Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
--- a/ajax.php Sat Mar 01 23:02:05 2008 -0500
+++ b/ajax.php Sun Mar 02 19:32:19 2008 -0500
@@ -361,7 +361,7 @@
}
// If this is based on a draft version, delete the draft - we no longer need it.
- if ( @$request['used_draft'] )
+ if ( @$request['used_draft'] && !$request['draft'] )
{
$q = $db->sql_query('DELETE FROM ' . table_prefix . 'logs WHERE log_type = \'page\' AND action = \'edit\'
AND page_id = \'' . $db->escape($paths->page_id) . '\'
--- a/includes/clientside/static/acl.js Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/clientside/static/acl.js Sun Mar 02 19:32:19 2008 -0500
@@ -433,6 +433,8 @@
note.appendChild(document.createElement('br'));
note.appendChild(document.createTextNode($lang.get('acl_lbl_save_success_body', { target_name: data.target_name })));
note.appendChild(document.createElement('br'));
+
+ /*
var a = document.createElement('a');
a.href = '#';
a.id = aclManagerID + '_btn_dismiss';
@@ -443,18 +445,28 @@
a.id = aclManagerID + '_btn_close';
a2.appendChild(document.createTextNode(': ' + $lang.get('acl_btn_success_close') + ' ]'));
note.appendChild(a2);
- document.getElementById(aclManagerID + '_main').insertBefore(note, document.getElementById(aclManagerID + '_main').firstChild);
- if(!document.getElementById(aclManagerID+'_deletelnk'))
- document.getElementById(aclManagerID + '_main').innerHTML += '<p id="'+aclManagerID+'_deletelnk" style="text-align: right;"><a href="#delete_acl_rule" onclick="if(confirm(\'' + $lang.get('acl_msg_deleterule_confirm') + '\')) __aclDeleteRule(); return false;" style="color: red;">' + $lang.get('acl_lbl_deleterule') + '</a></p>';
- //fadeInfoBoxes();
- document.getElementById(aclManagerID+'_main').scrollTop = 0;
+ */
+
+ var a_dismiss = document.createElement('a');
+ a_dismiss.href = '#';
+ a_dismiss.appendChild(document.createTextNode('[ ' + $lang.get('acl_btn_success_dismiss') + ' :'));
+ note.appendChild(a_dismiss);
- var a = document.getElementById(aclManagerID + '_btn_dismiss');
- var a2 = document.getElementById(aclManagerID + '_btn_close');
+ var a_close = document.createElement('a');
+ a_close.href = '#';
+ a_close.appendChild(document.createTextNode(': ' + $lang.get('acl_btn_success_close') + ' ]'));
+ note.appendChild(a_close);
+
+ document.getElementById(aclManagerID + '_main').insertBefore(note, document.getElementById(aclManagerID + '_main').firstChild);
- a.setAttribute('onclick', function(e) { this.parentNode.parentNode.removeChild(this.parentNode); return false; });
- a2.setAttribute('onclick', function(e) { killACLManager(); return false; });
+ a_dismiss.setAttribute('onclick', 'var parent = this.parentNode.parentNode; parent.removeChild(this.parentNode); return false;');
+ a_close.setAttribute('onclick', 'killACLManager(); return false;');
+ if ( !document.getElementById(aclManagerID+'_deletelnk') )
+ document.getElementById(aclManagerID + '_main').innerHTML += '<p id="'+aclManagerID+'_deletelnk" style="text-align: right;"><a href="#delete_acl_rule" onclick="if(confirm(\'' + $lang.get('acl_msg_deleterule_confirm') + '\')) __aclDeleteRule(); return false;" style="color: red;">' + $lang.get('acl_lbl_deleterule') + '</a></p>';
+
+ document.getElementById(aclManagerID+'_main').scrollTop = 0;
+
aclDataCache.mode = 'save_edit';
break;
case 'delete':
--- a/includes/clientside/static/enano-lib-basic.js Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/clientside/static/enano-lib-basic.js Sun Mar 02 19:32:19 2008 -0500
@@ -272,6 +272,20 @@
}
}
+// wrapper for window.console
+if ( !window.console )
+{
+ window.console = {
+ log: function() {},
+ debug: function() {},
+ info: function() {},
+ warn: function() {},
+ warning: function() {},
+ error: function() {},
+ write: function() {}
+ }
+}
+
// Do not remove the following comments, they are used by jsres.php.
/*!START_INCLUDER*/
@@ -360,5 +374,4 @@
}
});
-
//*/
--- a/includes/clientside/static/l10n.js Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/clientside/static/l10n.js Sun Mar 02 19:32:19 2008 -0500
@@ -77,6 +77,10 @@
// isn't ready yet
function language_onload_resched()
{
+ if ( window.console )
+ {
+ window.console.info('Delaying language init by 0.2s because language_onload decided that enano_lang[ENANO_LANG_ID] isn\'t ready');
+ }
setTimeout('language_onload();', 200);
}
--- a/includes/clientside/static/login.js Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/clientside/static/login.js Sun Mar 02 19:32:19 2008 -0500
@@ -357,6 +357,28 @@
ajaxLoginShowFriendlyError(response);
}, 2500);
break;
+ case 'login_success_reset':
+ var conf = confirm($lang.get('user_login_ajax_msg_used_temp_pass'));
+ if ( conf )
+ {
+ var url = makeUrlNS('Special', 'PasswordReset/stage2/' + response.user_id + '/' + response.temp_password);
+ window.location = url;
+ }
+ else
+ {
+ // treat as a failure
+ ajaxLoginSetStatus(AJAX_STATUS_DESTROY);
+ document.getElementById('messageBox').style.backgroundColor = '#C0C0C0';
+ var mb_parent = document.getElementById('messageBox').parentNode;
+ new Spry.Effect.Shake(mb_parent, {duration: 1500}).start();
+ setTimeout(function()
+ {
+ document.getElementById('messageBox').style.backgroundColor = '#FFF';
+ ajaxLoginBuildForm(response.respawn_info);
+ // don't show an error here, just silently respawn
+ }, 2500);
+ }
+ break;
case 'noop':
break;
}
--- a/includes/functions.php Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/functions.php Sun Mar 02 19:32:19 2008 -0500
@@ -1025,6 +1025,8 @@
@reset($header_array);
$headers = '';
+ $cc = '';
+ $bcc = '';
while(list(, $header) = each($header_array))
{
if (preg_match('#^cc:#si', $header))
@@ -3101,7 +3103,7 @@
* @return int
*/
-function password_score($password, &$debug)
+function password_score($password, &$debug = false)
{
if ( !is_string($password) )
{
--- a/includes/pageprocess.php Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/pageprocess.php Sun Mar 02 19:32:19 2008 -0500
@@ -369,11 +369,11 @@
}
/**
- * Updates the content of the page.
+ * Updates (saves/changes/edits) the content of the page.
* @param string The new text for the page
* @param string A summary of edits made to the page.
* @param bool If true, the edit is marked as a minor revision
- * @return bool True on success, false on failure
+ * @return bool True on success, false on failure. When returning false, it will push errors to the PageProcessor error stack; read with $page->pop_error()
*/
function update_page($text, $edit_summary = false, $minor_edit = false)
--- a/includes/rijndael.php Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/rijndael.php Sun Mar 02 19:32:19 2008 -0500
@@ -909,7 +909,7 @@
{
$key .= chr(mt_rand(0, 255));
}
- if ( file_exists('/dev/urandom') && is_readable('/dev/urandom') )
+ if ( @file_exists('/dev/urandom') && @is_readable('/dev/urandom') )
{
// Let's use something a little more secure
$ur = @fopen('/dev/urandom', 'r');
--- a/includes/sessions.php Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/sessions.php Sun Mar 02 19:32:19 2008 -0500
@@ -3195,6 +3195,10 @@
$username =& $userinfo['username'];
$password =& $userinfo['password'];
+ // If we're logging in with a temp password, attach to the login_password_reset hook to send our JSON response
+ // A bit hackish since it just dies with the response :-(
+ $plugins->attachHook('login_password_reset', '$this->process_login_request(array(\'mode\' => \'respond_password_reset\', \'user_id\' => $row[\'user_id\'], \'temp_password\' => $row[\'temp_password\']));');
+
// attempt the login
// function login_without_crypto($username, $password, $already_md5ed = false, $level = USER_LEVEL_MEMBER, $captcha_hash = false, $captcha_code = false)
$login_result = $this->login_without_crypto($username, $password, false, intval($req['level']), @$req['captcha_hash'], @$req['captcha_code']);
@@ -3219,6 +3223,7 @@
break;
case 'clean_key':
// Clean out a key, since it won't be used.
+ // This is called when the user clicks Cancel in the AJAX login interface.
if ( !empty($req['key_aes']) )
{
$this->fetch_public_key($req['key_aes']);
@@ -3234,6 +3239,14 @@
'mode' => 'noop'
);
break;
+ case 'respond_password_reset':
+ die(enano_json_encode(array(
+ 'mode' => 'login_success_reset',
+ 'user_id' => $req['user_id'],
+ 'temp_password' => $req['temp_password'],
+ 'respawn_info' => $this->process_login_request(array('mode' => 'getkey'))
+ )));
+ break;
}
}
--- a/includes/template.php Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/template.php Sun Mar 02 19:32:19 2008 -0500
@@ -111,6 +111,8 @@
{
if ( !$theme['group_list'] )
continue;
+ if ( $theme['theme_id'] === getConfig('theme_default') )
+ continue;
switch ( $theme['group_policy'] )
{
case 'allow_all':
@@ -1088,7 +1090,7 @@
if ( !is_file($tpl_file_fullpath) )
{
die_semicritical('Cannot find template file',
- '<p>The template parser was asked to load the file "' . htmlspecialchars($filename) . '", but that file couldn\'t be found in the directory for
+ '<p>The template parser was asked to load the file "' . htmlspecialchars($tpl_file_fullpath) . '", but that file couldn\'t be found in the directory for
the current theme.</p>
<p>Additional debugging information:<br />
<b>Theme currently in use: </b>' . $this->theme . '<br />
@@ -1845,7 +1847,7 @@
break;
case BLOCK_PLUGIN:
$parser = $this->makeParserText('{CONTENT}');
- $c = (gettype($this->fetch_block($row['block_content'])) == 'string') ? $this->fetch_block($row['block_content']) : 'Can\'t find plugin block';
+ $c = (gettype($this->fetch_block($row['block_content'])) == 'string') ? $this->fetch_block($row['block_content']) : /* This used to say "can't find plugin block" but I think it's more friendly to just silently hide it. */ '';
break;
}
$parser->assign_vars(Array( 'TITLE'=>$this->tplWikiFormat($row['block_name']), 'CONTENT'=>$c ));
--- a/plugins/SpecialUserFuncs.php Sat Mar 01 23:02:05 2008 -0500
+++ b/plugins/SpecialUserFuncs.php Sun Mar 02 19:32:19 2008 -0500
@@ -1439,7 +1439,7 @@
require ( ENANO_ROOT.'/includes/captcha.php' );
$captcha = captcha_object($hash, 'freecap');
- $captcha->debug = true;
+ // $captcha->debug = true;
$captcha->make_image();
exit;