728 |
'USERNAME'=>$session->username, |
40
723bb7acf914
Fixed a lot of bugs with Safari and Konqueror; improved Opera compatibility
Dan
parents:
36
diff
changeset
|
729 |
'SITE_DESC'=>htmlspecialchars(getConfig('site_desc')), |
1 | 730 |
'TOOLBAR'=>$tb, |
731 |
'SCRIPTPATH'=>scriptPath, |
|
732 |
'CONTENTPATH'=>contentPath, |
|
733 |
'ADMIN_SID_QUES'=>$asq, |
|
734 |
'ADMIN_SID_AMP'=>$asa, |
|
735 |
'ADMIN_SID_AMP_HTML'=>$ash, |
|
736 |
'ADMIN_SID_AUTO'=>$as2, |
|
737 |
'ADDITIONAL_HEADERS'=>$this->additional_headers, |
|
738 |
'COPYRIGHT'=>getConfig('copyright_notice'), |
|
739 |
'TOOLBAR_EXTRAS'=>$this->toolbar_menu, |
|
740 |
'REQUEST_URI'=>$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'], |
|
741 |
'STYLE_LINK'=>makeUrlNS('Special', 'CSS'.$p, null, true), //contentPath.$paths->nslist['Special'].'CSS' . $p, |
|
742 |
'LOGIN_LINK'=>$login_link, |
|
743 |
'LOGOUT_LINK'=>$logout_link, |
|
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
parents:
59
diff
changeset
|
744 |
'ADMIN_LINK'=>$admin_link, |
1 | 745 |
'THEME_LINK'=>$theme_link, |
746 |
'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme, |
|
747 |
'THEME_ID'=>$this->theme, |
|
748 |
'STYLE_ID'=>$this->style, |
|
749 |
'JS_DYNAMIC_VARS'=>$js_dynamic, |
|
750 |
'UNREAD_PMS'=>$session->unread_pms |
|
751 |
); |
|
752 |
||
753 |
foreach ( $paths->nslist as $ns_id => $ns_prefix ) |
|
754 |
{ |
|
755 |
$tpl_strings[ 'NS_' . strtoupper($ns_id) ] = $ns_prefix; |
|
756 |
} |
|
757 |
||
758 |
$this->tpl_strings = array_merge($tpl_strings, $this->tpl_strings); |
|
759 |
list($this->tpl_strings['SIDEBAR_LEFT'], $this->tpl_strings['SIDEBAR_RIGHT'], $min) = $this->fetch_sidebar(); |
|
760 |
$this->tpl_bool['sidebar_left'] = ( $this->tpl_strings['SIDEBAR_LEFT'] != $min) ? true : false; |
|
761 |
$this->tpl_bool['sidebar_right'] = ( $this->tpl_strings['SIDEBAR_RIGHT'] != $min) ? true : false; |
|
762 |
$this->tpl_bool['right_sidebar'] = $this->tpl_bool['sidebar_right']; // backward compatibility |
|
763 |
} |
|
764 |
||
765 |
function header($simple = false) |
|
766 |
{ |
|
767 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
768 |
ob_start(); |
|
769 |
||
770 |
if(!$this->theme_loaded) |
|
771 |
{ |
|
772 |
$this->load_theme($session->theme, $session->style); |
|
773 |
} |
|
774 |
||
775 |
$headers_sent = true; |
|
776 |
dc_here('template: generating and sending the page header'); |
|
777 |
if(!defined('ENANO_HEADERS_SENT')) |
|
778 |
define('ENANO_HEADERS_SENT', ''); |
|
779 |
if(!$this->no_headers) echo ( $simple ) ? $this->process_template('simple-header.tpl') : $this->process_template('header.tpl'); |
|
780 |
if ( !$simple && $session->user_logged_in && $session->unread_pms > 0 ) |
|
781 |
{ |
|
782 |
echo $this->notify_unread_pms(); |
|
783 |
} |
|
784 |
if ( !$simple && $session->sw_timed_out ) |
|
785 |
{ |
|
786 |
$login_link = makeUrlNS('Special', 'Login/' . $paths->fullpage, 'level=' . $session->user_level, true); |
|
787 |
echo '<div class="usermessage">'; |
|
788 |
echo '<b>Your administrative session has timed out.</b> <a href="' . $login_link . '">Log in again</a>'; |
|
789 |
echo '</div>'; |
|
790 |
} |
|
30 | 791 |
if ( $this->site_disabled && $session->user_level >= USER_LEVEL_ADMIN && ( $paths->page != $paths->nslist['Special'] . 'Administration' ) ) |
792 |
{ |
|
793 |
$admin_link = makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'GeneralConfig', true); |
|
794 |
echo '<div class="usermessage"><b>The site is currently disabled and thus is only accessible to administrators.</b><br /> |
|
795 |
You can re-enable the site through the <a href="' . $admin_link . '">administration panel</a>. |
|
796 |
</div>'; |
|
797 |
} |
|
1 | 798 |
} |
799 |
function footer($simple = false) |
|
800 |
{ |
|
801 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
802 |
dc_here('template: generating and sending the page footer'); |
|
803 |
if(!$this->no_headers) { |
|
804 |
||
805 |
if(!defined('ENANO_HEADERS_SENT')) |
|
806 |
$this->header(); |
|
807 |
||
808 |
global $_starttime; |
|
809 |
if(isset($_GET['sqldbg']) && $session->get_permissions('mod_misc')) |
|
810 |
{ |
|
811 |
echo '<h3>Query list as requested on URI</h3><pre style="margin-left: 1em">'; |
|
812 |
echo $db->sql_backtrace(); |
|
813 |
echo '</pre>'; |
|
814 |
} |
|
815 |
||
816 |
$f = microtime_float(); |
|
817 |
$f = $f - $_starttime; |
|
818 |
$f = round($f, 4); |
|
819 |
$dbg = 'Time: '.$f.'s | Queries: '.$db->num_queries; |
|
820 |
$t = ( $simple ) ? $this->process_template('simple-footer.tpl') : $this->process_template('footer.tpl'); |
|
821 |
$t = str_replace('[[Stats]]', $dbg, $t); |
|
822 |
$t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t); |
|
823 |
$t = str_replace('[[GenTime]]', (string)$f, $t); |
|
824 |
echo $t; |
|
825 |
||
826 |
ob_end_flush(); |
|
827 |
} |
|
828 |
else return ''; |
|
829 |
} |
|
830 |
function getHeader() |
|
831 |
{ |
|
832 |
$headers_sent = true; |
|
833 |
dc_here('template: generating and sending the page header'); |
|
834 |
if(!defined('ENANO_HEADERS_SENT')) |
|
835 |
define('ENANO_HEADERS_SENT', ''); |
|
836 |
if(!$this->no_headers) return $this->process_template('header.tpl'); |
|
837 |
} |
|
838 |
function getFooter() |
|
839 |
{ |
|
840 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
841 |
dc_here('template: generating and sending the page footer'); |
|
842 |
if(!$this->no_headers) { |
|
843 |
global $_starttime; |
|
844 |
$t = ''; |
|
845 |
||
846 |
if(isset($_GET['sqldbg']) && $session->get_permissions('mod_misc')) |
|
847 |
{ |
|
848 |
$t .= '<h3>Query list as requested on URI</h3><pre style="margin-left: 1em">'; |
|
849 |
$t .= $db->sql_backtrace(); |
|
850 |
$t .= '</pre>'; |
|
851 |
} |
|
852 |
||
853 |
$f = microtime_float(); |
|
854 |
$f = $f - $_starttime; |
|
855 |
$f = round($f, 4); |
|
856 |
$dbg = 'Time: '.$f.'s | Queries: '.$db->num_queries; |
|
857 |
$t.= $this->process_template('footer.tpl'); |
|
858 |
$t = str_replace('[[Stats]]', $dbg, $t); |
|
859 |
$t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t); |
|
860 |
$t = str_replace('[[GenTime]]', (string)$f, $t); |
|
861 |
return $t; |
|
862 |
} |
|
863 |
else return ''; |
|
864 |
} |
|
865 |
||
866 |
function process_template($file) { |
|
867 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
868 |
if(!defined('ENANO_TEMPLATE_LOADED')) |
|
869 |
{ |
|
870 |
$this->load_theme(); |
|
871 |
$this->init_vars(); |
|
872 |
} |
|
873 |
eval($this->compile_template($file)); |
|
874 |
return $tpl_code; |
|
875 |
} |
|
876 |
||
877 |
function extract_vars($file) { |
|
878 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
879 |
if(!$this->theme) |
|
880 |
{ |
|
881 |
die('$template->extract_vars(): theme not yet loaded, so we can\'t open template files yet...this is a bug and should be reported.<br /><br />Backtrace, most recent call first:<pre>'.enano_debug_print_backtrace(true).'</pre>'); |
|
882 |
} |
|
883 |
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file)) die('Cannot find '.$file.' file for style "'.$this->theme.'", exiting'); |
|
884 |
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file); |
|
885 |
preg_match_all('#<\!-- VAR ([A-z0-9_-]*) -->(.*?)<\!-- ENDVAR \\1 -->#is', $text, $matches); |
|
886 |
$tplvars = Array(); |
|
887 |
for($i=0;$i<sizeof($matches[1]);$i++) |
|
888 |
{ |
|
889 |
$tplvars[$matches[1][$i]] = $matches[2][$i]; |
|
890 |
} |
|
891 |
return $tplvars; |
|
892 |
} |
|
893 |
function compile_template($text) { |
|
894 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
895 |
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text)) die('Cannot find '.$text.' file for style, exiting'); |
|
896 |
$n = $text; |
|
897 |
$tpl_filename = ENANO_ROOT . '/cache/' . $this->theme . '-' . str_replace('/', '-', $n) . '.php'; |
|
898 |
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text)) die('Cannot find '.$text.' file for style, exiting'); |
|
899 |
if(file_exists($tpl_filename) && getConfig('cache_thumbs')=='1') |
|
900 |
{ |
|
901 |
include($tpl_filename); |
|
902 |
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text); |
|
903 |
if(isset($md5) && $md5 == md5($text)) { |
|
904 |
return str_replace('\\"', '"', $tpl_text); |
|
905 |
} |
|
906 |
} |
|
907 |
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$n); |
|
908 |
||
909 |
$md5 = md5($text); |
|
910 |
||
911 |
$seed = md5 ( microtime() . mt_rand() ); |
|
912 |
preg_match_all("/<\?php(.*?)\?>/is", $text, $m); |
|
913 |
//die('<pre>'.htmlspecialchars(print_r($m, true)).'</pre>'); |
|
914 |
for($i = 0; $i < sizeof($m[1]); $i++) |
|
915 |
{ |
|
916 |
$text = str_replace("<?php{$m[1][$i]}?>", "{PHPCODE:{$i}:{$seed}}", $text); |
|
917 |
} |
|
918 |
//die('<pre>'.htmlspecialchars($text).'</pre>'); |
|
919 |
$text = 'ob_start(); echo \''.str_replace('\'', '\\\'', $text).'\'; $tpl_code = ob_get_contents(); ob_end_clean();'; |
|
920 |
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if(isset($this->tpl_bool[\'\\1\']) && $this->tpl_bool[\'\\1\']) { echo \'', $text); |
|
921 |
$text = preg_replace('#<!-- IFSET (.*?) -->#is', '\'; if(isset($this->tpl_strings[\'\\1\'])) { echo \'', $text); |
|
922 |
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { echo \'', $text); |
|
923 |
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '\'; echo $template->tplWikiFormat($paths->sysMsg(\'\\1\')); echo \'', $text); |
|
924 |
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { echo \'', $text); |
|
925 |
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { echo \'', $text); |
|
926 |
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } echo \'', $text); |
|
927 |
$text = preg_replace('#\{([A-z0-9]*)\}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text); |
|
928 |
for($i = 0; $i < sizeof($m[1]); $i++) |
|
929 |
{ |
|
930 |
$text = str_replace("{PHPCODE:{$i}:{$seed}}", "'; {$m[1][$i]} echo '", $text); |
|
931 |
} |
|
932 |
if(is_writable(ENANO_ROOT.'/cache/') && getConfig('cache_thumbs')=='1') |
|
933 |
{ |
|
934 |
//die($tpl_filename); |
|
935 |
$h = fopen($tpl_filename, 'w'); |
|
936 |
if(!$h) return $text; |
|
937 |
$t = addslashes($text); |
|
938 |
fwrite($h, '<?php $md5 = \''.$md5.'\'; $tpl_text = \''.$t.'\'; ?>'); |
|
939 |
fclose($h); |
|
940 |
} |
|
941 |
return $text; //('<pre>'.htmlspecialchars($text).'</pre>'); |
|
942 |
} |
|
943 |
||
944 |
function compile_template_text($text) { |
|
945 |
$seed = md5 ( microtime() . mt_rand() ); |
|
946 |
preg_match_all("/<\?php(.*?)\?>/is", $text, $m); |
|
947 |
//die('<pre>'.htmlspecialchars(print_r($m, true)).'</pre>'); |
|
948 |
for($i = 0; $i < sizeof($m[1]); $i++) |
|
949 |
{ |
|
950 |
$text = str_replace("<?php{$m[1][$i]}?>", "{PHPCODE:{$i}:{$seed}}", $text); |
|
951 |
} |
|
952 |
//die('<pre>'.htmlspecialchars($text).'</pre>'); |
|
953 |
$text = 'ob_start(); echo \''.str_replace('\'', '\\\'', $text).'\'; $tpl_code = ob_get_contents(); ob_end_clean(); return $tpl_code;'; |
|
954 |
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if(isset($this->tpl_bool[\'\\1\']) && $this->tpl_bool[\'\\1\']) { echo \'', $text); |
|
955 |
$text = preg_replace('#<!-- IFSET (.*?) -->#is', '\'; if(isset($this->tpl_strings[\'\\1\'])) { echo \'', $text); |
|
956 |
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { echo \'', $text); |
|
957 |
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '\'; echo $template->tplWikiFormat($paths->sysMsg(\'\\1\')); echo \'', $text); |
|
958 |
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { echo \'', $text); |
|
959 |
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { echo \'', $text); |
|
960 |
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } echo \'', $text); |
|
961 |
$text = preg_replace('#\{([A-z0-9]*)\}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text); |
|
962 |
for($i = 0; $i < sizeof($m[1]); $i++) |
|
963 |
{ |
|
964 |
$text = str_replace("{PHPCODE:{$i}:{$seed}}", "'; {$m[1][$i]} echo '", $text); |
|
965 |
} |
|
966 |
return $text; //('<pre>'.htmlspecialchars($text).'</pre>'); |
|
967 |
} |
|
968 |
||
969 |
function parse($text) |
|
970 |
{ |
|
971 |
$text = $this->compile_template_text($text); |
|
972 |
return eval($text); |
|
973 |
} |
|
974 |
||
975 |
// Steps to turn this: |
|
976 |
// [[Project:Community Portal]] |
|
977 |
// into this: |
|
978 |
// <a href="/Project:Community_Portal">Community Portal</a> |
|
979 |
// Must be done WITHOUT creating eval'ed code!!! |
|
980 |
||
981 |
// 1. preg_replace \[\[([a-zA-Z0-9 -_:]*?)\]\] with <a href="'.contentPath.'\\1">\\1</a> |
|
982 |
// 2. preg_match_all <a href="'.preg_quote(contentPath).'([a-zA-Z0-9 -_:]*?)"> |
|
983 |
// 3. For each match, replace matches with identifiers |
|
984 |
// 4. For each match, str_replace ' ' with '_' |
|
985 |
// 5. For each match, str_replace match_id:random_val with $matches[$match_id] |
|
986 |
||
987 |
// The template language is really a miniature programming language; with variables, conditionals, everything! |
|
988 |
// So you can implement custom logic into your sidebar if you wish. |
|
989 |
// "Real" PHP support coming soon :-D |
|
990 |
||
991 |
function tplWikiFormat($message, $filter_links = false, $filename = 'elements.tpl') { |
|
992 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
993 |
$filter_links = false; |
|
994 |
$tplvars = $this->extract_vars($filename); |
|
995 |
if($session->sid_super) $as = htmlspecialchars(urlSeparator).'auth='.$session->sid_super; |
|
996 |
else $as = ''; |
|
997 |
error_reporting(E_ALL); |
|
998 |
$random_id = sha1(microtime().''); // A temp value |
|
999 |
||
1000 |
/* |
|
1001 |
* PREPROCESSOR |
|
1002 |
*/ |
|
1003 |
||
1004 |
// Variables |
|
1005 |
||
1006 |
preg_match_all('#\$([A-Z_-]+)\$#', $message, $links); |
|
1007 |
$links = $links[1]; |
|
1008 |
||
1009 |
for($i=0;$i<sizeof($links);$i++) |
|
1010 |
{ |
|
1011 |
$message = str_replace('$'.$links[$i].'$', $this->tpl_strings[$links[$i]], $message); |
|
1012 |
} |
|
1013 |
||
1014 |
// Conditionals |
|
1015 |
||
1016 |
preg_match_all('#\{if ([A-Za-z0-9_ &\|\!-]*)\}(.*?)\{\/if\}#is', $message, $links); |
|
1017 |
||
1018 |
for($i=0;$i<sizeof($links[1]);$i++) |
|
1019 |
{ |
|
1020 |
$message = str_replace('{if '.$links[1][$i].'}'.$links[2][$i].'{/if}', '{CONDITIONAL:'.$i.':'.$random_id.'}', $message); |
|
1021 |
||
1022 |
// Time for some manual parsing... |
|
1023 |
$chk = false; |
|
1024 |
$current_id = ''; |
|
1025 |
$prn_level = 0; |
|
1026 |
// Used to keep track of where we are in the conditional |
|
1027 |
// Object of the game: turn {if this && ( that OR !something_else )} ... {/if} into if( ( isset($this->tpl_bool['that']) && $this->tpl_bool['that'] ) && ... |
|
1028 |
// Method of attack: escape all variables, ignore all else. Non-valid code is filtered out by a regex above. |
|
1029 |
$in_var_now = true; |
|
1030 |
$in_var_last = false; |
|
1031 |
$current_var = ''; |
|
1032 |
$current_var_start_pos = 0; |
|
1033 |
$current_var_end_pos = 0; |
|
1034 |
$j = -1; |
|
1035 |
$links[1][$i] = $links[1][$i] . ' '; |
|
1036 |
$d = strlen($links[1][$i]); |
|
1037 |
while($j < $d) |
|
1038 |
{ |
|
1039 |
$j++; |
|
1040 |
$in_var_last = $in_var_now; |
|
1041 |
||
1042 |
$char = substr($links[1][$i], $j, 1); |
|
1043 |
$in_var_now = ( preg_match('#^([A-z0-9_]*){1}$#', $char) ) ? true : false; |
|
1044 |
if(!$in_var_last && $in_var_now) |
|
1045 |
{ |
|
1046 |
$current_var_start_pos = $j; |
|
1047 |
} |
|
1048 |
if($in_var_last && !$in_var_now) |
|
1049 |
{ |
|
1050 |
$current_var_end_pos = $j; |
|
1051 |
} |
|
1052 |
if($in_var_now) |
|
1053 |
{ |
|
1054 |
$current_var .= $char; |
|
1055 |
continue; |
|
1056 |
} |
|
1057 |
// OK we are not inside of a variable. That means that we JUST hit the end because the counter ($j) will be advanced to the beginning of the next variable once processing here is complete. |
|
1058 |
if($char != ' ' && $char != '(' && $char != ')' && $char != 'A' && $char != 'N' && $char != 'D' && $char != 'O' && $char != 'R' && $char != '&' && $char != '|' && $char != '!' && $char != '<' && $char != '>' && $char != '0' && $char != '1' && $char != '2' && $char != '3' && $char != '4' && $char != '5' && $char != '6' && $char != '7' && $char != '8' && $char != '9') |
|
1059 |
{ |
|
1060 |
// XSS attack! Bail out |
|
1061 |
echo '<p><b>Error:</b> Syntax error (possibly XSS attack) caught in template code:</p>'; |
|
1062 |
echo '<pre>'; |
|
1063 |
echo '{if '.$links[1][$i].'}'; |
|
1064 |
echo "\n "; |
|
1065 |
for($k=0;$k<$j;$k++) echo " "; |
|
1066 |
echo '<span style="color: red;">^</span>'; |
|
1067 |
echo '</pre>'; |
|
1068 |
continue 2; |
|
1069 |
} |
|
1070 |
if($current_var != '') |
|
1071 |
{ |
|
1072 |
$cd = '( isset($this->tpl_bool[\''.$current_var.'\']) && $this->tpl_bool[\''.$current_var.'\'] )'; |
|
1073 |
$cvt = substr($links[1][$i], 0, $current_var_start_pos) . $cd . substr($links[1][$i], $current_var_end_pos, strlen($links[1][$i])); |
|
1074 |
$j = $j + strlen($cd) - strlen($current_var); |
|
1075 |
$current_var = ''; |
|
1076 |
$links[1][$i] = $cvt; |
|
1077 |
$d = strlen($links[1][$i]); |
|
1078 |
} |
|
1079 |
} |
|
1080 |
$links[1][$i] = substr($links[1][$i], 0, strlen($links[1][$i])-1); |
|
1081 |
$links[1][$i] = '$chk = ( '.$links[1][$i].' ) ? true : false;'; |
|
1082 |
eval($links[1][$i]); |
|
1083 |
||
1084 |
if($chk) { // isset($this->tpl_bool[$links[1][$i]]) && $this->tpl_bool[$links[1][$i]] |
|
1085 |
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], 0, strpos($links[2][$i], '{else}')); |
|
1086 |
else $c = $links[2][$i]; |
|
1087 |
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message); |
|
1088 |
} else { |
|
1089 |
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], strpos($links[2][$i], '{else}')+6, strlen($links[2][$i])); |
|
1090 |
else $c = ''; |
|
1091 |
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message); |
|
1092 |
} |
|
1093 |
} |
|
1094 |
||
1095 |
preg_match_all('#\{!if ([A-Za-z_-]*)\}(.*?)\{\/if\}#is', $message, $links); |
|
1096 |
||
1097 |
for($i=0;$i<sizeof($links[1]);$i++) |
|
1098 |
{ |
|
1099 |
$message = str_replace('{!if '.$links[1][$i].'}'.$links[2][$i].'{/if}', '{CONDITIONAL:'.$i.':'.$random_id.'}', $message); |
|
1100 |
if(isset($this->tpl_bool[$links[1][$i]]) && $this->tpl_bool[$links[1][$i]]) { |
|
1101 |
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], strpos($links[2][$i], '{else}')+6, strlen($links[2][$i])); |
|
1102 |
else $c = ''; |
|
1103 |
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message); |
|
1104 |
} else { |
|
1105 |
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], 0, strpos($links[2][$i], '{else}')); |
|
1106 |
else $c = $links[2][$i]; |
|
1107 |
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message); |
|
1108 |
} |
|
1109 |
} |
|
1110 |
||
1111 |
/* |
|
1112 |
* HTML RENDERER |
|
1113 |
*/ |
|
1114 |
||
1115 |
// Images |
|
1116 |
$j = preg_match_all('#\[\[:'.$paths->nslist['File'].'([\w\s0-9_\(\)!@%\^\+\|\.-]+?)\]\]#is', $message, $matchlist); |
|
1117 |
$matches = Array(); |
|
1118 |
$matches['images'] = $matchlist[1]; |
|
1119 |
for($i=0;$i<sizeof($matchlist[1]);$i++) |
|
1120 |
{ |
|
1121 |
if(isPage($paths->nslist['File'].$matches['images'][$i])) |
|
1122 |
{ |
|
1123 |
$message = str_replace('[[:'.$paths->nslist['File'].$matches['images'][$i].']]', |
|
1124 |
'<img alt="'.$matches['images'][$i].'" style="border: 0" src="'.makeUrlNS('Special', 'DownloadFile/'.$matches['images'][$i]).'" />', |
|
1125 |
$message); |
|
1126 |
} |
|
1127 |
} |
|
1128 |
||
1129 |
// Internal links |
|
1130 |
||
1131 |
$text_parser = $this->makeParserText($tplvars['sidebar_button']); |
|
1132 |
||
1133 |
preg_match_all('#\[\[([a-zA-Z0-9 -_]*?)\]\]#is', $message, $il); |
|
1134 |
for($i=0;$i<sizeof($il[1]);$i++) |
|
1135 |
{ |
|
1136 |
$href = makeUrl(str_replace(' ', '_', $il[1][$i]), null, true); |
|
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1137 |
$text_parser->assign_vars(Array( |
1 | 1138 |
'HREF' => $href, |
1139 |
'FLAGS' => '', |
|
1140 |
'TEXT' => $il[1][$i] |
|
1141 |
)); |
|
1142 |
$message = str_replace("[[{$il[1][$i]}]]", $text_parser->run(), $message); |
|
1143 |
} |
|
1144 |
||
1145 |
preg_match_all('#\[\[([a-zA-Z0-9 -_]*?)\|([a-zA-Z0-9!@\#\$%\^&\*\(\)\{\} -_]*?)\]\]#is', $message, $il); |
|
1146 |
for($i=0;$i<sizeof($il[1]);$i++) |
|
1147 |
{ |
|
1148 |
$href = makeUrl(str_replace(' ', '_', $il[1][$i]), null, true); |
|
1149 |
$text_parser->assign_vars(Array( |
|
1150 |
'HREF' => $href, |
|
1151 |
'FLAGS' => '', |
|
1152 |
'TEXT' => $il[2][$i] |
|
1153 |
)); |
|
1154 |
$message = str_replace("[[{$il[1][$i]}|{$il[2][$i]}]]", $text_parser->run(), $message); |
|
1155 |
} |
|
1156 |
||
1157 |
// External links |
|
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1158 |
// $message = preg_replace('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?) ([^\]]+)\\]#', '<a href="\\1://\\2">\\3</a><br style="display: none;" />', $message); |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1159 |
// $message = preg_replace('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\]#', '<a href="\\1://\\2">\\1://\\2</a><br style="display: none;" />', $message); |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1160 |
|
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1161 |
preg_match_all('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\ ([^\]]+)]#', $message, $ext_link); |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1162 |
|
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1163 |
for ( $i = 0; $i < count($ext_link[0]); $i++ ) |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1164 |
{ |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1165 |
$text_parser->assign_vars(Array( |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1166 |
'HREF' => "{$ext_link[1][$i]}://{$ext_link[2][$i]}", |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1167 |
'FLAGS' => '', |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1168 |
'TEXT' => $ext_link[3][$i] |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1169 |
)); |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1170 |
$message = str_replace($ext_link[0][$i], $text_parser->run(), $message); |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1171 |
} |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1172 |
|
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1173 |
preg_match_all('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\]#', $message, $ext_link); |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1174 |
|
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1175 |
for ( $i = 0; $i < count($ext_link[0]); $i++ ) |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1176 |
{ |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1177 |
$text_parser->assign_vars(Array( |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1178 |
'HREF' => "{$ext_link[1][$i]}://{$ext_link[2][$i]}", |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1179 |
'FLAGS' => '', |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1180 |
'TEXT' => htmlspecialchars("{$ext_link[1][$i]}://{$ext_link[2][$i]}") |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1181 |
)); |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1182 |
$message = str_replace($ext_link[0][$i], $text_parser->run(), $message); |
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
parents:
57
diff
changeset
|
1183 |
} |
1 | 1184 |
|
1185 |
$parser1 = $this->makeParserText($tplvars['sidebar_section']); |
|
1186 |
$parser2 = $this->makeParserText($tplvars['sidebar_section_raw']); |
|
1187 |
||
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
parents:
59
diff
changeset
|
1188 |
preg_match_all('#\{slider(2|)=([^\}]*?)\}(.*?)\{\/slider(2|)\}#is', $message, $sb); |
1 | 1189 |
|
1190 |
// Modified to support the sweet new template var system |
|
1191 |
for($i=0;$i<sizeof($sb[1]);$i++) |
|
1192 |
{ |
|
1193 |
$p = ($sb[1][$i] == '2') ? $parser2 : $parser1; |
|
1194 |
$p->assign_vars(Array('TITLE'=>$sb[2][$i],'CONTENT'=>$sb[3][$i])); |
|
1195 |
$message = str_replace("{slider{$sb[1][$i]}={$sb[2][$i]}}{$sb[3][$i]}{/slider{$sb[4][$i]}}", $p->run(), $message); |
|
1196 |
} |
|
1197 |
||
1198 |
/* |
|
1199 |
Extras ;-) |
|
1200 |
$message = preg_replace('##is', '', $message); |
|
1201 |
$message = preg_replace('##is', '', $message); |
|
1202 |
$message = preg_replace('##is', '', $message); |
|
1203 |
$message = preg_replace('##is', '', $message); |
|
1204 |
$message = preg_replace('##is', '', $message); |
|
1205 |
*/ |
|
1206 |
||
1207 |
//die('<pre>'.htmlspecialchars($message).'</pre>'); |
|
1208 |
//eval($message); exit; |
|
1209 |
return $message; |
|
1210 |
} |
|
1211 |
||
1212 |
/** |
|
1213 |
* Print a text field that auto-completes a username entered into it. |
|
1214 |
* @param string $name - the name of the form field |
|
1215 |
* @return string |
|
1216 |
*/ |
|
1217 |
||
1218 |
function username_field($name, $value = false) |
|
1219 |
{ |
|
1220 |
$randomid = md5( time() . microtime() . mt_rand() ); |
|
1221 |
$text = '<input name="'.$name.'" onkeyup="ajaxUserNameComplete(this)" autocomplete="off" type="text" size="30" id="userfield_'.$randomid.'"'; |
|
1222 |
if($value) $text .= ' value="'.$value.'"'; |
|
1223 |
$text .= ' />'; |
|
1224 |
return $text; |
|
1225 |
} |
|
1226 |
||
1227 |
/** |
|
1228 |
* Print a text field that auto-completes a page name entered into it. |
|
1229 |
* @param string $name - the name of the form field |
|
1230 |
* @return string |
|
1231 |
*/ |
|
1232 |
||
1233 |
function pagename_field($name, $value = false) |
|
1234 |
{ |
|
1235 |
$randomid = md5( time() . microtime() . mt_rand() ); |
|
1236 |
$text = '<input name="'.$name.'" onkeyup="ajaxPageNameComplete(this)" type="text" size="30" id="pagefield_'.$randomid.'"'; |
|
1237 |
if($value) $text .= ' value="'.$value.'"'; |
|
1238 |
$text .= ' />'; |
|
1239 |
$text .= '<script type="text/javascript"> |
|
1240 |
var inp = document.getElementById(\'pagefield_' . $randomid . '\'); |
|
1241 |
var f = get_parent_form(inp); |
|
1242 |
if ( f ) |
|
1243 |
{ |
|
1244 |
if ( typeof(f.onsubmit) != \'function\' ) |
|
1245 |
{ |
|
1246 |
f.onsubmit = function() { |
|
1247 |
if ( !submitAuthorized ) |
|
1248 |
{ |
|
1249 |
return false; |
|
1250 |
} |
|
1251 |
} |
|
1252 |
} |
|
1253 |
}</script>'; |
|
1254 |
return $text; |
|
1255 |
} |
|
1256 |
||
1257 |
/** |
|
1258 |
* Sends a textarea that can be converted to and from a TinyMCE widget on the fly. |
|
1259 |
* @param string The name of the form element |
|
1260 |
* @param string The initial content. Optional, defaults to blank |
|
1261 |
* @param int Rows in textarea |
|
1262 |
* @param int Columns in textarea |
|
1263 |
* @return string HTML and Javascript code. |
|
1264 |
*/ |
|
1265 |
||
1266 |
function tinymce_textarea($name, $content = '', $rows = 20, $cols = 60) |
|
1267 |
{ |
|
1268 |
$randomid = md5(microtime() . mt_rand()); |
|
1269 |
$html = ''; |
|
1270 |
$html .= '<textarea name="' . $name . '" rows="'.$rows.'" cols="'.$cols.'" style="width: 100%;" id="toggleMCEroot_'.$randomid.'">' . $content . '</textarea>'; |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
1271 |
$html .= '<div style="float: right; display: table;" id="mceSwitchAgent_' . $randomid . '">text editor | <a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">graphical editor</a></div>'; |
1 | 1272 |
$html .= '<script type="text/javascript"> |
1273 |
// <![CDATA[ |
|
1274 |
function toggleMCE_'.$randomid.'() |
|
1275 |
{ |
|
1276 |
var the_obj = document.getElementById(\'toggleMCEroot_' . $randomid . '\'); |
|
1277 |
var panel = document.getElementById(\'mceSwitchAgent_' . $randomid . '\'); |
|
1278 |
if ( the_obj.dnIsMCE == "yes" ) |
|
1279 |
{ |
|
1280 |
$dynano(the_obj).destroyMCE(); |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
1281 |
panel.innerHTML = \'text editor | <a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">graphical editor</a>\'; |
1 | 1282 |
} |
1283 |
else |
|
1284 |
{ |
|
1285 |
$dynano(the_obj).switchToMCE(); |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
1286 |
panel.innerHTML = \'<a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">text editor</a> | graphical editor\'; |
1 | 1287 |
} |
1288 |
} |
|
1289 |
// ]]> |
|
1290 |
</script>'; |
|
1291 |
return $html; |
|
1292 |
} |
|
1293 |
||
1294 |
/** |
|
1295 |
* Allows individual parsing of template files. Similar to phpBB but follows the spirit of object-oriented programming ;) |
|
1296 |
* Returns on object of class templateIndividual. Usage instructions can be found in the inline docs for that class. |
|
1297 |
* @param $filename the filename of the template to be parsed |
|
1298 |
* @return object |
|
1299 |
*/ |
|
1300 |
||
1301 |
function makeParser($filename) |
|
1302 |
{ |
|
1303 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
1304 |
$filename = ENANO_ROOT.'/themes/'.$template->theme.'/'.$filename; |
|
1305 |
if(!file_exists($filename)) die('templateIndividual: file '.$filename.' does not exist'); |
|
1306 |
$code = file_get_contents($filename); |
|
1307 |
$parser = new templateIndividual($code); |
|
1308 |
return $parser; |
|
1309 |
} |
|
1310 |
||
1311 |
/** |
|
1312 |
* Same as $template->makeParser(), but takes a string instead of a filename. |
|
1313 |
* @param $text the text to parse |
|
1314 |
* @return object |
|
1315 |
*/ |
|
1316 |
||
1317 |
function makeParserText($code) |
|
1318 |
{ |
|
1319 |
$parser = new templateIndividual($code); |
|
1320 |
return $parser; |
|
1321 |
} |
|
1322 |
||
1323 |
/** |
|
1324 |
* Fetch the HTML for a plugin-added sidebar block |
|
1325 |
* @param $name the plugin name |
|
1326 |
* @return string |
|
1327 |
*/ |
|
1328 |
||
1329 |
function fetch_block($id) |
|
1330 |
{ |
|
1331 |
if(isset($this->plugin_blocks[$id])) return $this->plugin_blocks[$id]; |
|
1332 |
else return false; |
|
1333 |
} |
|
1334 |
||
1335 |
/** |
|
1336 |
* Fetches the contents of both sidebars. |
|
1337 |
* @return array - key 0 is left, key 1 is right |
|
1338 |
* @example list($left, $right) = $template->fetch_sidebar(); |
|
1339 |
*/ |
|
1340 |
||
1341 |
function fetch_sidebar() |
|
1342 |
{ |
|
1343 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
1344 |
||
1345 |
$left = ''; |
|
1346 |
$right = ''; |
|
1347 |
||
1348 |
if ( !$this->fetch_block('Links') ) |
|
1349 |
$this->initLinksWidget(); |
|
1350 |
||
1351 |
$q = $db->sql_query('SELECT item_id,sidebar_id,block_name,block_type,block_content FROM '.table_prefix.'sidebar WHERE item_enabled=1 ORDER BY sidebar_id ASC, item_order ASC;'); |
|
1352 |
if(!$q) $db->_die('The sidebar text data could not be selected.'); |
|
1353 |
||
1354 |
$vars = $this->extract_vars('elements.tpl'); |
|
1355 |
||
1356 |
if(isset($vars['sidebar_top'])) |
|
1357 |
{ |
|
1358 |
$left .= $this->parse($vars['sidebar_top']); |
|
1359 |
$right .= $this->parse($vars['sidebar_top']); |
|
1360 |
} |
|
1361 |
while($row = $db->fetchrow()) |
|
1362 |
{ |
|
1363 |
switch($row['block_type']) |
|
1364 |
{ |
|
1365 |
case BLOCK_WIKIFORMAT: |
|
1366 |
default: |
|
1367 |
$parser = $this->makeParserText($vars['sidebar_section']); |
|
1368 |
$c = RenderMan::render($row['block_content']); |
|
1369 |
break; |
|
1370 |
case BLOCK_TEMPLATEFORMAT: |
|
1371 |
$parser = $this->makeParserText($vars['sidebar_section']); |
|
1372 |
$c = $this->tplWikiFormat($row['block_content']); |
|
1373 |
break; |
|
1374 |
case BLOCK_HTML: |
|
1375 |
$parser = $this->makeParserText($vars['sidebar_section_raw']); |
|
1376 |
$c = $row['block_content']; |
|
1377 |
break; |
|
1378 |
case BLOCK_PHP: |
|
1379 |
$parser = $this->makeParserText($vars['sidebar_section_raw']); |
|
1380 |
ob_start(); |
|
1381 |
@eval($row['block_content']); |
|
1382 |
$c = ob_get_contents(); |
|
1383 |
ob_end_clean(); |
|
1384 |
break; |
|
1385 |
case BLOCK_PLUGIN: |
|
1386 |
$parser = $this->makeParserText($vars['sidebar_section_raw']); |
|
1387 |
$c = (gettype($this->fetch_block($row['block_content'])) == 'string') ? $this->fetch_block($row['block_content']) : 'Can\'t find plugin block'; |
|
1388 |
break; |
|
1389 |
} |
|
1390 |
$parser->assign_vars(Array( 'TITLE'=>$this->tplWikiFormat($row['block_name']), 'CONTENT'=>$c )); |
|
1391 |
if ($row['sidebar_id'] == SIDEBAR_LEFT ) $left .= $parser->run(); |
|
1392 |
elseif($row['sidebar_id'] == SIDEBAR_RIGHT) $right .= $parser->run(); |
|
1393 |
unset($parser); |
|
1394 |
} |
|
1395 |
$db->free_result(); |
|
1396 |
if(isset($vars['sidebar_bottom'])) |
|
1397 |
{ |
|
1398 |
$left .= $this->parse($vars['sidebar_bottom']); |
|
1399 |
$right .= $this->parse($vars['sidebar_bottom']); |
|
1400 |
} |
|
1401 |
$min = ''; |
|
1402 |
if(isset($vars['sidebar_top'])) |
|
1403 |
{ |
|
1404 |
$min .= $this->parse($vars['sidebar_top']); |
|
1405 |
} |
|
1406 |
if(isset($vars['sidebar_bottom'])) |
|
1407 |
{ |
|
1408 |
$min .= $this->parse($vars['sidebar_bottom']); |
|
1409 |
} |
|
1410 |
return Array($left, $right, $min); |
|
1411 |
} |
|
1412 |
||
1413 |
function initLinksWidget() |
|
1414 |
{ |
|
1415 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
1416 |
// SourceForge/W3C buttons |
|
1417 |
$ob = Array(); |
|
27
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
parents:
22
diff
changeset
|
1418 |
$admintitle = ( $session->user_level >= USER_LEVEL_ADMIN ) ? 'title="You may disable this button in the admin panel under General Configuration."' : ''; |
1 | 1419 |
if(getConfig('sflogo_enabled')=='1') |
1420 |
{ |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
1421 |
$ob[] = '<a style="text-align: center;" href="http://sourceforge.net/" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border-width: 0px;" alt="SourceForge.net Logo" src="http://sflogo.sourceforge.net/sflogo.php?group_id='.getConfig('sflogo_groupid').'&type='.getConfig('sflogo_type').'" /></a>'; |
1 | 1422 |
} |
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
1423 |
if(getConfig('w3c_v32') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 3.2" src="http://www.w3.org/Icons/valid-html32" /></a>'; |
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
1424 |
if(getConfig('w3c_v40') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 4.0" src="http://www.w3.org/Icons/valid-html40" /></a>'; |
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
1425 |
if(getConfig('w3c_v401') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 4.01" src="http://www.w3.org/Icons/valid-html401" /></a>'; |
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
1426 |
if(getConfig('w3c_vxhtml10')=='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid XHTML 1.0" src="http://www.w3.org/Icons/valid-xhtml10" /></a>'; |
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
1427 |
if(getConfig('w3c_vxhtml11')=='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid XHTML 1.1" src="http://www.w3.org/Icons/valid-xhtml11" /></a>'; |
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
1428 |
if(getConfig('w3c_vcss') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid CSS" src="http://www.w3.org/Icons/valid-css" /></a>'; |
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
1429 |
if(getConfig('dbd_button') =='1') $ob[] = '<a style="text-align: center;" href="http://www.defectivebydesign.org/join/button" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="DRM technology restricts what you can do with your computer" src="http://defectivebydesign.org/sites/nodrm.civicactions.net/files/images/dbd_sm_btn.gif" /><br /><small>Protect your freedom >></small></a>'; |
1 | 1430 |
|
1431 |
$code = $plugins->setHook('links_widget'); |
|
1432 |
foreach ( $code as $cmd ) |
|
1433 |
{ |
|
1434 |
eval($cmd); |
|
1435 |
} |
|
1436 |
||
53 | 1437 |
if(count($ob) > 0) $sb_links = '<div style="text-align: center; padding: 5px 0;">'. ( ( getConfig('powered_btn') == '1' ) ? $this->fading_button : '' ) . implode('<br />', $ob).'</div>'; |
1 | 1438 |
else $sb_links = ''; |
1439 |
||
1440 |
$this->sidebar_widget('Links', $sb_links); |
|
1441 |
} |
|
1442 |
||
1443 |
/** |
|
1444 |
* Builds a box showing unread private messages. |
|
1445 |
*/ |
|
1446 |
||
1447 |
function notify_unread_pms() |
|
1448 |
{ |
|
1449 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
1450 |
if ( ( $paths->cpage['urlname_nons'] == 'PrivateMessages' || $paths->cpage['urlname_nons'] == 'Preferences' ) && $paths->namespace == 'Special' ) |
|
1451 |
{ |
|
1452 |
return ''; |
|
1453 |
} |
|
1454 |
$ob = '<div class="usermessage">'."\n"; |
|
1455 |
$s = ( $session->unread_pms == 1 ) ? '' : 's'; |
|
1456 |
$ob .= " <b>You have $session->unread_pms <a href=" . '"' . makeUrlNS('Special', 'PrivateMessages' ) . '"' . ">unread private message$s</a>.</b><br />\n Messages: "; |
|
1457 |
$q = $db->sql_query('SELECT message_id,message_from,subject,date FROM '.table_prefix.'privmsgs WHERE message_to=\'' . $session->username . '\' AND message_read=0 ORDER BY date DESC;'); |
|
1458 |
if ( !$q ) |
|
1459 |
$db->_die(); |
|
1460 |
$messages = array(); |
|
1461 |
while ( $row = $db->fetchrow() ) |
|
1462 |
{ |
|
1463 |
$messages[] = '<a href="' . makeUrlNS('Special', 'PrivateMessages/View/' . $row['message_id']) . '" title="Sent ' . date('F d, Y h:i a', $row['date']) . ' by ' . $row['message_from'] . '">' . $row['subject'] . '</a>'; |
|
1464 |
} |
|
1465 |
$ob .= implode(",\n " , $messages)."\n"; |
|
1466 |
$ob .= '</div>'."\n"; |
|
1467 |
return $ob; |
|
1468 |
} |
|
1469 |
||
1470 |
} // class template |
|
1471 |
||
1472 |
/** |
|
1473 |
* Handles parsing of an individual template file. Instances should only be created through $template->makeParser(). To use: |
|
1474 |
* - Call $template->makeParser(template file name) - file name should be something.tpl, css/whatever.css, etc. |
|
1475 |
* - Make an array of strings you want the template to access. $array['STRING'] would be referenced in the template like {STRING} |
|
1476 |
* - Make an array of boolean values. These can be used for conditionals in the template (<!-- IF something --> whatever <!-- ENDIF something -->) |
|
1477 |
* - Call assign_vars() to pass the strings to the template parser. Same thing with assign_bool(). |
|
1478 |
* - Call run() to parse the template and get your fully compiled HTML. |
|
1479 |
* @access private |
|
1480 |
*/ |
|
1481 |
||
1482 |
class templateIndividual extends template { |
|
1483 |
var $tpl_strings, $tpl_bool, $tpl_code; |
|
1484 |
var $compiled = false; |
|
1485 |
/** |
|
1486 |
* Constructor. |
|
1487 |
*/ |
|
1488 |
function __construct($text) |
|
1489 |
{ |
|
1490 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
1491 |
$this->tpl_code = $text; |
|
1492 |
$this->tpl_strings = $template->tpl_strings; |
|
1493 |
$this->tpl_bool = $template->tpl_bool; |
|
1494 |
} |
|
1495 |
/** |
|
1496 |
* PHP 4 constructor. |
|
1497 |
*/ |
|
1498 |
function templateIndividual($text) |
|
1499 |
{ |
|
1500 |
$this->__construct($text); |
|
1501 |
} |
|
1502 |
/** |
|
1503 |
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file. |
|
1504 |
* @param $vars array |
|
1505 |
*/ |
|
1506 |
function assign_vars($vars) |
|
1507 |
{ |
|
1508 |
$this->tpl_strings = array_merge($this->tpl_strings, $vars); |
|
1509 |
} |
|
1510 |
/** |
|
1511 |
* Assigns an array of boolean values to the template. These can be used for <!-- IF ... --> statements. |
|
1512 |
* @param $vars array |
|
1513 |
*/ |
|
1514 |
function assign_bool($vars) |
|
1515 |
{ |
|
1516 |
$this->tpl_bool = array_merge($this->tpl_bool, $vars); |
|
1517 |
} |
|
1518 |
/** |
|
1519 |
* Compiles and executes the template code. |
|
1520 |
* @return string |
|
1521 |
*/ |
|
1522 |
function run() |
|
1523 |
{ |
|
1524 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
1525 |
if(!$this->compiled) |
|
1526 |
{ |
|
1527 |
$this->tpl_code = $this->compile_template_text($this->tpl_code); |
|
1528 |
$this->compiled = true; |
|
1529 |
} |
|
1530 |
return eval($this->tpl_code); |
|
1531 |
} |
|
1532 |
} |
|
1533 |
||
1534 |
/** |
|
1535 |
* A version of the template compiler that does not rely at all on the other parts of Enano. Used during installation and for showing |
|
1536 |
* "critical error" messages. ** REQUIRES ** the Oxygen theme. |
|
1537 |
*/ |
|
1538 |
||
1539 |
class template_nodb { |
|
1540 |
var $tpl_strings, $tpl_bool, $theme, $style, $no_headers, $additional_headers, $sidebar_extra, $sidebar_widgets, $toolbar_menu, $theme_list; |
|
1541 |
function __construct() { |
|
1542 |
||
1543 |
$this->tpl_bool = Array(); |
|
1544 |
$this->tpl_strings = Array(); |
|
1545 |
$this->sidebar_extra = ''; |
|
1546 |
$this->sidebar_widgets = ''; |
|
1547 |
$this->toolbar_menu = ''; |
|
1548 |
$this->additional_headers = ''; |
|
1549 |
||
1550 |
$this->theme_list = Array(Array( |
|
1551 |
'theme_id'=>'oxygen', |
|
1552 |
'theme_name'=>'Oxygen', |
|
1553 |
'theme_order'=>1, |
|
1554 |
'enabled'=>1, |
|
1555 |
)); |
|
1556 |
} |
|
1557 |
function template() { |
|
1558 |
$this->__construct(); |
|
1559 |
} |
|
1560 |
function get_css($s = false) { |
|
1561 |
if($s) |
|
1562 |
return $this->process_template('css/'.$s); |
|
1563 |
else |
|
1564 |
return $this->process_template('css/'.$this->style.'.css'); |
|
1565 |
} |
|
1566 |
function load_theme($name, $css, $auto_init = true) { |
|
1567 |
$this->theme = $name; |
|
1568 |
$this->style = $css; |
|
1569 |
||
1570 |
$this->tpl_strings['SCRIPTPATH'] = scriptPath; |
|
1571 |
if ( $auto_init ) |
|
1572 |
$this->init_vars(); |
|
1573 |
} |
|
1574 |
function init_vars() |
|
1575 |
{ |
|
1576 |
global $sideinfo; |
|
1577 |
global $this_page; |
|
1578 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
1579 |
$tplvars = $this->extract_vars('elements.tpl'); |
|
1580 |
$tb = ''; |
|
1581 |
// Get the "article" button text (depends on namespace) |
|
1582 |
if(defined('IN_ENANO_INSTALL')) $ns = 'installation page'; |
|
1583 |
else $ns = 'system error page'; |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
1584 |
$t = str_replace('{FLAGS}', 'onclick="if ( !KILL_SWITCH ) { return false; }" title="Hey! A button that doesn\'t do anything. Clever..." accesskey="a"', $tplvars['toolbar_button']); |
1 | 1585 |
$t = str_replace('{HREF}', '#', $t); |
1586 |
$t = str_replace('{TEXT}', $ns, $t); |
|
1587 |
$tb .= $t; |
|
1588 |
||
1589 |
// Page toolbar |
|
1590 |
||
1591 |
$this->tpl_bool = Array( |
|
1592 |
'auth_admin'=>true, |
|
1593 |
'user_logged_in'=>true, |
|
1594 |
'right_sidebar'=>false, |
|
1595 |
); |
|
1596 |
$this->tpl_bool['in_sidebar_admin'] = false; |
|
1597 |
||
1598 |
$this->tpl_bool['auth_rename'] = false; |
|
1599 |
||
1600 |
$asq = $asa = ''; |
|
1601 |
||
1602 |
$this->tpl_bool['fixed_menus'] = false; |
|
1603 |
$slink = defined('IN_ENANO_INSTALL') ? scriptPath.'/install.php?mode=css' : makeUrlNS('Special', 'CSS'); |
|
1604 |
||
1605 |
$title = ( is_object($paths) ) ? $paths->page : 'Critical error'; |
|
1606 |
||
1607 |
// The rewritten template engine will process all required vars during the load_template stage instead of (cough) re-processing everything each time around. |
|
1608 |
$tpl_strings = Array( |
|
1609 |
'PAGE_NAME'=>$this_page, |
|
1610 |
'PAGE_URLNAME'=>'Null', |
|
1611 |
'SITE_NAME'=>'Enano Installation', |
|
1612 |
'USERNAME'=>'admin', |
|
1613 |
'SITE_DESC'=>'Install Enano on your server.', |
|
1614 |
'TOOLBAR'=>$tb, |
|
1615 |
'SCRIPTPATH'=>scriptPath, |
|
1616 |
'CONTENTPATH'=>contentPath, |
|
1617 |
'ADMIN_SID_QUES'=>$asq, |
|
1618 |
'ADMIN_SID_AMP'=>$asa, |
|
1619 |
'ADMIN_SID_AMP_HTML'=>'', |
|
1620 |
'ADDITIONAL_HEADERS'=>'<style type="text/css">div.pagenav { border-top: 1px solid #CCC; padding-top: 7px; margin-top: 10px; }</style>', |
|
1621 |
'SIDEBAR_EXTRA'=>'', |
|
1622 |
'COPYRIGHT'=>'Enano and all of its code, graphics, and more code is copyright © 2006 Dan Fuhry.<br />This program is Free Software; see the file "GPL" included with this package for details.', |
|
1623 |
'TOOLBAR_EXTRAS'=>'', |
|
1624 |
'REQUEST_URI'=>$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'], |
|
1625 |
'STYLE_LINK'=>$slink, |
|
1626 |
'LOGOUT_LINK'=>'', |
|
1627 |
'THEME_LINK'=>'', |
|
1628 |
'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme, |
|
1629 |
'THEME_ID'=>$this->theme, |
|
1630 |
'STYLE_ID'=>$this->style, |
|
1631 |
'JS_DYNAMIC_VARS'=>'<script type="text/javascript">var title="'. $title .'"; var scriptPath="'.scriptPath.'"; var ENANO_SID=""; var AES_BITS='.AES_BITS.'; var AES_BLOCKSIZE=' . AES_BLOCKSIZE . '; var pagepass=\'\';</script>', |
|
1632 |
'SIDEBAR_RIGHT'=>'', |
|
1633 |
); |
|
1634 |
$this->tpl_strings = array_merge($tpl_strings, $this->tpl_strings); |
|
1635 |
||
1636 |
$sidebar = ( gettype($sideinfo) == 'string' ) ? $sideinfo : ''; |
|
1637 |
if($sidebar != '') |
|
1638 |
{ |
|
1639 |
if(isset($tplvars['sidebar_top'])) |
|
1640 |
{ |
|
1641 |
$text = $this->makeParserText($tplvars['sidebar_top']); |
|
1642 |
$top = $text->run(); |
|
1643 |
} else { |
|
1644 |
$top = ''; |
|
1645 |
} |
|
1646 |
$p = $this->makeParserText($tplvars['sidebar_section']); |
|
1647 |
$p->assign_vars(Array( |
|
1648 |
'TITLE'=>'Installation progress', |
|
1649 |
'CONTENT'=>$sidebar, |
|
1650 |
)); |
|
1651 |
$sidebar = $p->run(); |
|
1652 |
if(isset($tplvars['sidebar_bottom'])) |
|
1653 |
{ |
|
1654 |
$text = $this->makeParserText($tplvars['sidebar_bottom']); |
|
1655 |
$bottom = $text->run(); |
|
1656 |
} else { |
|
1657 |
$bottom = ''; |
|
1658 |
} |
|
1659 |
$sidebar = $top . $sidebar . $bottom; |
|
1660 |
} |
|
1661 |
$this->tpl_strings['SIDEBAR_LEFT'] = $sidebar; |
|
1662 |
||
1663 |
$this->tpl_bool['sidebar_left'] = ( $this->tpl_strings['SIDEBAR_LEFT'] != '') ? true : false; |
|
1664 |
$this->tpl_bool['sidebar_right'] = ( $this->tpl_strings['SIDEBAR_RIGHT'] != '') ? true : false; |
|
1665 |
$this->tpl_bool['right_sidebar'] = $this->tpl_bool['sidebar_right']; // backward compatibility |
|
1666 |
$this->tpl_bool['stupid_mode'] = true; |
|
1667 |
} |
|
1668 |
function header() |
|
1669 |
{ |
|
1670 |
if(!$this->no_headers) echo $this->process_template('header.tpl'); |
|
1671 |
} |
|
1672 |
function footer() |
|
1673 |
{ |
|
1674 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
1675 |
if(!$this->no_headers) { |
|
1676 |
global $_starttime; |
|
1677 |
$f = microtime(true); |
|
1678 |
$f = $f - $_starttime; |
|
1679 |
$f = round($f, 4); |
|
1680 |
if(defined('IN_ENANO_INSTALL')) $nq = 'N/A'; |
|
1681 |
else $nq = $db->num_queries; |
|
1682 |
if($nq == 0) $nq = 'N/A'; |
|
1683 |
$dbg = 'Time: '.$f.'s | Queries: '.$nq; |
|
1684 |
$t = $this->process_template('footer.tpl'); |
|
1685 |
$t = str_replace('[[Stats]]', $dbg, $t); |
|
1686 |
echo $t; |
|
1687 |
} |
|
1688 |
else return ''; |
|
1689 |
} |
|
1690 |
function getHeader() |
|
1691 |
{ |
|
1692 |
if(!$this->no_headers) return $this->process_template('header.tpl'); |
|
1693 |
else return ''; |
|
1694 |
} |
|
1695 |
function getFooter() |
|
1696 |
{ |
|
1697 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
1698 |
if(!$this->no_headers) { |
|
1699 |
global $_starttime; |
|
1700 |
$f = microtime(true); |
|
1701 |
$f = $f - $_starttime; |
|
1702 |
$f = round($f, 4); |
|
1703 |
if(defined('IN_ENANO_INSTALL')) $nq = 'N/A'; |
|
1704 |
else $nq = $db->num_queries; |
|
1705 |
if($nq == 0) $nq = 'N/A'; |
|
1706 |
$dbg = 'Time: '.$f.'s | Queries: '.$nq; |
|
1707 |
if($nq == 0) $nq = 'N/A'; |
|
1708 |
$t = $this->process_template('footer.tpl'); |
|
1709 |
$t = str_replace('[[Stats]]', $dbg, $t); |
|
1710 |
return $t; |
|
1711 |
} |
|
1712 |
else return ''; |
|
1713 |
} |
|
1714 |
||
1715 |
function process_template($file) { |
|
1716 |
||
1717 |
eval($this->compile_template($file)); |
|
1718 |
return $tpl_code; |
|
1719 |
} |
|
1720 |
||
1721 |
function extract_vars($file) { |
|
1722 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
1723 |
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file)) die('Cannot find '.$file.' file for style "'.$this->theme.'", exiting'); |
|
1724 |
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file); |
|
1725 |
preg_match_all('#<\!-- VAR ([A-z0-9_-]*) -->(.*?)<\!-- ENDVAR \\1 -->#is', $text, $matches); |
|
1726 |
$tplvars = Array(); |
|
1727 |
for($i=0;$i<sizeof($matches[1]);$i++) |
|
1728 |
{ |
|
1729 |
$tplvars[$matches[1][$i]] = $matches[2][$i]; |
|
1730 |
} |
|
1731 |
return $tplvars; |
|
1732 |
} |
|
1733 |
function compile_template($text) { |
|
1734 |
global $sideinfo; |
|
1735 |
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text); |
|
1736 |
$text = str_replace('<script type="text/javascript" src="{SCRIPTPATH}/ajax.php?title={PAGE_URLNAME}&_mode=jsres"></script>', '', $text); // Remove the AJAX code - we don't need it, and it requires a database connection |
|
1737 |
$text = '$tpl_code = \''.str_replace('\'', '\\\'', $text).'\'; return $tpl_code;'; |
|
1738 |
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if($this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text); |
|
1739 |
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { $tpl_code .= \'', $text); |
|
1740 |
if(defined('IN_ENANO_INSTALL')) $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">Installation progress</a></div><div class="slideblock">'.$sideinfo.'</div></div>', $text); |
|
1741 |
else $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">System error</a></div><div class="slideblock"><a href="#" onclick="return false;">Enano critical error page</a></div></div>', $text); |
|
1742 |
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '', $text); |
|
1743 |
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text); |
|
1744 |
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { $tpl_code .= \'', $text); |
|
1745 |
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } $tpl_code .= \'', $text); |
|
1746 |
$text = preg_replace('#{([A-z0-9]*)}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text); |
|
1747 |
return $text; //('<pre>'.htmlspecialchars($text).'</pre>'); |
|
1748 |
} |
|
1749 |
||
1750 |
function compile_template_text($text) { |
|
1751 |
global $sideinfo; |
|
1752 |
$text = str_replace('<script type="text/javascript" src="{SCRIPTPATH}/ajax.php?title={PAGE_URLNAME}&_mode=jsres"></script>', '', $text); // Remove the AJAX code - we don't need it, and it requires a database connection |
|
1753 |
$text = '$tpl_code = \''.str_replace('\'', '\\\'', $text).'\'; return $tpl_code;'; |
|
1754 |
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if($this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text); |
|
1755 |
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { $tpl_code .= \'', $text); |
|
1756 |
if(defined('IN_ENANO_INSTALL')) $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">Installation progress</a></div><div class="slideblock">'.$sideinfo.'</div></div>', $text); |
|
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
parents:
54
diff
changeset
|
1757 |
else $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">System error</a></div><div class="slideblock"><a href="#" onclick="return false;>Enano critical error page</a></div></div>', $text); |
1 | 1758 |
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '', $text); |
1759 |
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text); |
|
1760 |
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { $tpl_code .= \'', $text); |
|
1761 |
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } $tpl_code .= \'', $text); |
|
1762 |
$text = preg_replace('#{([A-z0-9]*)}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text); |
|
1763 |
return $text; //('<pre>'.htmlspecialchars($text).'</pre>'); |
|
1764 |
} |
|
1765 |
||
1766 |
/** |
|
1767 |
* Allows individual parsing of template files. Similar to phpBB but follows the spirit of object-oriented programming ;) |
|
1768 |
* Returns on object of class templateIndividual. Usage instructions can be found in the inline docs for that class. |
|
1769 |
* @param $filename the filename of the template to be parsed |
|
1770 |
* @return object |
|
1771 |
*/ |
|
1772 |
||
1773 |
function makeParser($filename) |
|
1774 |
{ |
|
1775 |
$filename = ENANO_ROOT.'/themes/'.$this->theme.'/'.$filename; |
|
1776 |
if(!file_exists($filename)) die('templateIndividual: file '.$filename.' does not exist'); |
|
1777 |
$code = file_get_contents($filename); |
|
1778 |
$parser = new templateIndividualSafe($code, $this); |
|
1779 |
return $parser; |
|
1780 |
} |
|
1781 |
||
1782 |
/** |
|
1783 |
* Same as $template->makeParser(), but takes a string instead of a filename. |
|
1784 |
* @param $text the text to parse |
|
1785 |
* @return object |
|
1786 |
*/ |
|
1787 |
||
1788 |
function makeParserText($code) |
|
1789 |
{ |
|
1790 |
$parser = new templateIndividualSafe($code, $this); |
|
1791 |
return $parser; |
|
1792 |
} |
|
1793 |
||
1794 |
} // class template_nodb |
|
1795 |
||
1796 |
/** |
|
1797 |
* Identical to templateIndividual, except extends template_nodb instead of template |
|
1798 |
* @see class template |
|
1799 |
*/ |
|
1800 |
||
1801 |
class templateIndividualSafe extends template_nodb { |
|
1802 |
var $tpl_strings, $tpl_bool, $tpl_code; |
|
1803 |
var $compiled = false; |
|
1804 |
/** |
|
1805 |
* Constructor. |
|
1806 |
*/ |
|
1807 |
function __construct($text, $parent) |
|
1808 |
{ |
|
1809 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
1810 |
$this->tpl_code = $text; |
|
1811 |
$this->tpl_strings = $parent->tpl_strings; |
|
1812 |
$this->tpl_bool = $parent->tpl_bool; |
|
1813 |
} |
|
1814 |
/** |
|
1815 |
* PHP 4 constructor. |
|
1816 |
*/ |
|
1817 |
function templateIndividual($text) |
|
1818 |
{ |
|
1819 |
$this->__construct($text); |
|
1820 |
} |
|
1821 |
/** |
|
1822 |
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file. |
|
1823 |
* @param $vars array |
|
1824 |
*/ |
|
1825 |
function assign_vars($vars) |
|
1826 |
{ |
|
1827 |
if(is_array($this->tpl_strings)) |
|
1828 |
$this->tpl_strings = array_merge($this->tpl_strings, $vars); |
|
1829 |
else |
|
1830 |
$this->tpl_strings = $vars; |
|
1831 |
} |
|
1832 |
/** |
|
1833 |
* Assigns an array of boolean values to the template. These can be used for <!-- IF ... --> statements. |
|
1834 |
* @param $vars array |
|
1835 |
*/ |
|
1836 |
function assign_bool($vars) |
|
1837 |
{ |
|
1838 |
$this->tpl_bool = array_merge($this->tpl_bool, $vars); |
|
1839 |
} |
|
1840 |
/** |
|
1841 |
* Compiles and executes the template code. |
|
1842 |
* @return string |
|
1843 |
*/ |
|
1844 |
function run() |
|
1845 |
{ |
|
1846 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
1847 |
if(!$this->compiled) |
|
1848 |
{ |
|
1849 |
$this->tpl_code = $this->compile_template_text($this->tpl_code); |
|
1850 |
$this->compiled = true; |
|
1851 |
} |
|
1852 |
return eval($this->tpl_code); |
|
1853 |
} |
|
1854 |
} |
|
1855 |
||
1856 |
?> |