Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
--- a/includes/clientside/static/acl.js Sat Jul 21 18:12:10 2007 -0400
+++ b/includes/clientside/static/acl.js Wed Jul 25 18:06:34 2007 -0400
@@ -316,7 +316,7 @@
act_desc = ( data.type == 'new' ) ? 'Create access rule' : 'Editing permissions';
target_type_t = ( data.target_type == 1 ) ? 'group' : 'user';
target_name_t = data.target_name;
- var scope_type = ( data.page_id == false && data.namespace == false ) ? 'this entire site' : 'this page';
+ var scope_type = ( data.page_id == false && data.namespace == false ) ? 'this entire site' : ( data.namespace == '__PageGroup' ) ? 'this group of pages' : 'this page';
html = '<h2>'+act_desc+'</h2><p>This panel allows you to edit what the '+target_type_t+' "<b>'+target_name_t+'</b>" can do on <b>' + scope_type + '</b>. Unless you set a permission to "Deny", these permissions may be overridden by other rules.</p>';
parser = new templateParser(data.template.acl_field_begin);
html += parser.run();
@@ -390,7 +390,7 @@
b.appendChild(document.createTextNode('Permissions updated'));
note.appendChild(b);
note.appendChild(document.createElement('br'));
- note.appendChild(document.createTextNode('The permissions for '+data.target_name+' on this page have been updated successfully.'));
+ note.appendChild(document.createTextNode('The permissions for '+data.target_name+' on this page have been updated successfully. If you changed permissions that affect your user account, you may not see changes until you reload the page.'));
note.appendChild(document.createElement('br'));
var a = document.createElement('a');
a.href = 'javascript:void(0);';
--- a/includes/clientside/static/comments.js Sat Jul 21 18:12:10 2007 -0400
+++ b/includes/clientside/static/comments.js Wed Jul 25 18:06:34 2007 -0400
@@ -166,7 +166,10 @@
}
}
- // Posting form
+ if ( data.auth_post_comments )
+ {
+
+ // Posting form
html += '<h3>Got something to say?</h3>';
html += '<p>If you have comments or suggestions on this article, you can shout it out here.';
@@ -193,6 +196,8 @@
html += ' </table>';
html += '</div>';
+ }
+
document.getElementById('ajaxEditContainer').innerHTML = html;
for ( i = 0; i < data.comments.length; i++ )
--- a/includes/clientside/static/flyin.js Sat Jul 21 18:12:10 2007 -0400
+++ b/includes/clientside/static/flyin.js Wed Jul 25 18:06:34 2007 -0400
@@ -137,7 +137,11 @@
{
topc = GlideEffect.easeInOut(i, topi, diff_top, frames);
leftc = GlideEffect.easeInOut(i, lefti, diff_left, frames);
- setTimeout('var o = fly_in_cache['+rand_seed+']; o.style.top=\''+topc+'px\'; o.style.left=\''+leftc+'px\';', timeout);
+ var code = 'var o = fly_in_cache['+rand_seed+']; o.style.top=\''+topc+'px\';';
+ if ( !height_taken_care_of )
+ code += ' o.style.left=\''+leftc+'px\'';
+ code += ';';
+ setTimeout(code, timeout);
timeout += timerstep;
var ratio = i / frames;
--- a/includes/clientside/static/misc.js Sat Jul 21 18:12:10 2007 -0400
+++ b/includes/clientside/static/misc.js Wed Jul 25 18:06:34 2007 -0400
@@ -18,8 +18,17 @@
function findParentForm(o)
{
- // Not implemented - someone please let me know how to do this, what I need to do is
- // find the first parent <form> tag above param 'o', not sure how to do it with DOM
+ if ( o.tagName == 'FORM' )
+ return o;
+ while(true)
+ {
+ o = o.parentNode;
+ if ( !o )
+ return false;
+ if ( o.tagName == 'FORM' )
+ return o;
+ }
+ return false;
}
function ajaxReverseDNS(o, text)
@@ -565,6 +574,8 @@
div.innerHTML = 'Go to page:<br /><input type="text" size="2" style="padding: 1px; font-size: 8pt;" value="'+(parseInt(this_page)+1)+'" id="'+vtmp+'" /> <a href="#" onclick="paginator_submit(this, '+num_pages+', '+perpage+', unescape(\'' + escape(url_string) + '\')); return false;" style="font-size: 14pt; text-decoration: none;">»</a> <a href="#" onclick="fly_out_top(this.parentNode, false, true); return false;" style="font-size: 14pt; text-decoration: none;">×</a>';
var body = document.getElementsByTagName('body')[0];
+ domObjChangeOpac(0, div);
+
body.appendChild(div);
document.getElementById(vtmp).onkeypress = function(e){if(e.keyCode==13)this.nextSibling.nextSibling.onclick();};
@@ -576,6 +587,7 @@
var from = '#33FF33';
Fat.fade_element(div.id,30,2000,from,Fat.get_bgcolor(div.id));
*/
+
fly_in_bottom(div, false, true);
var divh = $(div).Width();
@@ -598,3 +610,30 @@
window.location = url;
}
+/**
+ * Insert a DOM object _after_ the specified child.
+ * @param object Parent node
+ * @param object Node to insert
+ * @param object Node to insert after
+ */
+
+function insertAfter(parent, baby, bigsister)
+{
+ try
+ {
+ if ( parent.childNodes[parent.childNodes.length-1] == bigsister )
+ parent.appendChild(baby);
+ else
+ parent.insertBefore(baby, bigsister.nextSibling);
+ }
+ catch(e)
+ {
+ alert(e.toString());
+ if ( window.console )
+ {
+ // Firebug support
+ window.console.warn(e);
+ }
+ }
+}
+
--- a/includes/comment.php Sat Jul 21 18:12:10 2007 -0400
+++ b/includes/comment.php Wed Jul 25 18:06:34 2007 -0400
@@ -233,7 +233,7 @@
// Authorization
// Like the rest of the ACL system, this call is a one-stop check for ALL ACL entries.
if ( !$this->perms->get_permissions('post_comments') )
- $errors[] = 'An ACL entry is preventing the comment from being posted.';
+ $errors[] = 'The site security policy prevents your user account from posting comments;';
// Guest authorization
if ( getConfig('comments_need_login') == '2' && !$session->user_logged_in )
--- a/includes/functions.php Sat Jul 21 18:12:10 2007 -0400
+++ b/includes/functions.php Wed Jul 25 18:06:34 2007 -0400
@@ -1963,7 +1963,7 @@
{
if ( isset($callers[$j]) )
{
- $tmp = ( is_callable($callers[$j]) ) ? @call_user_func($callers[$j], $val, $row) : $v;
+ $tmp = ( is_callable($callers[$j]) ) ? @call_user_func($callers[$j], $val, $row) : $val;
if ( $tmp )
{
--- a/includes/paths.php Sat Jul 21 18:12:10 2007 -0400
+++ b/includes/paths.php Wed Jul 25 18:06:34 2007 -0400
@@ -853,6 +853,8 @@
$group_list[] = $row['pg_id'];
}
+ $db->free_result();
+
// Static-page groups
$q = $db->sql_query('SELECT g.pg_id FROM '.table_prefix.'page_groups AS g
LEFT JOIN '.table_prefix.'page_group_members AS m
--- a/plugins/SpecialAdmin.php Sat Jul 21 18:12:10 2007 -0400
+++ b/plugins/SpecialAdmin.php Wed Jul 25 18:06:34 2007 -0400
@@ -39,6 +39,9 @@
));
');
+// Admin pages that were too enormous to be in this file were split off into the plugins/admin/ directory in 1.0.1
+require(ENANO_ROOT . '/plugins/admin/PageGroups.php');
+
// function names are IMPORTANT!!! The name pattern is: page_<namespace ID>_<page URLname, without namespace>
function page_Admin_Home() {
@@ -138,6 +141,7 @@
case "sql_inject": echo 'SQL injection attempt<div style="max-width: 90%; clip: rect(0px,auto,auto,0px); overflow: auto; display: block; font-size: smaller;">Offending query: ' . htmlspecialchars($r['page_text']) . '</div>'; break;
case "db_backup": echo 'Database backup created<br /><small>Tables: ' . $r['page_text'] . '</small>'; break;
case "install_enano": echo "Installed Enano version {$r['page_text']}"; break;
+ case "upgrade_enano": echo "Upgraded Enano to version {$r['page_text']}"; break;
}
echo '</td><td class="'.$cls.'">'.date('d M Y h:i a', $r['time_id']).'</td><td class="'.$cls.'">'.$r['author'].'</td><td class="'.$cls.'" style="cursor: pointer;" onclick="ajaxReverseDNS(this);" title="Click for reverse DNS info">'.$r['edit_summary'].'</td></tr>';
}
@@ -1710,487 +1714,6 @@
}
}
-function page_Admin_PageGroups()
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
- if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
- {
- echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
- return;
- }
-
- if ( isset($_POST['action']) )
- {
- if ( isset($_POST['action']['create']) || isset($_POST['action']['create_stage2']) )
- {
- switch ( isset($_POST['action']['create_stage2']) )
- {
- case true:
- if ( empty($_POST['pg_name']) || empty($_POST['group_type']) )
- {
- echo '<div class="error-box">Please enter a name for the page group.</div>';
- return;
- }
- if ( $_POST['group_type'] == PAGE_GRP_TAGGED && empty($_POST['member_tag']) )
- {
- echo '<div class="error-box">Please enter a page tag.</div>';
- return;
- }
- if ( $_POST['group_type'] == PAGE_GRP_CATLINK && empty($_POST['member_cat']) )
- {
- echo '<div class="error-box">Please create a category page before linking a page group to a category.</div>';
- return;
- }
- if ( $_POST['group_type'] == PAGE_GRP_NORMAL && empty($_POST['member_page_0']) )
- {
- echo '<div class="error-box">Please specify at least one page to place in this group.</div>';
- return;
- }
- if ( $_POST['group_type'] != PAGE_GRP_TAGGED && $_POST['group_type'] != PAGE_GRP_CATLINK && $_POST['group_type'] != PAGE_GRP_NORMAL )
- {
- echo '<div class="error-box">Umm, you sent an invalid group type. I\'d put a real error message here but this will only be shown if you try to hack the system.</div>';
- return;
- }
- // All checks passed, create the group
- switch($_POST['group_type'])
- {
- case PAGE_GRP_TAGGED:
- $name = $db->escape($_POST['pg_name']);
- $tag = $db->escape($_POST['member_tag']);
- $sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_TAGGED . ', \'' . $name . '\', \'' . $tag . '\');';
- $q = $db->sql_query($sql);
- if ( !$q )
- $db->_die();
- break;
- case PAGE_GRP_CATLINK:
- $name = $db->escape($_POST['pg_name']);
- $cat = $db->escape($_POST['member_cat']);
- $sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_CATLINK . ', \'' . $name . '\', \'' . $cat . '\');';
- $q = $db->sql_query($sql);
- if ( !$q )
- $db->_die();
- break;
- case PAGE_GRP_NORMAL:
- $name = $db->escape($_POST['pg_name']);
- $sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name) VALUES(' . PAGE_GRP_NORMAL . ', \'' . $name . '\');';
- $q = $db->sql_query($sql);
- if ( !$q )
- $db->_die();
-
- $ins_id = $db->insert_id();
-
- // Page list
- $keys = array_keys($_POST);
- $arr_pages = array();
- foreach ( $keys as $val )
- {
- if ( preg_match('/^member_page_([0-9]+?)$/', $val) && !empty($_POST[$val]) )
- {
- $arr_pages[] = $_POST[$val];
- }
- }
- $arr_sql = array();
- foreach ( $arr_pages as $page )
- {
- list($id, $ns) = RenderMan::strToPageID($page);
- $id = sanitize_page_id($id);
- $arr_sql[] = '(' . $ins_id . ',\'' . $db->escape($id) . '\', \'' . $ns . '\')';
- }
- $sql = 'INSERT INTO '.table_prefix.'page_group_members(pg_id,page_id,namespace) VALUES' . implode(',', $arr_sql) . ';';
- $q = $db->sql_query($sql);
- if ( !$q )
- $db->_die();
- break;
- }
- echo '<div class="info-box">The page group "' . htmlspecialchars($_POST['pg_name']) . '" has been created.</div>';
- break;
- }
- // A little Javascript magic
- ?>
- <script language="javascript" type="text/javascript">
- function pg_create_typeset(selector)
- {
- var pg_normal = <?php echo PAGE_GRP_NORMAL; ?>;
- var pg_tagged = <?php echo PAGE_GRP_TAGGED; ?>;
- var pg_catlink = <?php echo PAGE_GRP_CATLINK; ?>;
- var selection = false;
- // Get selection
- for ( var i = 0; i < selector.childNodes.length; i++ )
- {
- var child = selector.childNodes[i];
- if ( !child || child.tagName != 'OPTION' )
- {
- continue;
- }
- if ( child.selected )
- {
- selection = child.value;
- }
- }
- if ( !selection )
- {
- alert('Cannot get field value');
- return true;
- }
- selection = parseInt(selection);
- if ( selection != pg_normal && selection != pg_tagged && selection != pg_catlink )
- {
- alert('Invalid field value');
- return true;
- }
-
- // We have the selection and it's validated; show the appropriate field group
-
- if ( selection == pg_normal )
- {
- document.getElementById('pg_create_title_catlink').style.display = 'none';
- document.getElementById('pg_create_catlink_1').style.display = 'none';
- document.getElementById('pg_create_catlink_2').style.display = 'none';
-
- document.getElementById('pg_create_title_tagged').style.display = 'none';
- document.getElementById('pg_create_tagged_1').style.display = 'none';
- document.getElementById('pg_create_tagged_2').style.display = 'none';
-
- document.getElementById('pg_create_title_normal').style.display = 'inline';
- document.getElementById('pg_create_normal_1').style.display = 'block';
- document.getElementById('pg_create_normal_2').style.display = 'block';
- }
- else if ( selection == pg_catlink )
- {
- document.getElementById('pg_create_title_catlink').style.display = 'inline';
- document.getElementById('pg_create_catlink_1').style.display = 'block';
- document.getElementById('pg_create_catlink_2').style.display = 'block';
-
- document.getElementById('pg_create_title_tagged').style.display = 'none';
- document.getElementById('pg_create_tagged_1').style.display = 'none';
- document.getElementById('pg_create_tagged_2').style.display = 'none';
-
- document.getElementById('pg_create_title_normal').style.display = 'none';
- document.getElementById('pg_create_normal_1').style.display = 'none';
- document.getElementById('pg_create_normal_2').style.display = 'none';
- }
- else if ( selection == pg_tagged )
- {
- document.getElementById('pg_create_title_catlink').style.display = 'none';
- document.getElementById('pg_create_catlink_1').style.display = 'none';
- document.getElementById('pg_create_catlink_2').style.display = 'none';
-
- document.getElementById('pg_create_title_tagged').style.display = 'inline';
- document.getElementById('pg_create_tagged_1').style.display = 'block';
- document.getElementById('pg_create_tagged_2').style.display = 'block';
-
- document.getElementById('pg_create_title_normal').style.display = 'none';
- document.getElementById('pg_create_normal_1').style.display = 'none';
- document.getElementById('pg_create_normal_2').style.display = 'none';
- }
-
- }
-
- // Set to pg_normal on page load
- var pg_createform_init = function()
- {
- document.getElementById('pg_create_title_catlink').style.display = 'none';
- document.getElementById('pg_create_catlink_1').style.display = 'none';
- document.getElementById('pg_create_catlink_2').style.display = 'none';
-
- document.getElementById('pg_create_title_tagged').style.display = 'none';
- document.getElementById('pg_create_tagged_1').style.display = 'none';
- document.getElementById('pg_create_tagged_2').style.display = 'none';
-
- document.getElementById('pg_create_title_normal').style.display = 'inline';
- document.getElementById('pg_create_normal_1').style.display = 'block';
- document.getElementById('pg_create_normal_2').style.display = 'block';
- }
-
- addOnloadHook(pg_createform_init);
-
- function pg_create_more_fields()
- {
- var targettd = document.getElementById('pg_create_normal_2');
- var id = 0;
- for ( var i = 0; i < targettd.childNodes.length; i++ )
- {
- var child = targettd.childNodes[i];
- if ( child.tagName == 'INPUT' )
- {
- if ( child.type == 'button' )
- {
- var newInp = document.createElement('input');
- // <input type="text" name="member_page_1" id="pg_create_member_1" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
- newInp.type = 'text';
- newInp.name = 'member_page_' + id;
- newInp.id = 'pg_create_member_' + id;
- newInp.onkeyup = function(e) { return ajaxPageNameComplete(this); };
- newInp.size = '30';
- newInp.style.marginTop = '3px';
- targettd.insertBefore(newInp, child);
- targettd.insertBefore(document.createElement('br'), child);
- break;
- }
- else // if ( child.type == 'text' )
- {
- id++;
- }
- }
- }
- }
-
- </script>
- <?php
-
- // Build category list
- $q = $db->sql_query('SELECT name,urlname FROM '.table_prefix.'pages WHERE namespace=\'Category\';');
- if ( !$q )
- $db->_die();
-
- if ( $db->numrows() < 1 )
- {
- $catlist = 'There aren\'t any categories on this site.';
- }
- else
- {
- $catlist = '<select name="member_cat">';
- while ( $row = $db->fetchrow() )
- {
- $catlist .= '<option value="' . htmlspecialchars($row['urlname']) . '">' . htmlspecialchars($row['name']) . '</option>';
- }
- $catlist .= '</select>';
- }
-
- echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
-
- echo '<div class="tblholder">
- <table border="0" cellspacing="1" cellpadding="4">
- <tr>
- <th colspan="2">Create page group</th>
- </tr>';
-
- // Name
- echo '<tr>
- <td class="row2">
- Group name:<br />
- <small>This should be short, descriptive, and human-readable.</small>
- </td>
- <td class="row1">
- <input type="text" name="pg_name" size="30" />
- </td>
- </tr>';
-
- // Group type
- echo '<tr>
- <td class="row2">
- Group type:
- </td>
- <td class="row1">
- <select name="group_type" onchange="pg_create_typeset(this);">
- <option value="' . PAGE_GRP_NORMAL . '" selected="selected">Static group of pages</option>
- <option value="' . PAGE_GRP_TAGGED . '">Group of pages with one tag</option>
- <option value="' . PAGE_GRP_CATLINK . '">Link to category</option>
- </select>
- </td>
- </tr>';
-
- // Titles
- echo '<tr>
- <th colspan="2">
- <span id="pg_create_title_normal">
- Static group of pages
- </span>
- <span id="pg_create_title_tagged">
- Group of commonly tagged pages
- </span>
- <span id="pg_create_title_catlink">
- Mirror a category
- </span>
- </th>
- </tr>';
-
- echo '<tr>
- <td class="row2">
- <div id="pg_create_normal_1">
- Member pages:<br />
- <small>Click the "plus" button to add more fields.</small>
- </div>
- <div id="pg_create_catlink_1">
- Include pages in this category:<br />
- <small>Pages in subcategories are <u>not</u> included, however subcategory pages themselves are.</small>
- </div>
- <div id="pg_create_tagged_1">
- Include pages with this tag:
- </div>
- </td>';
-
- echo ' <td class="row1">
- <div id="pg_create_normal_2" />
- <input type="text" style="margin-top: 3px;" name="member_page_0" id="pg_create_member_0" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
- <input type="text" style="margin-top: 3px;" name="member_page_1" id="pg_create_member_1" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
- <input type="text" style="margin-top: 3px;" name="member_page_2" id="pg_create_member_2" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
- <input type="text" style="margin-top: 3px;" name="member_page_3" id="pg_create_member_3" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
- <input type="text" style="margin-top: 3px;" name="member_page_4" id="pg_create_member_4" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
- <input type="button" onclick="pg_create_more_fields(); return false;" style="margin-top: 5px;" value=" + " />
- </div>
- <div id="pg_create_tagged_2">
- <input type="text" name="member_tag" size="30" />
- </div>
- <div id="pg_create_catlink_2">
- ' . $catlist . '
- </div>
- </td>
- </tr>';
-
- // Submit button
- echo '<tr>
- <th class="subhead" colspan="2"><input type="submit" name="action[create_stage2]" value="Create page group" style="font-weight: bold;" /> <input type="submit" name="action[noop]" value="Cancel" style="font-weight: normal;" /></th>
- </tr>';
-
- echo '</table>
- </div>';
-
- echo '</form>';
- return;
- }
- else if ( isset($_POST['action']['del']) )
- {
- // Confirmation to delete a group (this is really only a stub)
-
- $delete_id = array_keys($_POST['action']['del']);
- $delete_id = intval($delete_id[0]);
-
- if ( !empty($delete_id) )
- {
- echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
- echo '<input type="hidden" name="delete_id" value="' . $delete_id . '" />';
- echo '<div class="tblholder">';
- echo ' <table border="0" cellspacing="1" cellpadding="4">';
- echo ' <tr><th>Confirm deletion</th></tr>';
- echo ' <tr><td class="row2" style="text-align: center; padding: 20px 0;">Are you sure you want to delete this page group?</td></tr>';
- echo ' <tr><td class="row1" style="text-align: center;">';
- echo ' <input type="submit" name="action[del_confirm]" value="Yes, delete group" style="font-weight: bold;" />';
- echo ' <input type="submit" name="action[noop]" value="Cancel" style="font-weight: normal;" />';
- echo ' </td></tr>';
- echo ' </table>';
- echo '</form>';
-
- return;
- }
- }
- else if ( isset($_POST['action']['del_confirm']) )
- {
- $delete_id = intval($_POST['delete_id']);
- if ( empty($delete_id) )
- {
- echo 'Hack attempt';
- return;
- }
- // Obtain group name
- $q = $db->sql_query('SELECT pg_name FROM '.table_prefix.'page_groups WHERE pg_id=' . $delete_id . ';');
- if ( !$q )
- $db->_die();
- if ( $db->numrows() < 1 )
- {
- echo 'Page group dun exist.';
- return;
- }
- $row = $db->fetchrow();
- $pg_name = $row['pg_name'];
- unset($row);
- // Delete the group
- $q = $db->sql_query('DELETE FROM '.table_prefix.'page_groups WHERE pg_id=' . $delete_id . ';');
- if ( !$q )
- $db->_die();
- $q = $db->sql_query('DELETE FROM '.table_prefix.'page_group_members WHERE pg_id=' . $delete_id . ';');
- if ( !$q )
- $db->_die();
- echo "<div class='info-box'>The group ".'"'."$pg_name".'"'." has been deleted.</div>";
- }
- else if ( isset($_POST['action']['edit']) )
- {
- return;
- }
- else if ( isset($_POST['action']['noop']) )
- {
- // Do nothing
- }
- else
- {
- echo '<div class="error-box">Invalid format of $_POST[action].</div>';
- }
- }
- // No action defined - show default menu
- $q = $db->sql_query('SELECT pg_id, pg_type, pg_name, pg_target FROM '.table_prefix.'page_groups;');
- if ( !$q )
- $db->_die();
-
- echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
-
- echo '<div class="tblholder">
- <table border="0" cellspacing="1" cellpadding="4">
- <tr>
- <th>Group name</th>
- <th>Type</th>
- <th>Target</th>
- <th colspan="2">Actions</th>
- </tr>';
-
- if ( $row = $db->fetchrow() )
- {
- do
- {
- $name = htmlspecialchars($row['pg_name']);
- $type = 'Invalid';
- switch ( $row['pg_type'] )
- {
- case PAGE_GRP_CATLINK:
- $type = 'Link to category';
- break;
- case PAGE_GRP_TAGGED:
- $type = 'Set of tagged pages';
- break;
- case PAGE_GRP_NORMAL:
- $type = 'Static set of pages';
- break;
- }
- $target = '';
- if ( $row['pg_type'] == PAGE_GRP_TAGGED )
- {
- $target = 'Tag: ' . htmlspecialchars($row['pg_target']);
- }
- else if ( $row['pg_type'] == PAGE_GRP_CATLINK )
- {
- $target = 'Category: ' . htmlspecialchars(get_page_title($paths->nslist['Category'] . sanitize_page_id($row['pg_target'])));
- }
- $btn_edit = '<input type="submit" name="action[edit][' . $row['pg_id'] . ']" value="Edit" />';
- $btn_del = '<input type="submit" name="action[del][' . $row['pg_id'] . ']" value="Delete" />';
- // stupid jEdit bug/hack
- $quot = '"';
- echo "<tr>
- <td class={$quot}row1{$quot}>$name</td>
- <td class={$quot}row2{$quot}>$type</td>
- <td class={$quot}row1{$quot}>$target</td>
- <td class={$quot}row3{$quot} style={$quot}text-align: center;{$quot}>$btn_edit</td>
- <td class={$quot}row3{$quot} style={$quot}text-align: center;{$quot}>$btn_del</td>
- </tr>";
- }
- while ( $row = $db->fetchrow() );
- }
- else
- {
- echo ' <tr><td class="row3" colspan="5" style="text-align: center;">No page groups defined.</td></tr>';
- }
-
- echo ' <tr>
- <th class="subhead" colspan="5">
- <input type="submit" name="action[create]" value="Create new group" />
- </th>
- </tr>';
-
- echo ' </table>
- </div>';
-
- echo '</form>';
-
-}
-
function page_Admin_ThemeManager()
{
--- a/plugins/SpecialUserPrefs.php Sat Jul 21 18:12:10 2007 -0400
+++ b/plugins/SpecialUserPrefs.php Wed Jul 25 18:06:34 2007 -0400
@@ -399,7 +399,7 @@
echo '<div class="info-box" style="margin: 0 0 10px 0;">Your signature has been saved.</div>';
}
echo '<form action="'.makeUrl($paths->fullpage).'" method="post">';
- echo $template->tinymce_textarea('new_sig', $session->signature);
+ echo $template->tinymce_textarea('new_sig', htmlspecialchars($session->signature));
echo '<input type="submit" value="Save signature" />';
echo '</form>';
break;
--- a/themes/oxygen/header.tpl Sat Jul 21 18:12:10 2007 -0400
+++ b/themes/oxygen/header.tpl Wed Jul 25 18:06:34 2007 -0400
@@ -22,7 +22,7 @@
{
elem.style.display = 'block';
counter.style.display = 'none';
- elem.parentNode.style.width = '156px';
+ elem.parentNode.style.width = '';
if ( !KILL_SWITCH )
{
createCookie(side+'_sidebar', 'open', 365);
--- a/upgrade.php Sat Jul 21 18:12:10 2007 -0400
+++ b/upgrade.php Wed Jul 25 18:06:34 2007 -0400
@@ -705,6 +705,9 @@
}
}
+ // Log the upgrade
+ $q = $db->sql_query('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,page_text,edit_summary) VALUES(\'security\', \'upgrade_enano\', ' . time() . ', \'' . date('d M Y h:i a') . '\', \'' . mysql_real_escape_string($session->username) . '\', \'' . mysql_real_escape_string($this_version) . '\', \'' . mysql_real_escape_string($_SERVER['REMOTE_ADDR']) . '\');');
+
echo 'done!</p>';
echo '<p>You will be redirected shortly. If you aren\'t redirected, <a href="index.php">click here</a>.</p>
<script type="text/javascript">setTimeout("window.location=\'index.php\'", 2000)</script>';