diff -r d8156d18ac58 -r 97ae8e9d5e29 plugins/SpecialAdmin.php --- a/plugins/SpecialAdmin.php Thu Sep 27 15:55:37 2007 -0400 +++ b/plugins/SpecialAdmin.php Sat Nov 03 07:43:35 2007 -0400 @@ -4,13 +4,13 @@ Plugin URI: http://enanocms.org/ Description: Provides the page Special:Administration, which is the AJAX frontend to the various Admin pagelets. This plugin cannot be disabled. Author: Dan Fuhry -Version: 1.0.1 +Version: 1.0.2 Author URI: http://enanocms.org/ */ /* * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between - * Version 1.0.2 (Coblynau) + * Version 1.1.1 * Copyright (C) 2006-2007 Dan Fuhry * * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License @@ -48,9 +48,12 @@ function page_Admin_Home() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo '
It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -115,9 +118,12 @@ function page_Admin_GeneralConfig() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -203,6 +209,16 @@ setConfig('pw_strength_minimum', $strength); } + // Account lockout policy + if ( preg_match('/^[0-9]+$/', $_POST['lockout_threshold']) ) + setConfig('lockout_threshold', $_POST['lockout_threshold']); + + if ( preg_match('/^[0-9]+$/', $_POST['lockout_duration']) ) + setConfig('lockout_duration', $_POST['lockout_duration']); + + if ( in_array($_POST['lockout_policy'], array('disable', 'captcha', 'lockout')) ) + setConfig('lockout_policy', $_POST['lockout_policy']); + echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -581,9 +637,12 @@ function page_Admin_PluginManager() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -722,9 +781,12 @@ function page_Admin_UploadAllowedMimeTypes() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -785,9 +847,12 @@ function page_Admin_Sidebar() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -842,9 +907,12 @@ /* function page_Admin_UserManager() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -1112,9 +1180,12 @@ function page_Admin_GroupManager() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -1471,9 +1542,12 @@ function page_Admin_COPPA() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -1544,9 +1618,12 @@ function page_Admin_PageManager() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -1740,9 +1817,12 @@ function page_Admin_PageEditor() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -1840,9 +1920,12 @@ { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -2103,15 +2186,18 @@ function page_Admin_BanControl() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } if(isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id']) && $_GET['id'] != '') { - $e = $db->sql_query('DELETE FROM '.table_prefix.'banlist WHERE ban_id=' . $db->escape($_GET['id']) . ''); + $e = $db->sql_query('DELETE FROM '.table_prefix.'banlist WHERE ban_id=' . intval($_GET['id']) . ''); if(!$e) $db->_die('The ban list entry was not deleted.'); } if(isset($_POST['create']) && !defined('ENANO_DEMO_MODE')) @@ -2215,9 +2301,12 @@ function page_Admin_MassEmail() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -2431,9 +2520,12 @@ function page_Admin_DBBackup() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -2535,9 +2627,12 @@ function page_Admin_AdminLogout() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) { - echo 'It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.
'; + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '
'; return; } @@ -2548,6 +2643,7 @@ function page_Special_Administration() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; if($session->auth_level < USER_LEVEL_ADMIN) { redirect(makeUrlNS('Special', 'Login/'.$paths->page, 'level='.USER_LEVEL_ADMIN), 'Not authorized', 'You need an authorization level of '.USER_LEVEL_ADMIN.' to use this page, your auth level is: ' . $session->auth_level, 0); @@ -2573,7 +2669,7 @@ } if ( t == namespace_list.Admin + 'AdminLogout' ) { - var mb = new messagebox(MB_YESNO|MB_ICONQUESTION, 'Are you sure you want to de-authenticate?', 'If you de-authenticate, you will no longer be able to use the administration panel until you re-authenticate again. You may do so at any time using the Administration button on the sidebar.'); + var mb = new messagebox(MB_YESNO|MB_ICONQUESTION, $lang.get('user_logout_confirm_title_elev'), $lang.get('user_logout_confirm_body_elev')); mb.onclick['Yes'] = function() { var tigraentry = document.getElementById('i_div0_0').parentNode; var tigraobj = $(tigraentry); @@ -2685,7 +2781,7 @@ } else { - echo '